I am practicing site construction using flask, which is a web framework of python.
I have a question about session management.
1. 1. Where and how sessions are stored
2. For example, if you have two flask servers, is it possible to share a session between them?
3. 3. Is it possible for the user to peep into the contents of this session?
We would appreciate it if you could answer your question.
Answer # 1
Flask standard session management
All session variables are stored in the (user's) browser cookie.
Session information is not retained on the server side.
Multiple servers are the same
SECRET_KEYYou can share your session if you use.
Is possible. Session variables are included in the cookie as Base64-encoded JSON objects.Using Flask-Session
(If the data is large, it is JSON->zlib-compressed->Base64-encoded.)
As mentioned above, Flask standard session management is easy but not secure.
You can use Flask-Session to manage session variables on the server side.
(Updates have been stagnant since 2017, but as of 2020, I think we can still recommend it.)
Session variables can be saved in a file or DB by setting.
If each server can access the session information saved in (1), it can be shared.
Browser cookies do not contain session variables (contents).Manage session information yourself
This is a way to increase security without using Flask-Session above.
Do not store important information in session variables.
The information you want to save in the session
sessionManage by yourself without storing in. (Save in DB, etc.)
It also sets the handling of session cookies securely.
TrueSet to. (By default
TrueSet to. (Default is
Limit the sending of cookies to HTTPS. Must be an HTTPS site.
'Lax'Set to. (Default is
You can disallow sending cookies across cross-origins.
- i have a question about basic python problems
- python - what i don't understand about yolo9000 (v2)
- python - about write loop to csv
- about python argument and data definition
- python 3x - about downloading anaconda
- python - about the optimum angle of rotation matrix
- python - about downloading youtube videos by youtube-dl
- about processing to exclude the character string group specified from list in python
- about batch change of file name using python
- python, about the fire spread step of forest fire simulation
- about the python speedtest code
- about the implementation of combinations in python
- please tell me about the role of python tag = "mychr"
- about python def issues
- about the operation of python's speedtest module (library)
- pythonista - [python] questions about line splitting in dataframe
- about data plotting in python
- python - about hamiltonian neural networks
- python - about "" "of" "" select === = "" "
- [python3] inventory management system login and logout do not work
- how to publish a web app in python flask
- python - returns invalid_grant when trying to log in with discord using rauth
- how to make python, desktop app
- how to run a file in external storage in python
- python - i want to check the existence of files on an external server
- python - how to stream images processed by opencv in real time
- python - i want to distribute video in object storage with access restrictions fw uses flask i want to use flask as a proxy, but
- how to list image files in python and list them in html
- python - typeerror: first argument must be string or compiled pattern error occurs and html is not displayed and i am in trouble