Which is most used or followed approach while crea...
# randome
echoing-computer-87366
08/31/2021, 9:18 AMWhich is most used or followed approach while creating authentication for application?
1) JWT + localstorage
2) JWT + httpOnly cookie
3) httpOnly cookie + session
s
silly-sundown-88321
08/31/2021, 10:39 AMcant comment on which is mostly used but we use httpOnly cookie + sessionId
m
many-raincoat-20537
08/31/2021, 6:09 PMWe use JWT + httpOnly cookie
e
echoing-computer-87366
08/31/2021, 8:20 PM@silly-sundown-88321 In nodejs or java what is tech stack?
s
silly-sundown-88321
09/01/2021, 4:59 AMjava
e
echoing-computer-87366
09/01/2021, 8:46 PM@silly-sundown-88321 For microservices or multi tenant based architecture is session auth with httpOnly cookie suitable?
s
silly-sundown-88321
09/02/2021, 6:12 AMyeah we use it the same way, each and every api call authenticates the user. If there is a downstream api that needs to be called we pass the sessionId to the downstream microservice.
e
echoing-computer-87366
09/06/2021, 7:21 PM@silly-sundown-88321 From scalability & performance point of view is session based auth using httpOnly cookie good? As we are going to validate user on every request to check in DB if it is valid session or not
echoing-computer-87366
09/06/2021, 8:11 PM@silly-sundown-88321 One more question do you use single session storage for all microservices? Is it redis??
3 Views