Security

Explain the flow of using cookies

Difficulty: unrated

Source: bregman-arie/devops-exercises by Arie Bregman

Answer

  1. User enters credentials
  2. The server verifies the credentials -> a sessions is created and stored in the database
  3. A cookie with the session ID is set in the browser of that user
  4. On every request, the session ID is verified against the database
  5. The session is destroyed (both on client-side and server-side) when the user logs out