Tag: Session Management

Express-session vs SuperTokens for handling user sessions

Express-session vs SuperTokens for handling user sessions

This article will be comparing SuperTokens to Node’s most popular session management library – express-session. The comparison will be done using a point system, where a point will be awarded to a library’s score if it performs well in a given metric. Here are the metrics we will be using: Security: This is especially relevant …

+ Read More

Should you use Express-session for your production app?

Should you use Express-session for your production app?

While being Node’s most popular session management library, express-session has its set of flaws and weaknesses – especially when it comes to security. This article will analyse the good and bad parts of express-session so that you can make an informed decision for your next app. We will be using a point system where one …

+ Read More

OAuth 2.0 vs Session Management

OAuth 2.0 vs Session Management

There seems to be a lot of misinformation on when OAuth 2.0 (henceforth referred to as OAuth) is appropriate for use. A lot of developers confuse OAuth with web session management and hence end up using the wrong protocol / set of technologies. This, in turn, leads to security issues. This article will clarify when …

+ Read More

Are you using JWTs for user sessions in the correct way?

Are you using JWTs for user sessions in the correct way?

JSON Web Tokens (or JWTs) have become incredibly popular and you’ve likely heard of them before. What you may not have heard is that JWTs were originally designed for use in OAuth – which is fundamentally different to user sessions. While the use of JWTs for OAuth is widely accepted, its use for authenticating users …

+ Read More