Hello, i’m creating website using go templ with htmx as stack (i never done frontend before) How do I store/use jwt on frontend? I have login form that sends username and password over https, i’m doing authorization on the server, generating jwt and then what? i can return jwt as text/plain. Are there any small js library for handling login/singup form and then storing jwt token in http only cookie?
Hi
Although I’m no Go expert, I still may be able to point you in the right direction.
When you receive your token response from Auth0 store it as a cookie HTTP only, Secure with Samesite attribute set to Strict.
Your JWT will have a limited lifespan, are you getting a Refresh Token in your response (This will also require storing as a secure Cookie). What happens if you send an expired JWT to your backend services?
For available libraries, have a look at jwt.io and click the libraries section (These are for jwt validation and retrieving certain JWT claims).
For js-libraries for Cookies take a look at js-cookie on Github.
Personally, I would make my Frontend, ‘talk’ to a login service which handles all the Auth0 handshaking and authentication/authorisation. The login service would take the token response from Auth0 and create the Secure Cookies and add then to the response back to the Frontend (this is very easy to do in Java Spring Boot).
Hope this gives you some help
Regards
Richard
1 Like
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.