Click here to Skip to main content
15,799,398 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
I'm working on a React project where I need to store logged-in user information, such as their name, avatar, user_id, and more, on the client side. I'm looking for advice on the best practices and techniques for achieving this securely and efficiently. Additionally, I'm curious to know how larger platforms like Twitter and Facebook handle this aspect. Any insights or recommendations would be greatly appreciated. Thank you!

What I have tried:

I've been researching different approaches to store user information on the client side in my React application. I've considered using browser storage options like localStorage and sessionStorage, as well as exploring state management libraries like Redux. I've also looked into JSON Web Tokens (JWT) for authentication.

I was hoping to find clear guidelines or best practices for securely storing user information on the client side, ensuring data privacy and integrity. Additionally, I'm curious about any patterns or strategies that tech giants like Twitter and Facebook might employ in this context. It would be great to gain insights from the community on the most effective and efficient methods for handling user data on the client side within a React application.
Updated 19-Aug-23 11:08am

1 solution

Storing anything like that client side means cookies - and that means two things:
1) you need to get permission first, just like every other site that won't shut up until you let them store cookies on your machine.
2) It's not particularly secure, though you can use Secure cookies[^] which improve it a little, any form of "local storage" is intrinsically less secure than a system where such info never leaves the server.

Most sites don't store personal info on the client: they store it on the server and store a key value on the client which allows them to access the user info on the server when needed - in your case, the user_id is probably the best choice.

Remember, all personal info is covered by GDPR, and the fines for taking insufficient care can be staggeringly huge!
Share this answer

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900