Using HTTP only cookies (authentication tokens) in client components.
Unanswered
American Sable posted this in #help-forum
American SableOP
I am storing my access and refresh token as HTTP only cookies.
How do you guys get access to these tokens in the apis called from client components (react query), I want to use the access token as Bearer token.
How do you guys get access to these tokens in the apis called from client components (react query), I want to use the access token as Bearer token.
16 Replies
or u build a hook that will be populated when layout mounts
with the token
@American Sable I am storing my access and refresh token as HTTP only cookies.
How do you guys get access to these tokens in the apis called from client components (react query), I want to use the access token as Bearer token.
Saltwater Crocodile
Are you using any authentication library
@Saltwater Crocodile Are you using any authentication library
American SableOP
No, using a laravel api.
@gin u pass the token down from a rsc
American SableOP
Passing the token down to RSC is a good approach but I want to make the token access centrally on a Authorization headers.
@American Sable Passing the token down to RSC is a good approach but I want to make the token access centrally on a Authorization headers.
Saltwater Crocodile
well, you can also create a function that uses the token with react query and the use that for your auth queries
American SableOP
I was using server actions to get Http only cookies and it works but that might not be a good approach. It is calling middleware everytime even though sending request from react query.
Saltwater Crocodile
Better still you can use a hook
@Saltwater Crocodile Better still you can use a hook
American SableOP
But how do I populate my hook, by passing tokens from layout and store it in a global context?
@American Sable But how do I populate my hook, by passing tokens from layout and store it in a global context?
American SableOP
But I had read to not store HTTP only cookies in redux or context etc
@American Sable But how do I populate my hook, by passing tokens from layout and store it in a global context?
Saltwater Crocodile
Okay, so after logging in you can just store your tokens somewhere globally right
@American Sable But I had read to not store HTTP only cookies in redux or context etc
Saltwater Crocodile
Also you can access cookies in your client components as well
Not HTTP only cookies
Just do what gin said. Get the cookie from the server component and pass it to the client component via prop.
By the way the whole point of http only cookie is to not make it available to client side JavaScript so what you are doing just… defeats the whole purpose? Why did you make it a http only cookie in the first place
By the way the whole point of http only cookie is to not make it available to client side JavaScript so what you are doing just… defeats the whole purpose? Why did you make it a http only cookie in the first place