https://wid-blog.github.io/en/tags/cookie/Recent content in Cookie on wid's blogHugoenSat, 20 Mar 2021 00:00:00 +0000https://wid-blog.github.io/en/posts/tech/security/session-and-jwt/Sat, 20 Mar 2021 00:00:00 +0000https://wid-blog.github.io/en/posts/tech/security/session-and-jwt/HTTP is stateless. Maintaining user authentication requires storing state somewhere. This post covers the structure, trade-offs, and storage strategies of server-side sessions and client-side JWT tokens.