Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is this stateless? #14

Open
daveteu opened this issue Jun 28, 2022 · 3 comments
Open

Is this stateless? #14

daveteu opened this issue Jun 28, 2022 · 3 comments

Comments

@daveteu
Copy link

daveteu commented Jun 28, 2022

Readme states More secure, signature-based tamper-proof, does it means this works in stateless environment, where you do not require session stickiness?
@LyricTian
Copy link
Member

If you want use this in stateless environment, need to use redis as session storage. Because the session depend on session id in cookie value, and session id associate custom store value. When we get user id from session actually use current session id to get user id in session store.

@daveteu
Copy link
Author

daveteu commented Aug 24, 2022

Thanks @LyricTian, thank you for explanation.

So assuming if I use a go-session/redis, may I confirm I would not need to worry about sticky-cookie in a multi server environment (docker swarm, kubernetes), since all servers cookie data are sync in redis?

@Jackysi
Copy link

Jackysi commented Mar 13, 2024

Sorry this is bit off topic, but can session be also "figured out" from JSON token? For API and such

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Jackysi @LyricTian @daveteu