I am currently using JWT Token with 256 hashing algorithm which expires every 5 minutes, now my problem is how can I secure the token to prevent it from copying the token from (Local Storage or Cookie) to another computer. Is there a way to prevent this kind of attack? Also take note that we use SSL as well in our site but still, we treat this as a security-flaw. Is there a way to prevent the token from copying from one computer to another?
First you should not put your tokens or secret items in the localStorage as it brings a vulnerability from XSS (Cross site scripting). This is because localStorage is always accesible through javascript and a XSS could add a malicious script that sends a token to another server.
You should put your tokens on cookies with http only flag. This avoids them being accesible through javascript.
I would also recommend reading about cors so the adequate protection is given to avoid CSRF (Cross site request forgery).