[英]User authentication with session variable (Express/NodeJs)
Using session variables to remember login in the backend is a bad idea?使用 session 变量在后端记住登录是一个坏主意?
Is it good?好吗? What about security?
安全呢? Or alternatives?
还是替代品?
Backend: Express (NodeJs) Frontend: MaterialUI (React)后端:Express (NodeJs) 前端:MaterialUI (React)
I am looking for a simple way to check access before entering and then remebering logged user.我正在寻找一种简单的方法来在输入之前检查访问权限,然后重新记住登录的用户。
I'm junior.我是小学生。 Many thanks for the advices.
非常感谢您的建议。
I can easily do it.我可以轻松做到。 It's already done.
已经完成了。 But I am worried about security problems or other.
但我担心安全问题或其他问题。
The issue with session variables is that you are designing a single point of failure and you will be facing scalability issues later on. session 变量的问题在于您正在设计单点故障,并且稍后您将面临可伸缩性问题。 That means if your server goes down, all the user's data stored in a session variable will be lost.
这意味着如果您的服务器出现故障,存储在 session 变量中的所有用户数据都将丢失。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.