What is session? It's important to understand why it's more secure than cookies

[aminaas1575]

What is session?
Session means "session" or "dialogue" in Chinese. It allows requests and responses to have status for a period of time. If there is no status during this period, the function will fail. Therefore, the key point is to make requests and responses have status during the time.

Session is also responsible for recording the user's information on the server side, and after the user completes the verification and records the user information required by the user, it then generates a set of corresponding IDs and stores them in the cookie and sends them back to the client.




Why do you need Session?
Here we need to briefly explain the characteristics of HTTP. HTTP is related to the design of a stateless (Stateless) protocol. This characteristic will make requests between websites independent and irrelevant, so there is no way to record them on the website. Of course, the actions performed also include the content of each request. However, according to the belarus whatsapp phone number previous article, it was mentioned that cookies have some functions of storing information. However, cookies are not encrypted during transmission and are easily tampered with, so compared with For information that is more important to cookies, you will choose to use Session.



How to implement the Session mechanism
In order to easily apply the method, let’s set up the situation first. Today there is a shopping website whose URL is store.tw. When you see a backpack you like and want to add it to the shopping cart, the moment you press Add to Cart and What would checkout look like in different implementations.