Message from JavaScript discussions

April 2019

— User logs in:
Server creates and stores session ID
User gets session ID from server

User passes session ID on every request
Server can verify that session ID is stored and which user it belongs to

User logs out:
Server deletes stored ID

Message permanent page

— 

Server should respond with a login page or an error if it can't find the ID for pages the user should be logged in to view

— Then what about session expired messaging?

— What

— If we logged in our Facebook which is not logged out some time shows session expired and we have login again..

Message permanent page

— How it works?

— Timeout

— A good server will also store when the session was created

— And automatically delete it after a while

— It can also be updated every time the user does something (every request)

— Ok..thank you so much

— Sup