pasestars opened this issue a year ago · 1 comments
Why store Tooken in Cookie, after that send token over Authorization Bearer Header? It sends duplicate Token in Header: Authorization and Cookie when the domain of FE and BE is the same.
Yes, this is done just to be compatible with both ways, just a defensive programming