Ajax based web app and authentication: session or token?

I'm building a web app using rails for serving json and a JS framework on the client side.

For handling login I've discovered two ways:

  1. use an authentication token and append it to each ajax request and then in the backend use it to authenticate the user
  2. use sessions and cookies since they are automatically ppended to each ajax request

the second option seems more simple but there are reasons to use the first one?

P.S I'm using devise for the authntication

Answers


Typically you would create a cookie/session in order to keep a user signed in after revisiting your site.


Need Your Help

Differences between Ant and Maven

java maven-2 ant build-management

Could someone tell me the differences between Ant and Maven? I have never used either. I understand that they are used to automate the building of Java projects, but I do not know where to start from.

Call object in another class in another file with Visual Studio

c# visual-studio object methods call

I have a public class A in a file called A.designer.cs and there is a textbox object called Textbox1 in there that I want to use. It is declared as: