So what are cookies, sessions, and tokens?
Most web servers use cookies to send the session-ID after you login.
So the server will store the session information in the database while you will only have the session id in a cookie, which is stored in the filesystem of your computer.
The session-ID is randomly generated and should be hard to guess. If you log out, the session will be deleted on the server, but also the server will instruct the browser to delete the cookie containing the session-ID.
Next time you request another page, your browser will automatically send a cookie containing your sessionId, which the server will check to see if it is valid.
An alternative to this is to store information on the client and to sign it. In this scenario, anyone holding the signature can quickly check if the data was manipulated or not. One way to do this is to use JSON Web Tokens or JWT tokens.
Let’s now assume that you want to install an app on your phone, which can help you with your finances and keep track of your spendings. What you don’t want to do is to give your username and password to this app, which was not created by your bank. This is when access tokens are being used to grant access to your data.
Technologies mentioned in this video:
JWT Tokens:
OAuth, OAuth2:
OpenId:
{{DESCRIPTION HERE}}
___
// POSTMAN COMPLETE GUIDE ONLINE COURSE
👉 Want to learn more about Postman? Check my Postman online course.
Get it at a special price and help support this YouTube channel:
___
// I HAVE A QUESTION!
I do my best to answer all comments here on YouTube but I cannot make any guarantees.
If you have a question, it is best to ask your question on the Postman User Group on Facebook or on the Postman Community (links below).
If you have purchased the Postman Online Course, please use the Q&A section or send me a message on Udemy.
Please do not email me or contact me on other channels as I might not be able to answer. Sorry!
___
// I HAVE A VIDEO IDEA
Do you want me to create a video on a specific topic? Just fill out the form below:
___
// P L A Y L I S T S
▸ Learn Postman |
▸ Postman Crash Course |
▸ Postman Tips & Tricks |
___
// F R E E R E S O U R C E S
▸▸▸ DOWNLOAD the FREE Postman Quick Reference Guide
▸▸▸ JOIN the Postman User Group on Facebook
▸▸▸ The OFFICIAL Postman community forum
___
Nguồn: https://androidsvn.com
Xem thêm bài viết khác: https://androidsvn.com/lap-trinh-php/
Xem thêm Bài Viết:
- Tự học Linux – LPI 1 [Part 1/4] – Tổng quan về Linux và các lệnh cơ bản
- Lập trình viên – Học lập trình web ra làm gì? Cách kiếm tiền từ nghề lập trình web bạn cần biết
- BÀI BÁO BỊ XÓA: Cháy nhà máy Rạng Đông hậu quả tương đương 1 quả bom nguyên tử
- #8 Lộ diện cao nhân cảm âm "nghe tiếng đàn định giới tính" | SIÊU TRÍ TUỆ VIỆT NAM
- Login system using PHP with MYSQL database
![Tự học Linux – LPI 1 [Part 1/4] – Tổng quan về Linux và các lệnh cơ bản](https://i.ytimg.com/vi/s-7E7VNzC6Y/hqdefault.jpg)
👉 Want to learn more about Postman? Check my Postman online course.
https://www.udemy.com/course/postman-the-complete-guide/?referralCode=4E8B90BA4B5EE8DA9237
Thanks a lot Sir! Make us understand with clear examples
wow! good job!!
How about storing JWTs in a cookie?
nice,thanks a lot
5:35 man don't ever scare me like that my name is really John 😂😂
Very clear explanation. Really saved my time. Thank you, man!!!
Very cool video! Thanks!
Nice explanation.. thumbs up!
Great stuff! 😀
Great effort to make 9:32 min video so valuable. Thanks
can someone use my session id in cookie to log into my account?
2:13 You sayed that the session will be deleted after browser was closen
When I open the website again how is web server use session id when session was deleted ?
Loved it <3
After login, I get a session id from server which is stored in a cookie; if somebody gets that cookie then would he be able to make requests on my behalf like a security vulnerability?
it was wonderful man! do you have a good link for oauth tutorial?
wow ! the animation made the video more clearer <3 thank you sir
Really good bro. Thanks
Usefull
Kuukie
Best tutorial for this topic, please share the which is best location for store Token at client side like localstorage, session storage or httpcookie only or else other, .. And how to impelement in asp.net core and SPA (Angular2/Vuejs/ReactJs). Awaiting your valuable inputs. Thank you for the video.
wow, your explanation amazing!!! keep it up
Thank you!
Thank you for your explanation
Best tutorial for this topic on YouTube so far. Thank you.
Great explanation! Thanks a lot 🙂
very simple and animated explanation thank you sir