Authentication

  • Login credentials of a user are validated using a DB
  • A session is created and assigns a cookie a sessionID
  • The user sends cookies with each request
  • Depending on what the user sends authentication and authorization is granted
  • The session is then destroyed when the user logs out
  • Login credentials of a user are validated using a DB
  • Generates temporary Token and embeds it with user data
  • Server responds back with a token that is embedded in the body, head or response
  • The user stores the token in client-side storage, which means it is passed to the browser’s storage
  • User sends token in requests
  • The server verifies token and authentication and authorization is granted
  • Logging out clears the token from the client’s storage

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store