an xss attack would need to then get your token from memory, which would require something specific to your codebase/framework etc. Not as easy as just reading everything from local storage
SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).
