API#

Anything documented here is part of the public API that Flask-Session provides, unless otherwise indicated. Anything not documented here is considered internal or private and may change at any time.

class flask_session.Session(app=None)#

This class is used to add Server-side Session to one or more Flask applications.

Parameters:

app – A Flask app instance.

For a typical setup use the following initialization:

app = Flask(__name__)
Session(app)

Note

You can not use Session instance directly, what Session does is just change the session_interface attribute on your Flask applications. You should always use flask.session.

init_app(app)#

This the the alternate setup method, typically used in an application factory pattern:

sess = Session()

def create_app():
    app = Flask(__name__)
    sess.init_app(app)
    return app
Parameters:

app – the Flask app object with proper configuration.

class flask_session.base.ServerSideSession(initial: Dict[str, Any] | None = None, sid: str | None = None, permanent: bool | None = None)#

Baseclass for server-side based sessions. This can be accessed through flask.session.

sid#

Session id, internally we use secrets.token_urlsafe() to generate one session id.

modified#

When data is changed, this is set to True. Only the session dictionary itself is tracked; if the session contains mutable data (for example a nested dict) then this must be set to True manually when modifying that data. The session cookie will only be written to the response if this is True.

accessed#

When data is read (or attempted read) or written, this is set to True. Used by ServerSideSessionInterface to add a Vary: Cookie header, which allows caching proxies to cache different pages for different users.

Default is False.

permanent#

This sets and reflects the '_permanent' key in the dict.

Default is False.

class flask_session.base.ServerSideSessionInterface(app: Flask, key_prefix: str = 'session:', use_signer: bool = False, permanent: bool = True, sid_length: int = 32, serialization_format: str = 'msgpack', cleanup_n_requests: int | None = None)#

Used to open a flask.sessions.ServerSideSessionInterface instance.

regenerate(session: ServerSideSession) None#

Regenerate the session id for the given session. Can be used by calling flask.session_interface.regenerate().

class flask_session.redis.RedisSessionInterface(app: Flask, client: Redis | None = None, key_prefix: str = 'session:', use_signer: bool = False, permanent: bool = True, sid_length: int = 32, serialization_format: str = 'msgpack')#

Uses the Redis key-value store as a session storage. (redis-py required)

Parameters:

  • client – A redis.Redis instance.

  • key_prefix – A prefix that is added to all storage keys.

  • use_signer – Whether to sign the session id cookie or not.

  • permanent – Whether to use permanent session or not.

  • sid_length – The length of the generated session id in bytes.

  • serialization_format – The serialization format to use for the session data.

New in version 0.7: The serialization_format and app parameters were added.

New in version 0.6: The sid_length parameter was added.

New in version 0.2: The use_signer parameter was added.

class flask_session.memcached.MemcachedSessionInterface(app: Flask, client: MemcacheClientProtocol | None = None, key_prefix: str = 'session:', use_signer: bool = False, permanent: bool = True, sid_length: int = 32, serialization_format: str = 'msgpack')#

A Session interface that uses memcached as session storage. (pylibmc, libmc, python-memcached or pymemcache required)

Parameters:

  • client – A memcache.Client instance.

  • key_prefix – A prefix that is added to all storage keys.

  • use_signer – Whether to sign the session id cookie or not.

  • permanent – Whether to use permanent session or not.

  • sid_length – The length of the generated session id in bytes.

  • serialization_format – The serialization format to use for the session data.

New in version 0.7: The serialization_format and app parameters were added.

New in version 0.6: The sid_length parameter was added.

New in version 0.2: The use_signer parameter was added.

class flask_session.filesystem.FileSystemSessionInterface(app: Flask, key_prefix: str = 'session:', use_signer: bool = False, permanent: bool = True, sid_length: int = 32, serialization_format: str = 'msgpack', cache_dir: str = '/home/docs/checkouts/readthedocs.org/user_builds/flask-session/checkouts/latest/docs/flask_session', threshold: int = 500, mode: int = 384)#

Uses the cachelib.file.FileSystemCache as a session storage.

Parameters:

  • key_prefix – A prefix that is added to storage keys.

  • use_signer – Whether to sign the session id cookie or not.

  • permanent – Whether to use permanent session or not.

  • sid_length – The length of the generated session id in bytes.

  • serialization_format – The serialization format to use for the session data.

  • cache_dir – the directory where session files are stored.

  • threshold – the maximum number of items the session stores before it

  • mode – the file mode wanted for the session files, default 0600

New in version 0.7: The serialization_format and app parameters were added.

New in version 0.6: The sid_length parameter was added.

New in version 0.2: The use_signer parameter was added.

class flask_session.cachelib.CacheLibSessionInterface(app: Flask = None, client: FileSystemCache | None = None, key_prefix: str = 'session:', use_signer: bool = False, permanent: bool = True, sid_length: int = 32, serialization_format: str = 'msgpack')#

Uses any cachelib backend as a session storage.

Parameters:

  • client – A cachelib backend instance.

  • key_prefix – A prefix that is added to storage keys.

  • use_signer – Whether to sign the session id cookie or not.

  • permanent – Whether to use permanent session or not.

  • sid_length – The length of the generated session id in bytes.

  • serialization_format – The serialization format to use for the session data.

class flask_session.mongodb.MongoDBSessionInterface(app: Flask, client: MongoClient | None = None, key_prefix: str = 'session:', use_signer: bool = False, permanent: bool = True, sid_length: int = 32, serialization_format: str = 'msgpack', db: str = 'flask_session', collection: str = 'sessions')#

A Session interface that uses mongodb as session storage. (pymongo required)

Parameters:

  • client – A pymongo.MongoClient instance.

  • key_prefix – A prefix that is added to all storage keys.

  • use_signer – Whether to sign the session id cookie or not.

  • permanent – Whether to use permanent session or not.

  • sid_length – The length of the generated session id in bytes.

  • serialization_format – The serialization format to use for the session data.

  • db – The database to use.

  • collection – The collection to use.

New in version 0.7: The serialization_format and app parameters were added.

New in version 0.6: The sid_length parameter was added.

New in version 0.2: The use_signer parameter was added.

class flask_session.sqlalchemy.SqlAlchemySessionInterface(app: Flask | None, client: SQLAlchemy | None = None, key_prefix: str = 'session:', use_signer: bool = False, permanent: bool = True, sid_length: int = 32, serialization_format: str = 'msgpack', table: str = 'sessions', sequence: str | None = None, schema: str | None = None, bind_key: str | None = None, cleanup_n_requests: int | None = None)#

Uses the Flask-SQLAlchemy from a flask app as session storage.

Parameters:

  • app – A Flask app instance.

  • client – A Flask-SQLAlchemy instance.

  • key_prefix – A prefix that is added to all storage keys.

  • use_signer – Whether to sign the session id cookie or not.

  • permanent – Whether to use permanent session or not.

  • sid_length – The length of the generated session id in bytes.

  • serialization_format – The serialization format to use for the session data.

  • table – The table name you want to use.

  • sequence – The sequence to use for the primary key if needed.

  • schema – The db schema to use.

  • bind_key – The db bind key to use.

  • cleanup_n_requests – Delete expired sessions on average every N requests.

New in version 0.7: db changed to client to be standard on all session interfaces. The cleanup_n_request parameter was added.

New in version 0.6: The sid_length, sequence, schema and bind_key parameters were added.

New in version 0.2: The use_signer parameter was added.

class flask_session.dynamodb.DynamoDBSessionInterface(app: Flask, client: DynamoDBServiceResource | None = None, key_prefix: str = 'session:', use_signer: bool = False, permanent: bool = True, sid_length: int = 32, serialization_format: str = 'msgpack', table_name: str = 'Sessions')#

A Session interface that uses dynamodb as backend. (boto3 required)

Parameters:

  • client – A DynamoDBServiceResource instance.

  • key_prefix – A prefix that is added to all DynamoDB store keys.

  • use_signer – Whether to sign the session id cookie or not.

  • permanent – Whether to use permanent session or not.

  • sid_length – The length of the generated session id in bytes.

  • table_name – DynamoDB table name to store the session.

New in version 0.6: The sid_length parameter was added.

New in version 0.2: The use_signer parameter was added.