Menu
I chose to use a server-side session management with Flask using Flask-Session.
I store the data using filesystem and as expected, these files are stored under a /flask_session folder in my config directory.
Here is how I set this up in my __init__.py
# __init__.py
from flask_session import Session
[...]
app.config['SESSION_TYPE'] = 'filesystem'
app.config['SECRET_KEY'] = config.SECRET_KEY
sess = Session()
sess.init_app(app)
As expected, session files generated & stored under /flask_session
▾ flask_session/
1695e5cbf9b4edbbbb82a8ef1fad89ae
192761f7ce8e3cbf3ca11665133b7794
2029240f6d1128be89ddc32729463129
...
Question is: Are these files automatically removed by flask_session after a specific amount of time (ie. as the session stored client-side)? If yes, is it possible to decrease/increase this timing?
870
There is no way to clear session or anything. One must simply change the app. config["SECRET_KEY"] and the contents in session dictionary will get erased.
Flask-Session is an extension for Flask that supports Server-side Session to your application. The Session is the time between the client logs in to the server and logs out of the server. The data that is required to be saved in the Session is stored in a temporary directory on the server.
Flask – Sessions A session with each client is assigned a Session ID. The Session data is stored on top of cookies and the server signs them cryptographically. For this encryption, a Flask application needs a defined SECRET_KEY.
Flask uses the client-side approach. Pros: Validating and creating sessions is fast (no data storage) Easy to scale (no need to replicate session data across web servers)
As Danila Ganchar commented, using PERMANENT_SESSION_LIFETIME allows to control the session expiration time.
Flask-Session use the same builtin config than Flask itself (related to session). From Flask-Session doc:
The following configuration values are builtin configuration values within Flask itself that are related to session. They are all understood by Flask-Session, for example, you should use PERMANENT_SESSION_LIFETIME to control your session lifetime.
Example:
# __init__.py
from flask_session import Session
from datetime import timedelta
app.config['SESSION_PERMANENT'] = True
app.config['SESSION_TYPE'] = 'filesystem'
app.config['PERMANENT_SESSION_LIFETIME'] = timedelta(hours=5)
# The maximum number of items the session stores
# before it starts deleting some, default 500
app.config['SESSION_FILE_THRESHOLD'] = 100
app.config['SECRET_KEY'] = config.SECRET_KEY
sess = Session()
sess.init_app(app)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With