Scalability: Handle sessions

[danielgron]

Sessions are currently handled in memory. This means if we scale, requests can end up on a node that doesn't have the session stored.

Solution?
Store session in DB?
JWT tokens?
?...

[danielgron]

Looks like it is a non-issue.

It seems all information is stored in the cookie, meaning the server does not have session state.
Final confirmation would be nice though.

[rasmus-bn]

The session library states that it uses the securecookie library for storing the session.

According to this post the securecookie library is meant to encrypt/decrypt the session cookie at server-side but stores the session on the client:
https://security.stackexchange.com/questions/86465/the-purpose-of-securecookie-package-from-gorilla