Storing some app state in localStorage. Bad idea?


In the app I’m working on, we have the concept of workspaces. We’re currently saving the workspace ID into local storage when enter the workspace route. In the application adapter, we’re scoping requests to prefix the url path with /workspaces/:id when the workspace id is present in localStorage. For example, when doing'projects') would usually fire a request to /projects, inside a workspace, it sends the request to /workspaces/:id/projects.

Is keeping this application state in localStorage a bad idea? Is there a better way to do it? I certainly have concerns that this is fragile and feel that storing the current workspace in the application container would be a better idea. That said, I’m not yet sure how to access the container from an adapter. :slight_smile: Work to do.


I don’t think it’s a bad idea, but do keep in mind those things that’s stored in there are not encrypted or behind an auth session. So pretty many anyone can walk by and read anything that’s in it.

So I would say putting application state in there is fine, but not any user state.


If not localStorage, then where do you store things like access tokens etc.