When you login to a website, your identity needs to be managed. Here is how different solutions work:
1. Session: The server stores your identity and gives the browser a session ID cookie. This allows the server to track login state. But cookies don't work well across devices.
2. Token: Your identity is encoded into a token sent to the browser. The browser sends this token on future requests for authentication. No server session storage is required. But tokens need encryption/decryption.
3. JWT: JSON Web Tokens standardize identity tokens using digital signatures for trust. The signature is contained in the token so no server session is needed.
4. SSO: Single Sign On uses a central authentication service. This allows a single login to work across multiple sites.
5. OAuth2: Allows limited access to your data on one site by another site, without giving away passwords.
6. QR Code: Encodes a random token into a QR code for mobile login. Scanning the code logs you in without typing a password.
Over to you: QR code logins are gaining popularity. Do you know how it works?
#systemdesign #coding #interviewtips
Comments
Post a Comment