cookie | The Blog Pros

May 29, 2020June 19, 2020

OAuth 2.0 vs Session Management

There seems to be a lot of misinformation on when OAuth 2.0 (henceforth referred to as OAuth) is appropriate for use. A lot of developers confuse OAuth with web session management and hence end up using the wrong protocol/set of technologies. This, in turn, leads to security issues. This article will clarify when to use regular session management solutions and when to use any one of the OAuth flows.

The Most Important Difference

Ideally, we would like all authenticated communication to be long lived (to provide the best user experience). The difference between user session management and OAuth is the level of trust between the communicating parties.

September 24, 2019February 27, 2022

All You Need to Know About User Session Security

What follows is a two-part series on session management — inspired by extensive conversations with over 70 developers and our own intensive research. We will explore different session management practices, identify issues, and converge on a solution to these issues. Through it all, I hope to leave you with clarity on deciding how to manage user sessions (and auth tokens) for your application. In 20 minutes, we summarize all the important information it took us hundreds of hours to obtain and document.

This article will introduce session management, analyze commonly use session flaws, and demonstrate best practices. Part two will take a look at a new open-source flow that is secure and easy to integrate into existing systems.

Lummi: Say Goodbye to Boring Stock Photos Forever
In Articles
Lummi is ending the era of boring stock photos by enhancing creative workflows with high-quality, royalty-free, AI-generated images. Dive in and learn how Lummi is going to help you create captivating and unique designs and change the way you create. […]
What is Hyvä Themes for Magento and Why Was It Created?
In Themes
Choosing the right ecommerce platform is important not only for online retailers. It’s important for businesses whose products are directly related to such platforms and must work with them shoulder-to-shoulder. Magento clearly stands out in... T... […]
WPBeginner Turns 15 Years Old – Reflections, Updates, and a Giveaway ($50,000 in Prizes)
In birthday giveaway, giveaway, wpbeginner birthday
It’s quite surreal to type that WPBeginner turns 15 years old today! Time flies when you’re having fun especially with such an amazing community of website owners, small businesses, and web professionals. YOU ARE the best part of WPBeginner! Like every year, I will take… Read More »

The post WPBeginner Turns 15 Years Old – Reflections, Updates, and a Giveaway ($50,000 in Prizes) first appeared on WPBeginner.
[…]
The Art of Manual Regression Testing
No categories
The tech world of software development is characterized by fast-paced and constant evolution. Code keeps changing, new features are introduced, and bugs are fixed frequently. These changes are crucial for improving the overall development structure. Ho... […]
Understanding Properties of Zero Trust Networks
No categories
Zero Trust is a well-known but 'hard-to-implement' paradigm in computer network security. As the name suggests, Zero Trust is a set of core system design principles and concepts that seek to eliminate the practice of implicit trust-based security. The ... […]