[owebmaster]

nextjs is in a class of software that should not exists (backend-for-frontend). You can have an SPA and an API in any backend language/framework.

[junto]

Agreed. A SPA without some backend for front end is always going to push you to store authentication tokens in local storage.

It feels like a shortcoming in browsers that we need a BFF to resort to cookies that JS can’t access.

I like React, but I feel that we primarily use Next.js just for session cookie management.