Hasty Treat - Authentication: LocalStorage vs Cookies vs Sessions vs Tokens
Syntax - Tasty Web Development Treats4 Mars 2019

Hasty Treat - Authentication: LocalStorage vs Cookies vs Sessions vs Tokens

In this Hasty Treat, Scott and Wes talk about authentication — the difference between localStorage, cookies, session, tokens and more! LogRocket - Sponsor LogRocket lets you replay what users do on your site, helping you reproduce bugs and fix issues faster. It’s an exception tracker, a session replayer and a performance monitor. Get 14 days free at https://logrocket.com/syntax. Show Notes 4:20 - How should we track users? Token based - generally stored in the client Session based - stored on the server Token Based (JWT) 6:00 - Token-based auth Stateless - the server does not maintain a list of logged in users Scalable - you can use serverless functions easily Cross domain Data can be stored in JWT Easy to use on non-web sites like mobile apps Hard to expire tokens — you must maintain a list of blacklisted tokens 7:48 - Session-based auth Stateful - generally you maintain a list of session IDs Passive - once signed in, no need to send token again Easy to destroy sessions 10:48 - How do we identify the user on each request? localStorage or Cookies? A common misconception is that localStorage is for tokens while cookies is for sessions With localStorage, we need to grab the token and send them along on each request With cookies, the data is sent along on each request 11:25 - Security Issues XSS for Tokens - make sure bad actors can’t run code on your site Sanitize inputs XSRF - CSRF tokens are needed Links Cookies vs Tokens: The Definitive Guide Tweet us your tasty treats! Scott’s Instagram LevelUpTutorials Instagram Wes’ Instagram Wes’ Twitter Wes’ Facebook Scott’s Twitter Make sure to include @SyntaxFM in your tweets

Avsnitt(988)

988: Cloudflare’s Next.js Slop Fork

988: Cloudflare’s Next.js Slop Fork

Wes and Scott talk with Steve Faulkner about vinext, a Vite-powered Next.js fork. They dive into AI coding workflows, agent browsers, code quality, and what modern dev tooling looks like in an AI-firs...

18 Mars 47min

987: Remote Coding Agents

987: Remote Coding Agents

Scott and Wes break down the world of remote coding agents — what they are, why you’d want one, and all the different ways you can run them, from Cursor Cloud and Claude Code to an old laptop sitting ...

16 Mars 47min

986: Does Code Quality Matter Anymore?

986: Does Code Quality Matter Anymore?

In this potluck episode, Wes and Scott answer your questions about popover navigation patterns, the Vibrate API on iOS, whether code quality still matters in the AI era, Wes’s evolving Obsidian second...

11 Mars 58min

985: Stop putting secrets in .env

985: Stop putting secrets in .env

Scott and Wes are joined by Phil Miller and Theo Ephraim to talk about Varlock, a new approach to environment variables that adds schemas, validation, and security to the humble .env file. They dig in...

9 Mars 47min

984: How to Make a DOM Library Render Anything w/ Paolo Ricciuti

984: How to Make a DOM Library Render Anything w/ Paolo Ricciuti

Wes and Scott talk with Paolo Ricciuti about Svelte custom renderers and how Svelte actually talks to the DOM. They dig into compiler internals, CSS handling, native bridges, and the realities of main...

4 Mars 49min

983: Why I Chose Electron Over Native (And I’d Do It Again)

983: Why I Chose Electron Over Native (And I’d Do It Again)

Wes and Scott talk about building v_framer, Scott’s custom multi-source video recording app, and why Electron beat Tauri and native APIs for the job. They dig into MKV vs WebM, crash-proof recording, ...

2 Mars 37min

982: Bots Are Ruining the Internet

982: Bots Are Ruining the Internet

Wes and Scott talk about the latest dev news: Node enabling Temporal by default, OpenAI acquiring OpenClaw, TypeScript 6, new TanStack and Deno releases, the explosion of AI agent platforms, and more....

25 Feb 49min

981: Browsers Are Finally Catching Up (Interop 2026)

981: Browsers Are Finally Catching Up (Interop 2026)

Scott and Wes unpack Interop 2026 and the browser features finally aligning across engines, from container style queries and anchor positioning to scroll-driven animations and view transitions. They b...

23 Feb 51min

Populärt inom Politik & nyheter

aftonbladet-krim
svenska-fall
p3-krim
rss-krimstad
fordomspodden
spar
flashback-forever
rss-sanning-konsekvens
rss-expressen-dok
aftonbladet-daily
motiv
rss-vad-fan-hande
rss-aftonbladet-krim
blenda-2
dagens-eko
rss-frandfors-horna
olyckan-inifran
grans
krimmagasinet
politiken