<strong>Stateless</strong> means the server doesn't remember previous requests. <strong>Stateful</strong> means the server remembers you between requests. Most modern web APIs are stateless.
The Forgetful vs Remembering Cashier
Stateless is like a cashier who forgets you instantly. You must show your receipt (token) each time to prove who you are.
Stateless
Forgets you after each transaction
Stateful
Remembers your order
Token
Your receipt (proof)
With token
Doesn't remember
Must send token again
Client Logs In
Server verifies credentials
Server Issues Token
Gives client a proof of identity
Client Stores Token
Saves it (in cookie or localStorage)
Future Requests
Client includes token in every request
Server Validates
Checks token, doesn't need to remember you
Wrong
Stateless means the app can't remember anything about users
Correct
The app remembers data in the database. 'Stateless' only means the server doesn't remember the conversation between requests. The client sends proof (token) with each request.
REST APIs are stateless:
You log in → Server gives you a JWT token
Request 1: GET /profile (with token) → Server returns your profile
Request 2: POST /post (with token) → Server creates post
Server doesn't remember Request 1 when handling Request 2
Each request is independent, token proves who you are