{"id":8731,"date":"2020-10-07T13:06:04","date_gmt":"2020-10-07T13:06:04","guid":{"rendered":"http:\/\/www.max-sperling.bplaced.net\/?p=8731"},"modified":"2024-02-16T10:36:38","modified_gmt":"2024-02-16T10:36:38","slug":"authentication-session-based-vs-token-based","status":"publish","type":"post","link":"http:\/\/www.max-sperling.bplaced.net\/?p=8731","title":{"rendered":"Authentication &#8211; Session-based vs. Token-based"},"content":{"rendered":"<p><strong>Session-based<\/strong><br \/>\nThe client logs into the server and gets a session id. The server caches all sessions to be able to verify them.<\/p>\n<pre>\r\n             Client                              Server\r\n                |                                   |\r\n                |--- POST \/login { User, Pass } --->| Store session\r\nStore SessionId |<----------- SessionId ------------|\r\n                |                                   |\r\n                |--- GET \/data { SessionId } ------>|\r\n                |                                   |\r\n                |--- POST \/logout { SessionId } --->| Remove session\r\n<\/pre>\n<p>Storage for the SessionId can either be a cookie, the local storage or the session storage.<\/p>\n<hr>\n<p><strong>Token-based<\/strong><br \/>\nThe client requests a token from a specific server and then uses this token to verify itself at the same or another server.<\/p>\n<pre>\r\n         Client                            Auth-Server\r\n            |                                   |\r\n            |--- POST \/login { User, Pass } --->| Create Token\r\nStore Token |<------------- Token --------------|                 Content-Server\r\n            |                                                           |\r\n            |------------------ GET \/data { Token } ------------------->|\r\n<\/pre>\n<p>Storage for the Token can either be a cookie, the local storage or the session storage.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Session-based The client logs into the server and gets a session id. The server caches all sessions to be able<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false},"categories":[26],"tags":[],"_links":{"self":[{"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=\/wp\/v2\/posts\/8731"}],"collection":[{"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8731"}],"version-history":[{"count":1,"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=\/wp\/v2\/posts\/8731\/revisions"}],"predecessor-version":[{"id":16804,"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=\/wp\/v2\/posts\/8731\/revisions\/16804"}],"wp:attachment":[{"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8731"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8731"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8731"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}