JWT vs Session based authentication with Electron


#1

Hi all,

I’m working on a desktop chat application (think Slack) and am in the process of implementing and learning about user authentication. I learned a bit about JWT and was planning on using that with my node.js server to authenticate users. They would login, a JWT is returned, and that could be sent up with every request.

The other option is session based authentication. As I understand it, this is managed server side. I’ve read that using sessions can cause issues scaling, for example when new instances of the application are created to handle load, and thus sessions are lost.

As the client side part of this system is an Electron app, is one method better than the other? Are there any issues using JWT in the way I’ve described?