'Is Session checking for login necessary for POST request too?
Im beginner in login system, i use session for it. I have implemented the login system with session checking, but only for GET Request because it can be accessed directly in browser address bar so i cannot be accessed directly in address bar before login.
My question is, is necessary to implement the session checking in POST Request too? Or just implement it into GET Request that can be accessed in address bar directly?
Solution 1:[1]
It is not necessary. id depend on the use case. If your frontend is different is in some other language like react, angular etc... then it will be directly handle by the state/browser storage.
Still if you need to implement through node side then express-session is a good option to choose. You can use the JWT token for calling the api through the request. On logout case just expire the tokens
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Aks |