Menu
Consider the following simple flask app:
from flask import Flask, request, session
application = Flask(__name__)
application.secret_key = "some_random_string"
@application.route("/enter_string")
def start_session():
session["string"] = request.args["string"]
@application.route("/get_string")
def continue_session():
if "string" not in session:
return "Give me a string first!"
return "You entered " + session["string"]
if __name__ == "__main__":
application.debug = True
application.run()
Here are my questions:
session["string"], where is the string stored? Is it in the server's memory or the user's?
243
Sessions in Flask can be implemented in different ways. The default implementation is based on secure cookies (cookies that have a cryptographic signature that prevents tampering). Here are the answers to your questions for this implementation:
The string will be stored in a client-side cookie. Each time the browser sends a request to the server, the cookie will be sent along with it.
The client can destroy the session by deleting the cookie using Javascript. (The default name for the session cookie is session). The server can delete the session by removing all the items from it.
In the default implementation the cookie has an expiration date set 31 days in the future. This can be changed with the PERMANENT_SESSION_LIFETIME configuration setting.
As I mentioned above, Flask supports third party session handlers, so the above answer may not apply to other implementations. In particular, there are handlers that implement server-side sessions (such as Flask-Session or Flask-KVSession) that store the session data in the server instead of the client.
140
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
