Reputation: 1678
Can I create more session objects in Flask?
Basically what I want to do is to save some user-specific data, which I do not intend the user to be able to read.
This data should be stored for a week or so, but I can't use the session object, because I don't want to set session.permanent = True (I already use it to manage logins).
So basically I need a signed cookie, like session. Can I create an other instance of the session object somehow, or is there an easy way of making cookies signed?
Upvotes: 4
Views: 110
Answers (1)
Reputation: 1850
Cookies contents are up to you, it's more or less a key value store in your users' browsers with an expiration date.
Regarding the content, for your use case you can use any kind of symmetric encryption like Fernet for instance (available in the cryptography package, cf https://cryptography.io/en/latest/).
As far as I know, itsdangerous (from Flask author, cf http://pythonhosted.org/itsdangerous/) enables you to sign the content of a cookie, but it doesn't "encrypt" it (the user will still be able to see the content, but not modify it). itsdangerous is a Flask dependency btw.
Upvotes: 3
Related Questions
- Flask - Save session data in database like using cookies
- Using sessions in flask
- Constant Flask Session IDs
- Flask permanent session: where to define them?
- Python Flask: keeping track of user sessions? How to get Session Cookie ID?
- How to set session's limit in flask?
- flask-login reusable cookies
- Python flask session per user and their own object
- Flask: Set session variable from URL Param
- Flask client-side sessions