Hello all
I have a question about how to store the access tokens safely in a browser. Hope it is not out of topic
I’m using FastAPI’s tutorial on OAuth2 to implement a password based login system. Now if I want to integrate it with my frontend, I’m confused on where to store the access token.
On searching the web, most of the articles are outdated or is tightly coupled with a major framework like React etc. What I would like to do is vanilla Javascript based solution with no dependencies.
This is purely for learning purposes but I don’t want to learn it the wrong way by lowering the bars of security.
My first guess is to use Local Storage but a few websites say that it is insecure. So what really is the good approach? Is there a good write-up on this topic that applies to the current state of technology (like no third party cookies, Firefox containers etc.).
Thank you!