0π
It is very hard to answer, without knowing your exact server-side solution, or your client-side needs.
Here are some links to research further:
-
Vuex will not store in localstorage by default, and will not persist a page reload.
-
localstorage will persist, and can therefore be a security concern.
-
Sessionstorage will persist a page reload, but not after a browser restart.
-
A combination of refresh token in localstorage and access token in sessionstorage might be a good solution.
-
HttpOnly is also a viable solution, since you have access to the back-end
- [Vuejs]-Vue β Create New Project failing
- [Vuejs]-Error: Cannot find module 'babel-code-frame' in VUEJS ( ESLINT)
0π
I Normally use Vuex to store the token and then I put axios.defaults.headers.common['Authorization'] = `Bearer ${store.getters.token}`;
Inside the main.js, then the token is always send with the axios requests
Source:stackexchange.com