Intro to Sessions / Adding Pages | Node Auth Tut - Part 4

June 17th 2017 | 7.4k views

A session can be seen as a place where your app stores data. With this form of data storage, we can code our app in a way so that when a user logs in via a login form, they are “logged in” until they explicitly click a logout button. When a user logs in, what’s really happening is that we are creating a session on the backend of our app specifically for whatever user just entered their credentials (each user gets their own session), and returning to the user a cookie that’s used for continuous authentication, preventing the need for a user to re-enter their account credentials each time they’d like to visit a restricted page.

It should be noted, session data is volatile, meaning that it’s created and deleted frequently depending on whether or not a user logs in or logs out. In addition, all app sessions will be deleted in their entirety if the app is restarted with something such as nodemon. It’s important we don’t log out all of our users if we restart our app during a deployment, so we’ll want to integrate something called session storage to move all sessions to a database, rather than storing them directly within express.

This episode describes the process briefly and then moves onto creating the additional pages we’ll need to log a user in.