A modern programming language that makes developers happier.

kotlinlang

Hello, one question about sessions feature. When you use Session Content (client-side), where the system stock the authentication please ?

If you mean how it is secured. If you are transforming it with an authentication, the server signs the payload of the cookie, and the payload and the sign is sent. Since the key is stored at the server. The client cannot modify it, since that would mean authenticating the payload again and the client doesn`t have the key.

So for disconnect client, the only solution is to change the key on our server ?