I've been working on my own authentication system, and I've successfully stored the token for authorization in a cookie, like.. when somebody tries to access a private page, I check if he has got a token in the cookies, etc.
But now, I've read many times, that we need to add the token in an Authorization header, and my question is, why do I need to add the token in the authorization header while it is in a cookie already?
Thanks in advance, Ahmed.
