Become a member
Sign in
Rui Xu
Rui Xu

Rui Xu

35 Following
1 Followers
·
  • Profile
  • Highlights

Highlighted by Rui Xu

See more

From Session vs Token Based Authentication by Sherry Hsu

…session based authentication, the server will create a session for the user after the user logs in. The session id is then stored on a cookie on the user’s browser. While the user stays logged in, the cookie would be sent along with every subsequent request. The …

From Session vs Token Based Authentication by Sherry Hsu

…h bigger comparing with the session id stored in cookie because JWT contains more user information. Care must be taken to ensure only the necessary information is included in JWT and sensitive information should be omitted to prevent XSS security attacks.

From Session vs Token Based Authentication by Sherry Hsu

Token based authentication: There is no issue with scaling because token is stored on the client side.