Session Authentication
We're going to implement session authentication from scratch.
If you're familiar with this, you can skip.
terminal
*If you steal cookie from client (csrf or xss), hacker only use that cookie for "GET" action. because of the csrf token.
https://medium.com/rubyinside/a-deep-dive-into-csrf-protection-in-rails-19fa0a42c0ef
Last updated