Save JWT token in Cookies with httpOnly and Secure flags?

[manishoctal]

Is there any support to save JWT token in Cookies with httpOnly and Secure flags? Right now it is saving into localstorage. It has less secure.

[WormJim]

@manishoctal This hook does not store anything in the browsers cookie context. You'll have to create a hook yourself, or simply set a cookie using document.cookie = "name=value; "

Also, be aware, you cannot set/get an http only cookie via JavaScript. They are solely created via http, hence the options name. You'll need to create them on your server and send them up to your client to be set. If your server and client are on different origins, you'll need to allow cross origin. Be aware though, this can cause security concerns if you do not handle them correctly.

Anyway, there are plenty of packages out there for you to either create cookies in the browser or server. If you'd like to create your own cookie hook, look at w3 for common JavaScript code to set/get/del cookies. You can use that as templates and refactor for your needs. You can even use this packages code as a template in your project. But again, plenty of already created packages out there you can use instead of writing your own.

Also, activity on this package has stopped since 2019. You're better off doing it yourself or finding another package. react-cookie is a place to start.