One of the most important features of web applications is the ability to allow users to authenticate. The application should keep track of the authenticated users; however, web requests are stateless. Each request is treated as an unrelated transaction to any previous request. There are multiple workarounds to keep track of logged users such as sessions, cookies, and tokens. Once we solve the authentication needs, another important feature is authorization. It dictates what the users can see and do inside the app. Authorization assigns roles to the users. For instance, a seller should be able to edit his/her own products but not anyone else's. However, administrators should be able to edit/delete ...