Menu
I have recently started learning Python. I am currently trying to build a simple Web Application that requires a login to access some paths.
I understand that this can be achieved by using something like session['user']=user_id in Flask.
Can somebody help me with how exactly this works? Like where does Flask store the sessions if not in the database table?
664
The Session data is stored on top of cookies and the server signs them cryptographically. For this encryption, a Flask application needs a defined SECRET_KEY. Session object is also a dictionary object containing key-value pairs of session variables and associated values. To release a session variable use pop() method.
How are sessions implemented in Flask? In order to store data across multiple requests, Flask utilizes cryptographically-signed cookies (stored on the web browser) to store the data for a session. This cookie is sent with each request to the Flask app on the server-side where it's decoded.
Flask uses the client-side approach. Pros: Validating and creating sessions is fast (no data storage) Easy to scale (no need to replicate session data across web servers)
It stores it in a cookie on the client side. From the official documentation:
This is implemented on top of cookies for you and signs the cookies cryptographically. What this means is that the user could look at the contents of your cookie but not modify it, unless they know the secret key used for signing.
If you need server-side session store, there is an extension called Flask-Sessionstore that lets you choose the method of storage, including server-side DBs.
118
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
