developerzohaib786 opened a new pull request, #115:
URL: https://github.com/apache/polaris-tools/pull/115
### console/src/api/client.ts
1. Added private accessToken: string | null = null field (line 37)
2. Changed getAccessToken() to return this.accessToken (line 114)
3. Changed clearAccessToken() to set this.accessToken = null (line 118)
4. Changed setAccessToken() to set this.accessToken = token (line 123)
### console/src/hooks/useAuth.tsx
1. Changed loading state initialization to const [loading] =
useState<boolean>(false) (line 36)
2. Removed the entire useEffect hook that checked localStorage
3. Removed localStorage.removeItem("polaris_realm") from logout function
(line 53)
### console/src/api/auth.ts
1. Replaced localStorage.removeItem() calls with
apiClient.clearAccessToken() in logout function (line 124)
### Summary:
1. Replaced localStorage token storage with in-memory storage in ApiClient
2. Removed token persistence check from useAuth hook
3. Updated logout to use centralized clearAccessToken method
4. Tokens are now cleared automatically when browser tab closes
5. Prevents XSS attacks from extracting access tokens
6. Realm configuration remains in localStorage (non-sensitive)
Fixes #100
### Important Note:
_**This description is generated by LLM.**_
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
