I have a Vue application that uses AWS Amplify for authentication. The current setup saves the Cognito user-specific data, such as tokens and user info, in localStorage because of the default amplify configuration. Since storing critical user data in localStorage exposes it to CSRF and XSS, I’m looking for other ways to handle user session. One of the ways to do is to change the storage to sessionStorage as shown below: