Altcademy - a Forbes magazine logo Best Coding Bootcamp 2023

How to store token in ReactJS

Introduction

Imagine you're at a concert. To get in, you need a ticket. This ticket tells the security guard that you've paid and are allowed to be there. In programming, especially when dealing with user authentication, we have something similar called tokens. In this blog, we'll explore how to store tokens in ReactJS, a popular JavaScript library used in web development.

What is a Token?

In simple terms, a token is like a virtual ticket. It's a piece of data generated by the server after a user logs in. The server provides this token to the client, which holds onto it for future requests. This token proves to the server that the user is who they say they are, much like showing your ticket at a concert.

Why We Need Tokens

Again, let's go back to our concert analogy. Without a ticket system, the event would be chaotic. Anyone could walk in and claim they've paid, right? Similarly, in web applications, we need a way to ensure that users are who they say they are. That's where tokens come in.

Tokens help us manage user sessions. After a user logs in, we can use this token to remember the user and ensure they don't need to provide their username and password each time they want to do something on our site. It helps us maintain state in what is otherwise a stateless HTTP protocol.

Storing Tokens in ReactJS

Now, let's talk about storing these tokens. In ReactJS, we have a few options: Local Storage, Session Storage, and Cookies. Let's look at each of these.

Local Storage

Local Storage is a web storage object that stores data with no expiration time. This data will not be deleted when the browser is closed. Here's an example of how to store a token in Local Storage:

localStorage.setItem('token', 'your_token_here');

And here's how you can retrieve it:

let token = localStorage.getItem('token');

Session Storage

Session Storage is similar to Local Storage, but the stored data is lost when the browser tab is closed. It's like a concert wristband that you get for a single day event. Once you leave, it's not valid anymore. Here's how you can store a token in Session Storage:

sessionStorage.setItem('token', 'your_token_here');

And here's how you can retrieve it:

let token = sessionStorage.getItem('token');

Cookies

Cookies work a bit differently. They're data that's stored on the client's computer and sent with every request to the server. They're like a hand stamp at a festival. Every time you go to a different attraction (or in our case, make a new request), you show your stamp (or send your cookie). Here's how you can store a token in a cookie:

document.cookie = "token=your_token_here; expires=Fri, 31 Dec 2021 23:59:59 GMT";

And here's how you can retrieve it:

let token = document.cookie.replace(/(?:(?:^|.*;\s*)token\s*\=\s*([^;]*).*$)|^.*$/, "$1");

Which Method to Use?

Each of these methods has its advantages and disadvantages, and the best one to use depends on your specific needs. Local Storage and Session Storage are easier to use, but they're vulnerable to cross-site scripting (XSS) attacks. Cookies, on the other hand, are more secure but are slightly more complex to work with.

Conclusion

In this post, we've learned about tokens, why we need them, and how we can store them in ReactJS. Like a ticket at a concert, a token is a simple but powerful tool that helps us manage user sessions and keep our applications secure. It's up to you to decide where to store these tickets based on your application's needs. Remember, each method has its trade-offs, so choose wisely!