Authentication

Learning Authentication and Authorization HTTP in itself is stateless that is each request is considered as a seperate new request and with no previous baggage or memory. 3 basic terms : Session JWT Cookies JWT : JSON web token, 64 bit cryptographic hashed token, has 3 parts seperated by ‘.’, those are headers, payload, and server side secret-key , so if anyone tries to change any value in any of the fields the hash will change and will no longer remain valid and our server side secret wont be able to match it (uses minimum resources to validate, only a single secret string that can be stored in env also ) , this JWT can be stored in a cookie, local storage , memory etc ...