DEV Community


Discussion on: From Zero to Hero (▀̿Ĺ̯▀̿ ̿) in Authentication | Part 2

srikanth597 profile image

Hey nice article and topic u have chosen to explain,It was indeed good.
But In your Session/Cookie based method,
U mentioned in the picture that session ID is validated against Database.
But in your explanation u mentioned it as Session ID storage in server memory and respond with Cookie.

So basically all I'm saying from my understanding after reading it,picture says one thing and explanation says other. So it's little bit misleading

kushagra_mehta profile image
Kushagra Mehta Author

Ok, let me simplify it for you. When a session ID is created on the server side it is stored on memory-based DB like Redis/Memcached because of their high read & write. And Cookie is just a wrapper on which we store the session ID because the browser sends cookies with every subsequent request. When the server receives a request it unwrapped the cookies and extract session ID check against memory-based DB and tada🎉 you are authenticated