I have a university project to make, and one of the things I need to do is to make a functional login module with session serialization. The problem is though that I have to do this without using express or other Node.js modules that are not vanilla'is enough, and well, I just can't find anything on this without using express, or passport, or session-serialize module or some other modules that do not seem too vanilla'ish to me.

Is there a way to do this right?

I'm thinking of this:

  1. Validating login data
  2. Generating some random id ( a cookie session id thingy )
  3. Storing this inside my database
  4. Storing this inside my cookies

( though I've noticed that cookies from a route will be different from cookies on another route, so if the authenticated user comes on a page he has not been before, so there's no cookie of the session there, he may not appear as logged in )

  1. Using that cookie to make requests to the database so the user can see whatever he needs.
  2. Generating a new id for when the user logs in from another machine without this cookie session id
  3. Deleting this cookie session id when the user pressed log out

0 Answers