But…why session cookies?
Heard about Firebase Auth and it’s cool features that handle all the dirty Auth flow for you? Awesome, right?
Well, yes and no. Firebase Auth has been mainly used on the client side. Convenience but at the cost of performance. The client has to make numerous calls to the server, exchanging tokens and what not for every page that needs a user to be signed in. Back in the day when I didn’t know React, my endeavours to hack up a vanilla JS app led to a conclusion that this was not a good fit. We can do better.
Behold session cookies. Embedded in requests, these little guys are sent to the server and user information can be extracted from them by our server machine — yeah, no shortage of brutal computing power there. …
