What are some of the best practices to persist logged-in user?
I was using JWT and storing it in localStorage but found that using localStorage is not safe.
Should I store JWT in httpOnly cookie?
Should I even use JWT for this purpose since some articles suggest not using it? I am confused.
I tried to search for it on google but found that most of them were using JWT by storing it in localStorage.