Managing the login information in RESTful web app
-
30-10-2019 - |
Question
In a RESTful application, there's no state maintained between two requests. Each request is treated as a completely new one, even though it would have been sent by the same user. I.e. There's no session.
In that case, how does the User Login information handled by a REST application?
- Is that, after a successful login, the server generates a security token and sends it to client and the client sends it back for each and every request there after?
- If above is true, where the security token is stored in server? Database? (Remember: No session).
No correct solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow