I'm trying to create a RESTful web service in PHP.
According to Roy fielding, communication betweenn client and server must be stateless in nature.
So is storing login information, as in the currently logged-in user's username, in the PHP $_SESSION variable the wrong way to go, since it means storing session state? This is for the purposes of allowing access to a user's private data.
Is using cookies to keep track of logins against REST principles? Or is it not something that's too important?
