![in session in session](https://miro.medium.com/max/1200/1*3dDJLvF-vtUHVGlEETKGmQ.jpeg)
For Node.js, this cookie header is named connect.sid.
IN SESSION PASSWORD
Imagine messaging on Facebook and typing in your user name, email and password every single time you send a new message! Figure 1: The classic HTTP protocol Figure 2: Modified protocol with session management Figure 3: Node.js file structure
![in session in session](https://i.etsystatic.com/5139040/r/il/94be71/1196491053/il_794xN.1196491053_c0je.jpg)
In this model, if the server is required to display some user-specific information, the client has to be authenticated with each and every request. There is no inbuilt mechanism for the server to remember a specific user from different multiple requests, which also makes it impossible for the server to know if each request originated from the same user. This means every request that is sent from a single client is interpreted by the Web server independently and is not related to any other request. The classic Hypertext Transfer Protocol (HTTP) is a stateless tool. Then we shall discuss what a session is, and how it overcomes all the drawbacks and adds to the security of a client-server connection. Let us first look at how a standard HTTP request works (without sessions) and what are its drawbacks. In this article, we shall use Node.js to create and manage sessions. It enables the user information to be persistent in a ‘stateful’ manner across all the pages of that website or app. First is the StateServer mode.Session handling is a globally used concept, without which any website or app, regardless of whether it is written in Node.js, PHP or any other backend language, will be in a precarious condition. Now we will have a look at the other options available to overcome these problems. It is also not suitable for Web Farm and Web Garden scenarios. InProc session data will be lost if we restart the server, or if the application domain is recycled. This session mode is not suitable for web Farm scenarios.Īs in the preceding discussion, we can conclude that InProc is a very fast session storing mechanism but suitable only for small web applications.We can't use it in Web Garden scenarios.Though it is the fastest, more session data and more users can affect performance, because of memory usage.If the worker process or application domain is recycled, all session data will be lost.Implementation is very easy, similar to using the ViewState.Īlthough an InProc session is the fastest, common and default mechanism, it has many limitations as in the following:.There is not a requirement for serialization to store the data in InProc session mode.So accessing data is very fast and data is easily available. It stores session data in a memory object of the current application domain.