Difference between sessionStorage and express-session?

Question

I'm confused about the difference between sessionStorage and express-session? Besides, if different clients send request to the same server for authentication, do they have access to the same express-session? Do they have access to the same state store in the express-session?

Answer 1

The main difference is:

sessionStorage stores data (client-side) inside browser.

express-session stores data to (server-side) and it also stores sessionID into the browser as cookie.

---

express-session: For each visit to a page, the cookie is sent along with the sessionID and the backend code can then fetch the session data. So the user has access to his own session data. The data in the server side session is private. Only the server can see it. The cookie is deleted when the browser is closed (our session data is also automatically deleted by the server depending on our setting.)

SessionStorage: is a local database in the browser that you can access via client-side JavaScript. Basically it’s a key/value store. This database is not private. You, or anyone using your browser, can see the contents using the developer tools of the browser. The “session” in sessionStorage means that all data is deleted when the browser is closed.