Java Web Developer with a passion for Spring and cloud computing. Know a thing or two about AWS. Trying to learn NodeJS lately with the help of TypeScript.
Probably someone more experienced will explain in more details, but basically, when I read JWT and API I think about stateless application, namely, there is no user session stored on the server. This is one of the basic features of JWT, it stores everything that the server must know to identify the user and handle the request.
I think your reasoning is fine, but it is not user session you are trying to use, you are using JWT to carry the information to and from as I said. It is something like this, right?
Guest enters -> Server receives the request, generate a random token and send it to the user -> guest uses this token from now on to send data and the server will know where it will save it temporarily.
The same for logged use, but the folder is not temporary and there is info about the user on the token in this case.
Obs: No token is stored on the server, never, only on the client side.
Probably someone more experienced will explain in more details, but basically, when I read JWT and API I think about stateless application, namely, there is no user session stored on the server. This is one of the basic features of JWT, it stores everything that the server must know to identify the user and handle the request.
I think your reasoning is fine, but it is not user session you are trying to use, you are using JWT to carry the information to and from as I said. It is something like this, right?
Guest enters -> Server receives the request, generate a random token and send it to the user -> guest uses this token from now on to send data and the server will know where it will save it temporarily.
The same for logged use, but the folder is not temporary and there is info about the user on the token in this case.
Obs: No token is stored on the server, never, only on the client side.
Yeap. you got it right.