Session data
bkolobara opened this issue · 0 comments
bkolobara commented
If we are a "batteries included" framework, I think we should provide built in handling for session data. There are generally two approaches to sessions:
- Cookie based - All session data is stored client-side in an encrypted cookie.
- Database based - The session is stored server-side and the cookie just contains information to identify the user.
Approach 1 is simpler, but could result in a lot of data being sent back and forth if the session grows too much.
I prefer that we take approach 1 here and document that the session is not intended to contain too much data.