Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

In your web application what is the best choice to store session data?

user-image
Question added by عبدالرزاق رحمون , IT engineer , Ministry of Education
Date Posted: 2016/03/28
Rehan Farooq
by Rehan Farooq , WEB DEVELOPER/DIGITAL MARKETING EXPERT , Upwork

In my opinion, sessionless design is more preferrable:Pros:

  1. Scalability. You can have as many servers as we want without having to share a user session. Each of them can process request (e.g. load balancing via round robin).
  2. Saves server resources. We do not need to allocate memory on the server side (again - scalability).
  3. No need to recover after a server restart.

Cons:

  1. Having to keep some user related information in cookies (not critical).
  2. Requires more coding (but not really much of coding)....

So just save a small amount of data on the client side (cookies). Usually it's authentication token (which is invalidated on password/email change) and some temporary data necessary to perform requests.All sensitive data is signed using MD5 hashes (depending on some secret information available only on the server side - e.g. salt which is a combination of hash of the password and email). So changed cookies on the client side is not a concern.

More Questions Like This