Set Up Sessions for Your Application
You can create sessions with query parameters, cookies, and tokens, to name just a handful of ways. Weâll start with the cookie-token-based sessions since theyâre most commonly used.
Cookie-token sessions work by storing a token, also known as the sessionID, in the cookie. The application regularly uses the token to look up session information on the server side. Cookies are the preferred method for storing sessionIDs because they offer some control over the tokenâs lifespan. Theyâre also much more secure than using sessions based on the URL path.
Letâs set up a session using the express framework. Since the middleware uses cookies to store the sessionID, we need to use the cookieParser middleware ...
Get Secure Your Node.js Web Application now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.