Should I use a cookie or a session variable (triggered by a JS fetch) ? | Laravel | Page 1

formal coral May 9, 2023, 10:45 PM

#

Hi,

I am building an SaaS app (web app)
I have a slide panel on the right for the quick documentation. I want to add a specific behavior where the slide panel stay open on each pages if the user click on the icon to open it.
So I need to store the state when the page changes.

I am wondering what is the most elegant way to do that.
Should I use a cookie to store the information (so it can be created client side and at load, be used)
Or use a Laravel Session variable, and for that I need to send a JS fetch call

I don't know what should be the best solution.
Cookies are supposed to be less secure (because accessible from both sides),
but a fetch call is heavier for perf, no ?

Thank you ! 🙂

devout glen May 10, 2023, 6:28 AM

#

Depends on the UX you're going for

A cookie would be sent along with each request to the server, does the server need to know this setting?
Do you want to persist the setting for the user? If they sign in on a different browser/PC, should the setting be the same? Then you'll want to store it in the database, like a user setting
Just a browser session that persist when they login and logout and is only used on the client? Then you could use localStorage. If you just want it for that session you could use sessionStorage

pliant hamlet May 10, 2023, 6:32 AM

#

It sounds like this is client-only data, and not sensitive at all. If so, localStorage seems like a good place

#

Cookies are certainly not "less secure", it's the most secure storage mechanism in a browser. But why do you need security for a user setting?

formal coral May 10, 2023, 7:49 AM

#

Thank you guys for your help
It is just for the session, as if they need to look at the documentation, it is more convenient to not have to click to open it everytime.
We don't need to know which user opens or close his documentation.

If Martin says cookie need a "same" amount of ressource to generate it as a js fetch call to store a local session, then the solution might be the local session variable because we don't need to access to the information from the server.

What do you think ?

PS : I 'don't need security', I am learning Laravel / App designing and everything and I wanted to know the good manners

#Should I use a cookie or a session variable (triggered by a JS fetch) ?