当前位置:网站首页>Finally, someone explained the difference among cookies, sessions and tokens. Detailed explanation, interview questions.

Finally, someone explained the difference among cookies, sessions and tokens. Detailed explanation, interview questions.

2022-06-10 20:40:00 Test Architect Bei fan

Preface :

as everyone knows , We usually use the http agreement , and http Every access to the protocol is stateless .
What is stateless ? This request has nothing to do with the last request 、 Strangers 、 Not related . The advantage of this statelessness is fast , The disadvantage is that you can't relate the two requests .

Cookie、Session、Token It's used for persistence , The purpose is to let the client and server know each other , Associate two requests .

【 At the end of the article, we have prepared the welfare of the big man 】

 

Cookie

  • Cookie It's a very specific thing , It refers to a kind of data that can be stored permanently in the browser , It's just a data storage function implemented by browser .

  • Cookie Generated by the server , Through the response header Set-Cookie Field to the browser , Browser handle Cookie With Key Value Save the form to a text file in a directory , The next time you request the same website, you will send Cookie Send to the server . because Cookie It's stored on the client , So browsers add some restrictions to make sure Cookie Will not be used maliciously , It doesn't take up too much disk space at the same time , So for each domain Cookie The quantity is limited .

  • Cookie Application scenarios in the project :

    • Daily login to a website , Today, I entered my user name and password to log in successfully , No need to re-enter the user name and password the next day . One of the mechanisms used at this time is Cookie.
    • The browser records the web pages the user has visited .

  • summary :

    • Cookie Generated by the server , Store on client .

    • Cookie The data format of is key value pair ,Cookie The data has expiration time expire value .

    • In the project, it is mainly used to remember the user name and password or record the web pages that the user has visited .

Session

  • Session Literally, it means “ conversation ”. The server needs to know who is sending the request to itself . To make this distinction , The server is going to assign each client a different “ Identification ”, Then every time the client makes a request to the server , Take this with you “ Identification ”, The server knows who the request came from . As for how the client saves this “ Identification ”, There are many ways , For browser clients , By default Cookie The way .

  • Server usage Session Save the user's information on the server temporarily , After the user leaves the website Session Will be destroyed . This way of storing user information is relative to Cookie It's safer , But Session One drawback is that if web The server has done load balancing , When the next operation request arrives at another server Session Will lose .

  • session Application scenarios in the project :

    • Generally, only the user name of the login user is saved , The default duration is 30 minute , So why do you need to log in again when you don't use the system for a while , because 30 Minutes later Session It's lost .

  • summary :

    • Session from Web Server generation , Save on the server .
    • Session The data format is also a key value pair .
    • Session The default expiration time is 30 minute . Generally in the browser's developer tool (F12) Of the response header Cookie( or Set-Cookie) View in , In the project, it is mainly used for authentication to determine whether the login status , Only login status can access the web page and data of the server .

Token

  • Token Literally “ token ”, How to verify the user's identity , It's kind of like Cookie, Relatively safer .

  • The process of production :

  1. The first time a user logs in , The server will generate a Token,Token Will exist on the server's database , And then put this Token Back to the browser .
  2. Client received Token After that will be Token Stored locally .
  3. When the client sends the request again , Will Token Send to server .
  4. The server receives this Token when Token With their own local Token Compare , I have to verify my identity .

  • Token Application scenarios in the project :

    Commonly used in App Project login authentication or interface authentication . because App Neither the project nor the interface client is a browser , So there is no Cookie and Session. So pass Token To authenticate .

  • Some systems Token Directly displayed on the following page , And the interface Token Generally, it is in the return value of the login interface .

  •   a key : Learning materials of course, learning is inseparable from materials , Of course, here is also prepared for you 600G Learning materials

    Private keywords needed 【000】 Get it for free Note that the keywords are :000

    Project practice

    app project , Bank Project , Medical Project , Online retailers , Finance

    Large scale e-commerce projects

    Full set of software test automation test teaching video

    300G Download tutorial materials 【 Video tutorial +PPT+ Project source code 】

    A complete set of software testing automation testing factory has been

    python automated testing ++ A complete set of templates + Performance testing

    It's said that the iron juice who has paid attention to me for three consecutive years has been promoted, raised and made a fortune !!!!

原网站

版权声明
本文为[Test Architect Bei fan]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/161/202206101925044493.html

边栏推荐

猜你喜欢

随机推荐