Cookie and different data stored on the server session. Session is a client logs on to the server and log off time interval. Temporary directory data storage needs done in this session on the server.
A session with the session ID assigned to each client. Session data is stored in the top of the cookie, the server signatures to encryption. For this encryption, Flask application needs to define a SECRET_KEY.
Also contains a session object session variables and associated values of the dictionary object on the keys.
For example, to set the 'username' session variables, use the statement -
Session['username'] = 'admin'
To delete a session variable, use pop () method.
session.pop('username', None)
The following code is a simple demonstration of how Flask in session work. URL => '/' prompts the user to log in as a session variable username is not set.
@app.route('/')
def index():
if 'username' in session:
username = session['username']
return 'Logged in as ' + username + '
' + \
return "You are not logged in
" + \
When a user browses to the URL => '/ login', login () function to display the view, because it is obtained by calling the GET method, it opens a login form.
Fill in the form to resubmit URL => / login, session variables are now set. Application is redirected to the URL => /. Then find the session variables: username.
@app.route('/login', methods = ['GET', 'POST'])
def login():
if request.method == 'POST':
session['username'] = request.form['username']
return redirect(url_for('index'))
return '''
'''
The application also includes a logout () view function, it deletes the value 'username' session variables. Jump to URL again '/' Display start page.
@app.route('/logout')
def logout():
# remove the username from the session if it is there
session.pop('username', None)
return redirect(url_for('index'))
Run the application and access the home page (be sure to set the application secret_key).
from flask import Flask, session, redirect, url_for, escape, request
app = Flask(__name__)
app.secret_key = 'any random string’
Complete code is as follows -
from flask import Flask
from flask import render_template
from flask import request
from flask import make_response
from flask import Flask, session, redirect, url_for, escape, request
app = Flask(__name__)
app.secret_key = 'fkdjsafjdkfdlkjfadskjfadskljdsfklj'
@app.route('/')
def index():
if 'username' in session:
username = session['username']
return 'Login Username is:' + username + '
' + \
return "yet you are logged in,
" + \
@app.route('/login', methods = ['GET', 'POST'])
def login():
if request.method == 'POST':
session['username'] = request.form['username']
return redirect(url_for('index'))
return '''
'''
@app.route('/logout')
def logout():
# remove the username from the session if it is there
session.pop('username', None)
return redirect(url_for('index'))
if __name__ == '__main__':
app.run(debug = True)
The output is shown below. Click on the link "Click here to sign in."
This link will be directed to another interface. Enter 'admin'.
The screen displays the message "login user name is: admin". As follows -
(Editor: Leilin Peng Source: network intrusion deleted)