Store sessions need it?
I am wondering why we are storing the sessions in the DDBB... we use express to generate a session cookie, then this passes to passport to deserialize the cookie and to see if everything is ok.
app.use(passport.session());
is equivalente to our authenticateUser function, and then the user is serialized into the cookie. The following requests will do deserialize to get the user_id.
So, express and passport work ok, why we are storing sessions in the DDBB? we intend to have an stateless services, theses stored sessions do nothing?
Maybe @alejandro.garciamarchena can add something. He is working with the integration of other IDM.