19.3 Sessions and Cookies
After introducing HTTP in Chapter 1, I asserted that HTTP was a stateless protocol. It transfers data without knowing what the user or the site previously requested or responded with.
Statelessness proves to be a bit of a problem: authentication requires state. We need to know and remember who a specific visitor is so that we may allow them specific access and privileges on the site. Working with a stateless protocol means that we can’t rely on the protocol itself to help us with authentication.
To add basic state to the HTTP, developers added cookies to it. A cookie, originally called a magic cookie, stores a uniquely identifying piece of information. When a visitor arrives at a website, the server creates a unique ...
Get Django Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
