Reputation: 1448
Can a Express session works without cookie?
The session is server side object and resides on the server. Every session will have a Session ID. A Session ID is a unique number, the server assigns to a specific user, during his visit(session). And by default, session ID is attached to a cookie and this cookie will be shared from client to server (and server to client) during its requests/responses. And the server will identify session based on a session ID which is retrieved from the cookie.
So I want to know if a Express session works cookieless?
Upvotes: 5
Views: 5000
Answers (1)
Reputation: 707956
So I want to know if a Express session works cookieless?
No. The actual express-session module only works with a cookie. It stores a session ID in the cookie so that the next page request or Ajax request that comes from that particular browser will contain that cookie and express-session can look up the appropriate server-side session object that corresponds to that session ID.
It is possible to create a session system that does not use a cookie. That is typically done by putting a session id in the URL as a query parameter as in:
http://somedomain.com/somepath?sessionID=0823408234
But, this is much more cumbersome to build a site this way unless you are using a rendering system that fixes all the links for you (all links in the page that wish to preserve the session must have the right session id in the query parameter) and it throws off bookmarks and lots of other issues.
But, express-session does not do it this way. It requires a cookie.
Upvotes: 3
Related Questions
- Node.JS session without cookies
- Session-only cookie for Express.js
- Express Session and Cookie
- Can we use cookies for state management in a nodejs express application?
- NodeJS - Session handling WITHOUT express
- Session Cookies on Express.JS
- Session and Cookies in expressjs
- Session in nodejs
- ExpressJS sessions with cookies
- Node.js cookies and session management