DEV Community

Cover image for Sessions and Cookies and (local)Storage, Oh My!

Sessions and Cookies and (local)Storage, Oh My!

El Marshall (she/they) on June 12, 2020

Cookies, Sessions, and LocalStorage are all methods of storing data client-side, and specifically on the user's browser. Why do we have so many dif...
Collapse
 
atleastitry profile image
Matt Hope

Also probably worth noting that localstorage probably shouldn’t be used for sensitive information (like user passwords session identifies, etc) as it’s susceptible to xss attacks.

Collapse
 
patarapolw profile image
Pacharapol Withayasakpunt

What do you think about firebase auth being in localStorage by default?

Although can be set in cookies as well. I tried, but I failed...

Collapse
 
atleastitry profile image
Matt Hope

Hmm ideally you don’t wanna be putting any sensitive data in local storage as its openly accessible via JS. What problems did you have with configuring your session via cookies?

Thread Thread
 
patarapolw profile image
Pacharapol Withayasakpunt • Edited
  • How do I get csrfToken from the server? Another HTTPS request, or just js-cookie? There is no form or template rendering here...
    • Actually, IIRC, cookie is just a line of string to be parsed.
  • I want to persist not only session itself, but also user credentials.
Thread Thread
 
dpkahuja profile image
Deepak Ahuja 👨‍💻

Encryt both fields to jwt and set it in cookie-session.

Thread Thread
 
dpkahuja profile image
Deepak Ahuja 👨‍💻
Collapse
 
elmarshall profile image
El Marshall (she/they)

Good point, I'll make an update.

Collapse
 
gsarig profile image
Giorgos Sarigiannidis • Edited

Maybe the size difference could be a part of the comparison table, as in some cases it might be the key factor in one's decision.

Collapse
 
david_ojes profile image
David Ojesekhoba

Really informative!
I recently had to use localStorage for a voting app I'm working on in .NET

Collapse
 
a1tem profile image
Artem Petrusenko • Edited

You forgot to add if we use SSR we don’t have an access to the local storage :-( but we can still use cookies

Collapse
 
willwallaceii profile image
William Wallace

What is a good example for using local storage?