SecureCookieSessionInterface
The default session interface that stores sessions in signed cookies through the :mod:itsdangerous module.
Attributes
| Attribute | Type | Description |
|---|---|---|
| salt | string = "cookie-session" | the salt that should be applied on top of the secret key for the signing of cookie based sessions. |
| digest_method | callable = staticmethod(_lazy_sha1) | the hash function to use for the signature. |
| key_derivation | string = "hmac" | the name of the itsdangerous supported key derivation. |
| serializer | object = session_json_serializer | A python serializer for the payload. |
| session_class | type = SecureCookieSession | The class used to create session objects, which must be a subclass of SecureCookieSession. |
Constructor
Signature
def SecureCookieSessionInterface()
Methods
get_signing_serializer()
@classmethod
def get_signing_serializer(
app: [Flask](../app/flask.md?sid=src_flask_app_flask)
) - > URLSafeTimedSerializer | None
Creates a serializer used to sign and verify session cookies using the application's secret keys and configured cryptographic settings.
Parameters
| Name | Type | Description |
|---|---|---|
| app | [Flask](../app/flask.md?sid=src_flask_app_flask) | The Flask application instance providing the secret keys and configuration for the serializer. |
Returns
| Type | Description |
|---|---|
| `URLSafeTimedSerializer | None` |
open_session()
@classmethod
def open_session(
app: [Flask](../app/flask.md?sid=src_flask_app_flask),
request: [Request](../wrappers/request.md?sid=src_flask_wrappers_request)
) - > SecureCookieSession | None
Retrieves and decrypts the session data from the request's signed cookie, returning a new session object if the cookie is missing or invalid.
Parameters
| Name | Type | Description |
|---|---|---|
| app | [Flask](../app/flask.md?sid=src_flask_app_flask) | The Flask application instance used to access session lifetime settings and the signing serializer. |
| request | [Request](../wrappers/request.md?sid=src_flask_wrappers_request) | The incoming request object containing the cookies to be parsed. |
Returns
| Type | Description |
|---|---|
| `SecureCookieSession | None` |
save_session()
@classmethod
def save_session(
app: [Flask](../app/flask.md?sid=src_flask_app_flask),
session: [SessionMixin](sessionmixin.md?sid=src_flask_sessions_sessionmixin),
response: [Response](../wrappers/response.md?sid=src_flask_wrappers_response)
) - > None
Saves the session data back to a signed cookie in the response, or deletes the cookie if the session has been emptied.
Parameters
| Name | Type | Description |
|---|---|---|
| app | [Flask](../app/flask.md?sid=src_flask_app_flask) | The Flask application instance used to determine cookie attributes like domain, path, and security flags. |
| session | [SessionMixin](sessionmixin.md?sid=src_flask_sessions_sessionmixin) | The session object containing the data to be persisted or cleared. |
| response | [Response](../wrappers/response.md?sid=src_flask_wrappers_response) | The outgoing response object where the session cookie or deletion header will be set. |
Returns
| Type | Description |
|---|---|
None | null |