2
Guys, I decided to use the Token feature, to access my Rest I’ll be doing in PHP, mainly to learn this concept, but I don’t want to use a Framework ready, I even need to get the hang of it.
Good researching I found the following solution: When my user logs into the system I will generate a Token and a time for that Token and I will save in the database.. Until then ok.
With each request I check if the Token is still valid. My question itself would be the following case.
Is it something "cool" to use this way? Would it overload my server? Another thing, I need my application to have validation if the user is logged in or not. Working with PHP Sessions was easy, if the Session exists the guy browses the page if there is no go pro Login.
If I mess with Token, I won’t have a session, and then I wonder what all this would look like? Because Token would save in Localstorage on JS and check if it exists, and it will always exist right?
I got a little lost in this item. Hahaha..
I appreciate your help!!!
Token would be the same as Session. If the user does not have a valid Token then is disconnected. Same as when editing the cookie
PHPSESSID
for any other value. Whether it overloads or not I believe it does not. Session will le and edit a file, usually in the temporary folder. While the token will check this in the database. For me, Session has only a performance file, since it cannot be read/changed by two simultaneous processes. Already using the token in DB (assuming Mysql) you can use theInnoDB
withREAD UNCOMMITTED
, that way you won’t have that problem– Inkeliz