What is a best way to do session management for REST service?
Added by Plug Gulp almost 5 years ago
Hi,
I am developing a simple REST server using Wt. There is no WApplication involved. The resource added at "/" returns a simple HTML webpage that uses Bootstrap and jQuery. When the user interacts with the webpage, the client requests data from the backend and updates the webpage accordingly. In this scenario, what is the best way to do session management? The way I am at present doing this is by generating a random session ID and then sending it to the client when the first request from the client hits the service. There after with each request from the client, the session ID is included in the request from the client-side.
Is this the correct approach? What is the best way to do session management outside the scope of Wt session management for RESTful services?
Thanks and kind regards,
~Plug
Replies (2)
RE: What is a best way to do session management for REST service? - Added by lm at almost 5 years ago
Are you creating a react frontend on a Wt backend? That sounds very cool. I prefer "plain" Wt as it can do better than React, but I can easily imagine a use case for putting React (or Angular or whatever) on top of Wt.
The frontend is sending this backend-generated session ID to the front end with each request? Seems like a cookie would be the right way to do this so that the front end code doesn't have to remember to submit that each time.
RE: What is a best way to do session management for REST service? - Added by Plug Gulp almost 5 years ago
>@Im
Are you creating a react frontend on a Wt backend?
No, I am not :)
I am using simple jQuery and Bootstrap.
>@Im
The frontend is sending this backend-generated session ID to the front end with each request?
Well, the internal session management of Wt is heavily tied to the Wt created front-end. If I understand it correctly, there is no session ID generated for REST based Wt application.
Kind regards,
~Plug