this post was submitted on 12 Apr 2024
3 points (100.0% liked)
FreeAssembly
75 readers
1 users here now
this is FreeAssembly, a non-toxic design, programming, and art collective. post your share-alike (CC SA, GPL, BSD, or similar) projects here! collaboration is welcome, and mutual education is too.
in brief, this community is the awful.systems answer to Hacker News. read this article for a solid summary of why having a less toxic collaborative community is important from a technical standpoint in addition to a social one.
some posting guidelines apply in addition to the typical awful.systems stuff:
- all types of passion projects and contributions are welcome, including and especially those that aren't programming or engineering in nature
- this is an explicitly noncommercial, share-alike space
- don't force yourself to do work you don't enjoy, or demand it of others
(logo credit, with modifications by @[email protected])
founded 7 months ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Fix the bug that you get logged out when refreshing the page sometimes -- I've noticed this on both Firefox and Safari. The token still exists (at least it's present in
document.cookieasjwt), but for some reason it doesn't get sent anymore, so Lemmy thinks you've been logged out.I've actually looked into this already, but didn't get very far, especially because it doesn't even happen all the time.
Honestly, just storing it in
localStorageinstead of as a cookie might work ...oh yeah, this is a bad one. the
localStorageidea is a good call.@self @mii I think storing session tokens in
localStorageis considered unsafe becauselocalStorageis more open to XSS attacks. The bigger concern, though, is using JWT for session management at all, which is widely considered a bad idea. Here's one (of many) articles that go into that topic: https://dzone.com/articles/stop-using-jwts-as-session-tokens