Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
K
K
KnightForce2017-01-25 21:16:36
Node.js
KnightForce, 2017-01-25 21:16:36

How to check sessions for authenticity?

Just got into sessions.
I use express-sessions.
Here is stored sid on the client. Through the post data comes from the authorization form. Then, according to the data searched in the database, a user with such a login is searched, if he finds it, it is saved req.session.save().
But the question gnaws, if somehow there is a session substitution, then how to check. There was an idea to check whether there is such a session in the storage for each request to the site.
In my opinion a simple check if(req.session.sid)is not a good idea. It's just checking the existence of a session, but not its authenticity, and each time connecting to the database, comparing is expensive.
But the question is, maybe there are simpler and faster methods? Maybe there are some built-in mechanisms?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
A
Anto2021-04-25 19:03:55
How to solve a problem in Swift? 4Reply
W
Wallz2020-01-22 12:54:49
How to combine 2 codes into one in pascal? 2Reply
R
Roman2019-06-09 20:29:12
What code can I use to block an output stream in Node.js? 3Reply
M
my lord2021-01-30 04:38:10
Learning nodejs? 1Reply
R
RoninEn2019-06-11 01:03:43
Node js + Qiwi Transactions? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question