I am in the process of developing an API and I am unsure whether I should implement express-session or a similar tool to handle sessions.
app.use(expressSession({
secret: 'Something'
});
Moreover, I have been blocking CORS. Is this measure sufficient to prevent unauthorized access to my data?
Any advice on this matter would be greatly appreciated. Thank you.