In the process of data transfer, what are differences between server side sessions and authentication tokens?

By -

Server-side sessions and authentication tokens are both methods used to authenticate users and maintain their state over the internet. However, they differ in how they store and manage this information.


Server-Side Sessions


In server-side sessions, the user state is stored on the server's memory. When a user logs in, the server creates and stores the session data (such as user account data and role) in its memory. The server then sends a session ID to the user's browser, which is typically stored in a cookie. This session ID is sent back to the server with each subsequent request, allowing the server to recognize and authenticate the user. This method requires the server to keep track of active sessions, which can consume significant memory resources if there are many concurrent users .


Authentication Tokens


Authentication tokens, on the other hand, encapsulate the user state within the token itself. When a user logs in, the server generates a token that contains user information and sends it back to the client. The client then includes this token in the header of each subsequent request. The server verifies the token and extracts the user information as needed, without having to store session information in its memory. This method is stateless and can be more scalable as it doesn't require the server to keep track of active sessions .


In summary, while both methods are used to authenticate users and maintain their state over multiple requests, they differ in where and how this information is stored and managed. Server-side sessions store the user state on the server and use a session ID to track each user, while authentication tokens store the user state within the token itself and require no server-side storage.

Comments

Post a Comment

Popular posts from this blog

WSL2配置proxychains, 使得终端走宿主机代理

By -
安装:           sudo apt-get update           sudo apt-get upgrade           sudo apt-get install proxychains4 获得宿主机 IP: cat /etc/resolv.conf | grep nameserver | awk '{ print $2 }' 查询代理软件端口:10810 编辑配置文件:sudo nano /etc/proxychains4.conf           change:socks4 127.0.0.1 9095         to:socks5 xxx.xxx.xxx.xxx 10810         中间的x是上面查出来的ip地址,10810是v2rayN局域网(不是本地)监听的端口。          并在 [ProxyList]之前添加:           # Exclude localhost           localnet 127.0.0.0/255.0.0.0 测试:           proxychains4 curl -L myip.ipip.net           proxychains4 curl -L cip.cc vscode走代理:proxychains4 code . 更新proxychains:           sudo apt-get update # This will update the list of available packages           sudo apt-get upgrade # This will upgrade the installed packages to the latest versions 注意:proxychains 与 proxifier 会冲突,只需用二者之一。 参考文献:           WSL2配置proxychains           WSL2 中访问宿主机 Windows 的代理           WSL2配置网络代理
Read more

Javascript Currying

By -
Transform a function with multiple parameters into calling a nesting function multiple times with one parameter; the functionality of the two situations is not changed. For example, the following functions have the same functionality but different formats: // original format function add(a, b) { return a + b; } // currying format function curryingAddFirst(a) { return function (b) { return a + b; }; } // currying format with arrow function const curryingAddSecond = (a) => (b) => a + b;
Read more

Node.js & Express.js - A Refresher

By -
 1. What is Node.js? Like Browser is one host environment of that Javascript of frontend, Node.js is a host environment for Javascript of backend Chrome's Javascript engines V8  has all been cloned and is now maintained as a standalone project working without a browser and enriched with some extra APIs that is basically Node.js, it allows us to run Javascript outside of the browser Compare to V8, Node.js dropped some APIs(e.g. DOM API), and added some APIs(e.g. Filesystem) 2. A Simple Node.js Code Node.js code are just normal javascript code with extra node  api In Node.js runtime environment, there are a few globally function (e.g., require) Between different Node.js module (javascript file), we can transfer object through require and export A simple Node.js Code: const fs = require("fs"); const userName = "Light"; fs.writeFile("./user-data.txt", "Name: " + userName, (error) => { if (error) { console.log(error); return; }
Read more

What is MERN?

By -
1. Introduction MERN stands for MongoDB, Express, React, and Node. 2. Big Picture for the MERN Architecture Client (Browser) : ReactJS : Responsible for presentation and the user interface. NodeJS & Express : Server-side responsible for business logic and file storage. The server side and client side communicate with requests and responses in JSON format. Database : MongoDB : Responsible for persistent data storage. NodeJS & Express communicate with MongoDB through database queries using the MongoDB SDK. 3. Diving into Client Side React single-page application is served from the server to the browser. React handles rendering everything in the browser. React manages frontend or client-side routing with an extra library, react-router-dom . react-router-dom helps render different React components based on the path the user enters into the URL bar of the browser. The React application typically handles some front-end state that influences what is shown on t
Read more