[Flask] Session question
Ford
ford.anthonyj at gmail.com
Thu Apr 16 22:49:31 EDT 2020
Flask uses cryptographically signed cookies, which prevents the user from
being able to modify the cookies. It would however be ill-advised to store
any personally identifiable information or anything critical.
There are server-side options available as extensions, such as
Flask-Session (https://pythonhosted.org/Flask-Session/,
https://hackersandslackers.com/managing-user-session-variables-with-flask-sessions-and-redis/),
and Flask-Sessionstore (https://flask-sessionstore.readthedocs.io/en/latest/
).
Anthony Ford
On Thu, Apr 16, 2020 at 9:18 PM Richard Hector <richard at walnut.gen.nz>
wrote:
> Hi all, I hope this is the right place to ask.
>
> I've been doing the Flask Mega Tutorial.
>
> It appears that sessions are stored in a cookie/cookies in the browser,
> rather than just setting a random session id and storing in the database
> or whatever. I was under the impression (though I'm a web development
> newbie) that this wasn't considered best practice. Is there a way to
> change this behaviour, to store the session info server-side instead?
>
> Thanks,
> Richard
> _______________________________________________
> Flask mailing list
> Flask at python.org
> https://mail.python.org/mailman/listinfo/flask
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/flask/attachments/20200416/bc4cfbdb/attachment.html>
More information about the Flask
mailing list