Cookie-Based Sessions: Server-Side State, Client-Side ID
Think of a session cookie as a coat check ticket, not the coat itself. The server stores your data and gives you a unique ID to carry in a cookie. This is how Express.js tracks user state across requests.
Think of a cookie-based session as a coat check ticket, not the coat itself. The server stores the actual session data (user info, cart) and gives the client a simple, signed session ID in a cookie. This is the standard way Express.js maintains user state for logins or multi-page forms. The footgun: the session data is not in the cookie, and the default server-side `MemoryStore` is for development only; it leaks memory and won't scale.
Read the original → expressjs.com
- #express
- #nodejs
- #sessions
- #auth
- #cookies
Get five bites like this every day.
Tezvyn delivers a daily feed of 60-second tech bites with quizzes to lock in what you learn.