0

I am using react js for front end and spring boot for backend. Now, I have a situation where I need to get some kind of browser signature or browser specific information to store on the server so that from every new request, I can verify if user is hitting URL from the same browser or from some other browser.

I have tried serveral ways to get browser specific information at backend but not succeed. Please guide me which browser specific information, I can send get in my spring-boot URL and then store that for further verification process.

Thanks in advance!

Balram Chauhan
  • 171
  • 1
  • 2
  • 14

1 Answers1

1

I would try to set cookies on the client browser and track the cookie/session value on the server side.

For example you can set the cookie- 

// create a cookie
Cookie cookie = new Cookie("someUniqueValueLike", uuid);
//add cookie to response
response.addCookie(cookie);

Read cookie

public String readCookie(@CookieValue(value = "someUniqueValueLike") String uuidString) {
    //verify the cookie value here
}
Itsik Mauyhas
  • 3,824
  • 14
  • 69
  • 114
  • Thanks for the reply. I also found this as best solution for my question but what if I am using JWT token for session management and I am worried for stolen token means if I will use same token from different system then also, it will work. So, should I use JWT with session cookies to make tokens browser specific? – Balram Chauhan Dec 27 '19 at 04:26
  • Under https all headers(cookies are sent in as headers) are encrypted. so sending your JWT string in `Authorization` header is safe as long as you are storing it safely in the client side - https://stackoverflow.com/questions/44096270/how-to-store-jwt-in-browser – Itsik Mauyhas Dec 29 '19 at 16:05