Question

令牌在本地存储和会话存储中的存储方式如何产生代币并且对于角度应用程序的管理员用户身份验证是安全的使用令牌存储的角度身份验证与浏览器或应用程序中的会话存储一样安全

Answer 1

Local storage is a new feature of HTML5 that basically allows you (a web developer) to store any information you want in your user’s browser using JavaScript. 
In practice, local storage is just one big old JavaScript object that you can attach data to (or remove data from). 
Example:
// Considering it as a object
localStorage.userName = "highskillzz";
//or this way!
localStorage.setItem("objects", "0");

// Once data is in localStorage, it'll stay there forever until it // is removed explicitly 
console.log(localStorage.userName + " has " + localStorage.objects + " number of objects.");

// Removing data from local storage is also pretty easy. Uncomment 
// below lines
//localStorage.removeItem("userName");
//localStorage.removeItem("objects");

It was designed to be a simple string only key/value store that developers could use to build slightly more complex single page apps. That’s it.

Answer 2

根据我对 JWT、本地/会话存储和您的问题的理解，使用会话存储来存储 JWT 是理想的选择，因为每个浏览器选项卡的会话存储都是独立的。开发人员以这种方式管理令牌更容易。

在安全性方面，鉴于 JWT 是短暂的，本地和会话存储都应该没问题。

使用JWT令牌会话存储与本地存储的身份验证，哪种身份验证是安全的，以及如何进行身份验证

2 个答案: