About the usage of cookies and session

Hey Jin!

Any data that you store in a session will be lost at the end of that session. If you need to store data that persists between sessions, you should use cookies.

Cookies can be set to either expire at the end of the session, or persist for a set amount of time (take a look at the 'Expires/ Max-Age' column in screenshot below). They're stored by the browser and stay on the user's computer until they expire or are deleted.

Both of these storage technologies store simple key/value pairs and are best suited for small amounts of data like user IDs or short strings.

Let's run through an example.

Say you're building a website that allows users to log in to a special members area. You'd need to store the user's information when they log in (typically an ID or some other authentication token) so that you can check to make sure they are logged in as they browse around the members area.

If you wanted the user's session to end when they leave your website and close their browser, then you would store this information in the session as that information is automatically cleared out when the browser is closed. When they come back to your website they would need to log in again.

But say you have a 'Remember me' checkbox on your login form for people that want to remain logged in between sessions. Now you would save their information in a cookie with an expiry date at some reasonable length in the future. Unlike with session storage, this cookie is persistent, so if a user closes their browser and then comes back later they would still be logged in (as long as the cookie hasn't expired).

I hope this helps to give you a clearer picture of when to use cookies vs session storage.
Let me know if you have any other questions :)