Sessions for web applications, i.e. mostly cookie-based HTTP(S) sessions are not easy, especially not when you want the session data on the server's side.

In this repository, we attempt to collect information that is vital for building a stable & secure session with persistence on the server's side (though this might also touch client-side cookies and the associated challenges).

In a first step, most of the work will be done in the Wiki whereas in a later step, a reference implementation will be provided, tested and optimized until we are confident that this constitutes a release for live websites.

In general, the aim is to make a clean start and take problems into consideration from what others have already learned (i.e. talking to the developers, looking at their past issues, etc.).

Since this repository is a community approach, we are happy if you put in your thoughts and knowledge. At the current state we are just gathering knowledge and information and just need input on your knowledge of sessions. So please, go ahead and contribute.

To get started, take a look at the Wiki and see in which state the development is. If you then want to contribute something to this or previous steps, just let us know here.