Implementing authentication
Before you jump into the Login
component development, you will want to figure out how to manage a token received from a successful login response and how to make sure that if the access token has expired, then a refresh token request should be fired before making any call that requires authentication.
The browser allows you to store tokens or any other information in cookies, session storage, and local storage. From the server side, we haven't opted for cookie or stateful communication, therefore we are left with the remaining two options. Session storage is preferable for more secure applications because it is specific to the same tab and it gets cleared as soon as you click on the Refresh button or close the tab. We want to manage login persistence between different tabs and page refresh, therefore we'll opt for local storage of the browser.
On top of that, you can also store them in the state in the same way you are going to manage the...