Statefulness in a Stateless Web

However, because cookies are stored locally, they still aren’t the best option for storing data in your web apps.

Users can view and manipulate cookie data, which could be bad for your site.

So, how can we safely store state client-side?Sessions and Session Id ????The preferred solution is to use cookies to store a Session Id ????️ locally, but save the session data on server-side.

An HTTP request can pass the Id from your cookies in your GET request, be looked up in a database of thousands of states from all clients ????️, and have the state sent back.

With Session Ids, the server is constantly creating and destroying states.

Each state for each client at many different moments is being saved, and the Session Id stored in your cookies will be rewritten to reflect where your state is currently saved.

Session data stored on a server is kept in key-value pairs, where 555 is my Session Id and 556 is yours.

Now when we send out that HTTP request asking for my Medium article, the conversation from before may look a little more like this:Client: Hey, can you GET this article for session 555?Server: Of course, {555.

user_name}!.Coming right up!Session Ids are preferred because the actual values and data is hidden from the client, not to mention that the developers are in control of the data and its expiration.

This isn’t to say that Session Ids are foolproof.

There are plenty of arguments surrounding the safety Session Ids, but there are also options for making Session Ids more secure.

Modern frameworks generate unguessable Session Ids; and Rails and Django even sign your cookies, allowing the server to detect if an Id was tampered with.

Now that we’ve reached the end and you understand how Session Ids ????.enable persistence and statefulness on the web, it’s…Time to read a new story and get a new Session Id from Medium!Reading recommendations for this topic:XYZAnd as a wrap up, here’s what this article covered:HTTP basics and why it is “stateless”, ????what statelessness means for how data moves ????.on the web,the Request-Response Cycle, ????️ ↔️ ????️application state and session state, ????????how to use URLs to pass data to the server,client-side cookies, ????and Session Ids stored in cookies ????️????️This article was written for Backend Web 1.

2 at Make School.


. More details

Leave a Reply