Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I think we don't need to reinvent the wheel for handling user session, especially in web based application. There are common best practices that everybody already know such as using jwt, https and store in http only cookie


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: