CheatSheetSeries
CheatSheetSeries copied to clipboard
Update: Session_Management_Cheat_Sheet
What is missing or needs to be updated?
The session management cheat sheet lacks guidance regarding how to store and validate session token (and similar tokens) server-side:
- store the session token ;
- store hash of the session token ;
- use a signed/MACed session token.