flask-session2 1.3.1

Adds server-side session support to your Flask application

Adds support for Server-side Session to your Flask application.

Installation

Install the extension with the following command::

pip install Flask-Session2

Quickstart

Flask-Session is really easy to use.

Basically for the common use of having one Flask application all you have to do is to create your Flask application, load the configuration of choice and then create the Session object by passing it the application.

The Session instance is not used for direct access, you should always use flask.session:

from flask import Flask, session
from flask_session import Session

app = Flask(__name__)
# Check Configuration section for more details
SESSION_TYPE = 'redis'
app.config.from_object(__name__)
Session(app)

@app.route('/set/')
def set():
    session['key'] = 'value'
    return 'ok'

@app.route('/get/')
def get():
    return session.get('key', 'not set')

You may also set up your application later using Session.init_app method:

sess = Session()
sess.init_app(app)

Configuration

The following configuration values exist for Flask-Session. Flask-Session loads these values from your Flask application config, so you should configure your app first before you pass it to Flask-Session. Note that these values cannot be modified after the init_app was applied so make sure to not modify them at runtime.

We are not supplying something like SESSION_REDIS_HOST and SESSION_REDIS_PORT, if you want to use the RedisSessionInterface, you should configure SESSION_REDIS to your own redis.Redis instance. This gives you more flexibility, like maybe you want to use the same redis.Redis instance for cache purpose too, then you do not need to keep two redis.Redis instance in the same process.

The following configuration values are builtin configuration values within Flask itself that are related to session. They are all understood by Flask-Session, for example, you should use PERMANENT_SESSION_LIFETIME to control your session lifetime.

Name	Description
SESSION_COOKIE_NAME	the name of the session cookie
SESSION_COOKIE_DOMAIN	the domain for the session cookie. If this is not set, the cookie will be valid for all subdomains of SERVER_NAME.
SESSION_COOKIE_PATH	the path for the session cookie. If this is not set the cookie will be valid for all of APPLICATION_ROOT or if that is not set for '/'.
SESSION_COOKIE_HTTPONLY	controls if the cookie should be set with the httponly flag. Defaults to True.
SESSION_COOKIE_SECURE	controls if the cookie should be set with the secure flag. Defaults to False.
PERMANENT_SESSION_LIFETIME	the lifetime of a permanent session as :class:datetime.timedelta object. Starting with Flask 0.8 this can also be an integer representing seconds.

A list of configuration keys also understood by the extension:

Name	Description
SESSION_TYPE	Specifies which type of session interface to use. Built-in session types: - null: NullSessionInterface (default) - redis: RedisSessionInterface - memcached: MemcachedSessionInterface - filesystem: FileSystemSessionInterface - mongodb: MongoDBSessionInterface - sqlalchemy: SqlAlchemySessionInterface - elasticsearch: ElasticsearchSessionInterface - datastore: GoogleCloudDatastoreSessionInterface - firestore: GoogleFireStoreSessionInterface - peewee: PeeweeSessionInterface - dynamodb: DynamoDBSessionInterface
SESSION_PERMANENT	Whether use permanent session or not, default to be True
SESSION_USE_SIGNER	Whether sign the session cookie sid or not, if set to True, you have to set :attr:flask.Flask.secret_key, default to be False
SESSION_KEY_PREFIX	A prefix that is added before all session keys. This makes it possible to use the same backend storage server for different apps, default "session:"

Basically you only need to configure SESSION_TYPE.

By default, all non-null sessions in Flask-Session are permanent.

Built-in Session Interfaces

NullSessionInterface

If you do not configure a different SESSION_TYPE, this will be used to generate nicer error messages. Will allow read-only access to the empty session but fail on setting.

RedisSessionInterface

Uses the Redis key-value store as a session backend. (redis-py required)

Name	Description
SESSION_REDIS	A redis.Redis instance, default connect to 127.0.0.1:6379

MemcachedSessionInterface

Uses the Memcached as a session backend. (pymemecache required)

Name	Description
SESSION_MEMCACHED	A memcache.Client instance, default connect to 127.0.0.1:11211

FileSystemSessionInterface

Uses the cachelib.file.FileSystemCache as a session backend.

Name	Description
SESSION_FILE_DIR	The directory where session files are stored. Default to use flask_session directory under current working directory.
SESSION_FILE_THRESHOLD	The maximum number of items the session stores before it starts deleting some, default 500
SESSION_FILE_MODE	The file mode wanted for the session files, default 0600

MongoDBSessionInterface

Uses the MongoDB as a session backend. (pymongo required)

Name	Description
SESSION_MONGODB	A pymongo.MongoClient instance, default connect to 127.0.0.1:27017
SESSION_MONGODB_DB	The MongoDB database you want to use, default "flask_session"
SESSION_MONGODB_COLLECT	The MongoDB collection you want to use, default "sessions"

SqlAlchemySessionInterface

Uses SQLAlchemy as a session backend. (Flask-SQLAlchemy required)

Name	Description
SESSION_SQLALCHEMY	A flask_sqlalchemy.SQLAlchemy instance whose database connection URI is configured using the SQLALCHEMY_DATABASE_URI parameter
SESSION_SQLALCHEMY_TABLE	The name of the SQL table you want to use, default "sessions"
SESSION_AUTODELETE	Auto remove old sessions from database

ElasticsearchSessionInterface

Uses elasticsearch as a session backend. (elasticsearch required)

• SESSION_ELASTICSEARCH
• SESSION_ELASTICSEARCH_HOST
• SESSION_ELASTICSEARCH_INDEX

GoogleCloudDatastoreSessionInterface

Uses Google Cloud Datastore as a session backend. (google-cloud-datastore required)

• GCLOUD_APP_PROJECT_ID

GoogleFireStoreSessionInterface

Uses Google Firebase as a session backend. (google-cloud-firestore required)

• SESSION_FIRESTORE
• SESSION_FIRESTORE_COLLECT

PeeweeSessionInterface

Uses Peewee as a session backend. (peewee required)

• SESSION_PEEWEE_TABLE
• SESSION_PEEWEE_CONFIG

DynamoDBSessionInterface

Uses DynamoDB as a session backend. (boto3 required)

Name	Description
SESSION_DYNAMODB	A boto3.Session instance, default creates an instance with credentials in environment variables or in the local aws config.
SESSION_DYNAMODB_KEY_ID	The AWS key id for connecting to Dynamo. Uses environment variable or local config if not set.
SESSION_DYNAMODB_ENDPOINT	The AWS DynamoDB endpoint_url. Default is none, primarily used for local DynamoDB config.
SESSION_DYNAMODB_SECRET	The AWS secret access key for connecting to Dynamo. Uses environment variable or local config if not set.
SESSION_DYNAMODB_REGION	The region where the dynamodb table is located. Uses environment variable or the local config if not set.
SESSION_DYNAMODB_TABLE	The name of the table in DyanmoDB to store session data. Default is "sessions".

Credits

This project is a fork of flask-session, created by Shipeng Feng.

Contributors

Thanks for many who have contributed to this project. Submit a PR if you have contributed and your name is missing.

• sulantha2006 | Google Cloud Firestore session backend
• bsmar, Nilkree, km445, PavelTsaritsynKS, PetruninAleksey | Peewee session backend
• JimBroad | DynamoDB session backend
• bieli | Custom session backend
• jesserobles | Elasticsearch session backend
• ghost | Google Datastore session backend
• PjrCodes
• treycucco
• tassaron
• rsyring
• Junzki
• gdoumenc
• twolfson
• splbio
• moskitos80
• h4ck3rm1k3
• grutz
• zebpalmer
• knivre
• funoverip
• isopropanol
• ronsmith
• marcuspen
• lucassus
• loukash
• najamansari
• brunokim
• Ricky-Hao
• slastrina
• Kolarovski
• wangsha
• christopherpickering