I’m a new developer and curious about security best practices. If, before sending an access token to the frontend, it is encrypted on the backend and then stored in localStorage, and later decrypted on the backend when an API request is made, will this approach still leave the application vulnerable to attacks? What are the potential security concerns with this method, and is there a better way to handle tokens securely?