Week 10

Security Mindset

Handling Sensitive Data

Authentication & Authorization

Session Management

JWT

Spring Security

Practice

Assignment

Back end Track

Under construction

<aside> 🚧

This page is currently under construction. Please check back later.

</aside>

Implementation plan:

  1. How session-based authentication works — the full flow
  2. User logs in → server creates a session → session ID stored in a cookie
  3. Server-side session storage (in-memory, database, Redis)
  4. Cookies: HttpOnly, Secure, SameSite flags
  5. Session expiration and invalidation (logout)
  6. Advantages: simple, easy to revoke, battle-tested
  7. Disadvantages: stateful server, scaling challenges, sticky sessions
  8. When session-based auth is the right choice

The HackYourFuture curriculum is licensed under CC BY-NC-SA 4.0

CC BY-NC-SA 4.0 Icons

*https://hackyourfuture.net/*

Found a mistake or have a suggestion? Let us know in the feedback form.