Unsafe Spotify access token and refresh token storage

[sidsurakanti]

Storing the Spotify access and refresh token is really unsafe. It should be safer to store it on cookies using a JWT or something of that sort. It's a really easy fix too. I can work on this if needed!

[mpfaff]

Storing the Spotify access and refresh token is really unsafe. It should be safer to store it on cookies using a JWT or something of that sort.

You say that storing the tokens is unsafe. Then you propose another way to store "it". Are you suggesting to store something else, or are you arguing that a particular way of storing the tokens is unsafe?

[sidsurakanti]

You say that storing the tokens is unsafe. Then you propose another way to store "it". Are you suggesting to store something else, or are you arguing that a particular way of storing the tokens is unsafe?

sorry, i meant to say that storing the tokens in the URL is an unsafe way to go about Spotify Oauth

[mpfaff]

Ah, that is rather unsafe.

[receiptify1]

thanks. this is the best receipt generator, i use it every day https://spotifyreceiptify.com/