What to use instead of session and cookie in mvc application

Question

Currently in our website we are using 1.) Session 2.) Cookie ; , they both have their own disadvantages. So, in our new website we don't want to use sessions and cookies.

We have googled and find some alternative ways of session and cookie as below:

1.) Use 'Local Storage 'or 'Session Storage'.

2.) Append data with the querystring.

Local storage is client side alternative to session. It will only be available to client script, not the server code, you would use it if you are writing a SPA and plan on making Ajax calls.

So, we need a alternative technical way to handle session and cookie with some other method.

Please help me regarding it .

Is your new website ASP.Net Web Form, ASP.Net MVC or ASP.Net Web API? — Win, Nov 08 '16 at 17:34

score 1 · Answer 1 · answered Nov 08 '16 at 18:17

Use 'Local Storage 'or 'Session Storage'.

Local Storage is not a replacement for Session State. They are totally different technologies.

Append data with the querystring.

QueryString is not a replacement for Session State either. We only use query string to pass very small data (normally integer value) between pages.

So, we need a alternative technical way to handle session and cookie with some other method.

Cookie

For ASP.Net MVC, you want to use Cookie for authentication unless you want to use Bearer Token. There is nothing wrong with using Cookie for authentication unless you abuse it.

Session State

In a nutshell, we do not need to use Session State directly in ASP.Net MVC. You can say that Session State and View State are somewhat replaced by Model if you will.

Keep in mind that TempData use Session State under the hood.