Coverity-CWE 922: Insecure Storage of Sensitive Information(localStorage write)

[osm/NG-UI.git] / src / services / AuthInterceptorService.ts

diff --git a/src/services/AuthInterceptorService.ts b/src/services/AuthInterceptorService.ts
index d2166e3..5f4255e 100644 (file)
--- a/src/services/AuthInterceptorService.ts
+++ b/src/services/AuthInterceptorService.ts
@@ -68,7 +68,7 @@ export class AuthInterceptorService implements HttpInterceptor {
     public intercept(req: HttpRequest<{}>, next: HttpHandler): Observable<HttpSentEvent |
         // eslint-disable-next-line @typescript-eslint/no-explicit-any
         HttpHeaderResponse | HttpProgressEvent | HttpResponse<{}> | HttpUserEvent<any> | any> {
-        const idToken: string = localStorage.getItem('id_token');
+        const idToken: string = sessionStorage.getItem('id_token');
         const excludedUrl: string[] = ['osm/admin/v1/tokens', 'assets/i18n/', 'osm/version'];
         if (excludedUrl.some((x: string): boolean => req.url.includes(x))) { return next.handle(req); }
         if (idToken.length > 0) {