Session VS Cookie VS Token

Cookie VS Session VS Tokens

Difference between Cookie and Session

Cookie is a bit of data stored by the browser and sent to the server with every request.

Session is a collection of data stored on the server and associated with a given user.

Ref: stackoverflow.com

Difference between Cookie and Token

What is the difference between token authentication and cookies authentication?

Session cookie

A session cookie, also known as an in-memory cookie, transient cookie or non-persistent cookie, exists only in temporary memory while the user navigates the website.

Web browsers normally delete session cookies when the user closes the browser.

Reference

— https://tools.ietf.org/html/rfc6265.html

— https://github.com/expressjs/cookie-session

— https://en.wikipedia.org/wiki/HTTP_cookie#Terminology

— https://www.npmjs.com/package/express-session

— https://blog.gds-gov.tech/our-considerations-on-token-design-session-management-c2fa96198e6d

— https://softwareengineering.stackexchange.com/questions/350092/cookie-based-vs-session-vs-token-based-vs-claims-based-authentications