What would be the usual approach to store an access token in the session storage of a PWA(using polymer 2.0)

Asked Nov 14 '17 at 12:10

Active Nov 20 '17 at 14:09

Viewed 517 times

My situation is the following: I recently made a secure C# Rest-Service using OWIN & OAuth to store some data and access it with a PWA later. I started with a login.

My current problem is: where do I store the access token given by my Rest-Service? I will need it in other views as it has to be in the header of every single rest-request I send to the secure Rest-Service.

Would I use the serviceworker or some new way of session storage in Polymer 2.0(old ways seem to be deprecated) or something else?

I wanted to ask this here before I mindlessly choose an option myself and then have to write it all over again whenever I find a "better" way.

edited Nov 20 '17 at 14:09

asked Nov 14 '17 at 12:10

Felix Froschauer

I think common practice would be to store it in a safe place like a database or encrypted storage. This [SO post](https://security.stackexchange.com/a/100799) might offer additional reference. – ReyAnthonyRenacia Nov 15 '17 at 14:43
I will look into it, thank you! – Felix Froschauer Nov 16 '17 at 11:28

What would be the usual approach to store an access token in the session storage of a PWA(using polymer 2.0)

0 Answers0