S
SolidJS•12mo ago
GraysonT

Solid JS + Auth (How to store the credential)

Q1: What is the most secure and efficient way to store and use credentials in a SolidJS application without using solid-start? I am considering using - cookies only - tokens only - cookies + tokens but I am unsure about which storage mechanism and libraries to utilize. One thing I may want to avoid is to use session or local storage as it's not secure. But I realized that I can't persist the credentials. May I know what kind of methods u prefer in client side authentication? Q2: Additionally, how can I perform Axios requests if I opt to use cookies, given the need for a token?
7 Replies
GraysonT
GraysonT•12mo ago
🫡 Any opinions are welcome
mdynnl
mdynnl•12mo ago
same site http only cookies + axios.defaults.withCredentials = true tokens if the api needs to be exposed to non browser environments like native where they have some sort of secure storage
GraysonT
GraysonT•12mo ago
so http cookies could be the one to authenticate my app? is it possible to store my user information with token in http cookies, and access from my solid js? when use axios send the request, the cookies associted with the request, anything related to cookies will handle by backend? am I getting it correct?
mdynnl
mdynnl•12mo ago
http only cookies are only meant to be accessible from server of the same site (except for same site: none which also requires https) potentially you could store anything in http cookies but that'd be useless for above reason so you'd usually store a session id associated to a user in that cookie just for identifying the user the latter part of the response is correct non-sensitive user info could be stored anywhere as long as you don't use that info for auth which is already handled by http only cookies + backend CMIIW though, auth is such a complicated matter after all
GraysonT
GraysonT•12mo ago
In this case, can I understand like if non-sensitive user info can be store in the local storage but for the session id/token can be store in httpcookies, but both backend and frontend must hosted on same AWS vm instance
mdynnl
mdynnl•12mo ago
yeah same site (domain name or subs in case of Lax) as far as the browser is concerned, where you host which part, same vm or different entirely depends on the setup
GraysonT
GraysonT•12mo ago
I see. I believe I have enough information to kick start. Thank you for ur suggestion and guidanceđź‘Ť
Want results from more Discord servers?
Add your server
More Posts
Solid-testing library TS-eslint-errorsHey< I am just starting out using solids testing library and setup my project according to this exaSolid-start client side state best practicesHey folks, I noticed that the docs are still missing the section on the various kinds of applicatioSolid-start-vercel rollup errorHey, I am trying to build my solidstart app with solid-start-vercel package included (it works just Not sure whether I'm using reactivity right... (Codereview)Ok so I recently ported my personal project to Solid coming from React, and while I did it I kind ofHow to improve performance in my code?```js const CompareStats = () => { const [shown, setShown] = createSignal<Element[]>([]); consfetch in createEffect?When a set of conditions are satisfied on some state, I want to execute an http request to the serveCoordinating Signals in a Layout SystemHi all, I'm trying to implement a layout system in SolidJS that works similarly to mobile frameworksSignals not updating in <For> tagI have code that looks like this: ```jsx const [grid, updateGrid] = createSignal(new Array(10).fill(Navigate then perform actionThis function is an event handler for a bunch of buttons. It's prop(para) is different for each butttypescript csspropertiesSolid accepts a type `CSSProperties` in `style` attributes. I want to `createMemo()` with a style va