Answer the question
In order to leave comments, you need to log in
B
B
BonBon Slick2019-02-23 08:27:05
BonBon Slick, 2019-02-23 08:27:05
Benefits of token API for sessions out of the symfony box?
https://symfony.com/doc/current/doctrine/pdo_sessi...
The user has a token to use the API.
Now it's valid all the time, since it's just a string. The only way to get a new token is by logging in, or to reset the token by logging out.
Are there any bonuses if using sessions from Symfony?
In theory, it will be easier to make the token a connection with the user and, with each request, get the time of the token from the cache (redis + elastic), when it was created and how much is left.
Or store the time in a token, decode it and check the session token.
If there are no benefits from using sessions out of the box, which approach will be faster (conditionally load 1,000,000 requests / day to the API) of the 2 above?
It should be borne in mind that the UI must also know how much the token is still stored, that is, be able to decode it and see its date before making a request to the server.
The implementation of the new approach will take the time of sawing, finishing the current one. JWT is possible, but make it stateful and not transactional.
Similar questions
E
Z
A
B
S
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question