Concordo, 54321, apesar de vc nao ter citado nenhum fonte, fui atras e achei algumas, como[1]. Mas isso nao significa q a questao precise ser anulada por isso. Muito pelo em ovo dessa galera!
Atencao, galera, nao vamos perder tempo com baboseiras, futilidades, inutilidades, mimimi e coisas do genero!
Vamos 'a resolucao?
Segundo[1], "RESTful systems are meant to be stateless. Remember that REST defines the server stateless, which means that storing the user data in session after the initial login is not a good idea".
Ja para[2], "The fourth RESTful principle I will discuss is the idea of statelessness. When I talk about statelessness, though, I don't mean that your applications can't have state. In REST, stateless means that there is no client session data stored on the server. The server only records and manages the state of the resources it exposes. If there needs to be session-specific data, it should be held and maintained by the client and transferred to the server with each request as needed. A service layer that does not have to maintain client sessions is a lot easier to scale, as it has to do a lot fewer expensive replications in a clustered environment. It's a lot easier to scale up, because all you have to do is add machines".
Fonte:
[1] Pro REST API Development with Node.js, Fernando Doglio
[2] RESTful Java with JAX-RS, Bill Burke