What are your perspectives on securing auth Tokens generated from a token based authentication system like JWT?

When a client authenticates with token based authentication, the server responds with a signed token, since the client has the token at hand, that authenticated client can still use the same token (from a different machine) or browser before the token expires!

Some developers store tokens in local storage which in insecure! I have heard suggestion to store the token in an encrypted cookie! but that still is insecure, how do we guarantee the authenticity of the client?

If a Key is provided to a client, that key can be missued and abused! whats the protection against this?