Cookies and sessions
HTTP is stateless and almost uniderectionl. Web application, on the other hand, need to keep a state.
Issues with cookies and sessions
- Concurrency: what if two clients access the site simulaneously?
- Session termintation: when and how to terminate sessions?
- Data storage on the server side
- The token must be unpredictable
No Comments