Tag: JWT

Express-session vs SuperTokens for handling user sessions

Express-session vs SuperTokens for handling user sessions

This article will be comparing SuperTokens to Node’s most popular session management library – express-session. The comparison will be done using a point system, where a point will be awarded to a library’s score if it performs well in a given metric. Here are the metrics we will be using: Security: This is especially relevant …

+ Read More

Should you use Express-session for your production app?

Should you use Express-session for your production app?

While being Node’s most popular session management library, express-session has its set of flaws and weaknesses – especially when it comes to security. This article will analyse the good and bad parts of express-session so that you can make an informed decision for your next app. We will be using a point system where one …

+ Read More

Are you using JWTs for user sessions in the correct way?

Are you using JWTs for user sessions in the correct way?

JSON Web Tokens (or JWTs) have become incredibly popular and you’ve likely heard of them before. What you may not have heard is that JWTs were originally designed for use in OAuth – which is fundamentally different to user sessions. While the use of JWTs for OAuth is widely accepted, its use for authenticating users …

+ Read More

The best way to securely manage user sessions

The best way to securely manage user sessions

This is part 2 in a two-part series on session management. If the reader understands the general concepts of JWT (JSON web token) and user sessions, then Part 2 can be read without reading Part 1. Part 1: Introduction to session management, analysis of most commonly used session flows, and best practices Part 2: Analysis …

+ Read More

All you need to know about user session security

All you need to know about user session security

What follows is a 2 part series on session management — inspired by extensive conversations with over 70 developers and our own intensive research. We will explore different session management practices, identify issues and converge on a solution to these issues. Through it all, I hope to leave you with clarity on deciding how to …

+ Read More