Why is currentUser stored in local storage?

Wondering why the currentUser object is stored in local storage instead of as a cookie. I’m used to either seeing a sessionID or a JWT, but the Moralis object seems like a mix of both. Is there a specific reasoning for the current set up?

I don’t know what is the exact reason for that.

The below thread has some interesting differences between a cookie and local storage.

The answer to your question could be this “Cookies are not accessible through JavaScript
or there might be other intentions for using local storage.

I know there’s many arguments for and against local storage vs. cookies. I personally don’t have a side, but what’s really most interesting to me is that local storage session data is usually stored as a JWT, but it’s just plain text for Moralis. I also can’t seem to find this userData object in any request headers.

I think it’s just easier to deal with. Usually wallet connections are kept “persistent” through local storage as well.

For full visibility, the reason I’m digging into this is because I’m creating a token-gated website using NextJS. The original idea was that there would be a ‘/protected’ route that only a user with a certain quantity of NFTs would be able to access. I would use Moralis to authenticate the user and then when they try to access the /protected page, my _middleware.ts file would check that they have the right NFTs or redirect them. However, _middleware.ts is server side only, so I need some way of grabbing the user’s ethereum account from within the request (which would be very easy if userData was stored in a cookie and not in local storage).

other users were able to send the session token from local storage to the backend in order to be able to verify it

It’s definitely possible to include it in a backend request you control (fetch, axios, etc.); the issue in this case is that I don’t control how NextJS requests page data with the next/router module. Seems I’ll just have to take the userData object and put it into the user’s cookies to have this work. Appreciate the little brainstorm!