Fullstack web using Python Flask as Backend and React as Frontend
- Flask-SQLAlchemy with Heroku Postgresql
- Flask-CORS (to handle cross origin request from frontend)
- Flask-WTForm (to handle form validation)
Using Flask-JWT-Extended library to authenticate user by JWT. Token stored in httponly Cookie with X-CSRF double submit token. Access token expired in 1 hour and refresh token expired in 1 month.
- Tailwind CSS (Framework)
- Headlessui-React (for disclosure nav, dropdown menu, modals, and transitions)
- Fontawesome (Icon)
- Axios (fetch library)
Store access token and refresh token in httponly Cookie (automatically by the server) and store X-CSRF double submit token in local storage.