I wanted to prevent replay attacks from happening by making use of nonces/tokens.. But couldn't find any working example or sample code anywhere on the internet..
Confused about the concept or the order how to implement.. I am intially for the first request checking if iam having any tokens present in the request headers or not but yeah for firsttime i wont have any so iam generating a random token and adding it to the response headers and storing it in the cookies and as well as adding it to the request headers.. so from next request iam expecting the token to be present in the request headers to validate it against the token stored in the cookies but iam getting the headers as null..
Not sure whether whatever i understood about nonces/tokens flow is correct or not and need a quick help here please
