Where to store JWT refresh tokens

Where to store JWT refresh tokens

Where to store JWT refresh tokens? My idea was to encrypt the refresh token with crypto-js AES and salt, keeping it in an environment variable (.env). Then, the refresh token would be stored in either local storage or cookies. I am still deciding between these options.

• What is your advice?
• Is it feasible?
• Is it sufficient?