Skip to main content

Transparent server-side session support for flask

Project description

Flask-KVSession is a drop-in replacement for Flask’s signed cookie-based session management. Instead of storing data on the client, only a securely generated ID is stored on the client, while the actual session data resides on the server.

This has two major advantages:

  • Clients no longer see the session information
  • It is possible to securely destroy sessions. Even if the session cookie is stolen, it is no longer possible to use the session.

Other things are possible with server side session that are impossible with clients side sessions, like inspecting and manipulating data in absence of the client. The drawback is that sessions need to be stored. Flask-KVSession uses the simplekv-package for storing session data on a variety of backends.

Integration with Flask is seamless, once the extension is loaded for a Flask application, it transparently replaces (or rather, extends) Flask’s own Session class for this instance. Any application working with sessions should work the same with Flask-KVSession.

Documentation

Flask-KVSessions includes good unit test coverage. See also:

License

Flask-KVSession is MIT-licensed.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for Flask-KVSession, version 0.3.1
Filename, size File type Python version Upload date Hashes
Filename, size Flask-KVSession-0.3.1.tar.gz (39.8 kB) File type Source Python version None Upload date Hashes View

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor NVIDIA NVIDIA PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page