NamesMT
commented
4 months ago I think I've implemented a very good base for a header-based session manager, it's still not fully finished though, you can see it and give your idea here: https://github.com/NamesMT/starter-fullstack/blob/main/apps/backend/src/middlewares/session.ts#L49
Currently our session manager & authentication flow uses an automatic user detection based on session cookies with
hono-sessions, this allows a super great DX working with APIs from the backend.But chrome is phasing out 3rd-party cookies, we need to add another session manager to support usecases where we use different domains for the frontend and backend, maybe a Bearer JWT that contains the session id? Where would we store the session data?