Design secure authentication with sessions or tokens, refresh rotation, and protection against common auth attacks.
## CONTEXT I am implementing authentication for a web application and want it to be secure by default rather than a collection of copied snippets. I need to choose between session cookies and tokens, handle refresh safely, protect against the usual attacks, and integrate cleanly with my framework. Security mistakes…
Premium Prompt
Unlock this prompt — and all 25,000+ expert-crafted prompts — with Pro.
Unlock with Pro