Flask Session
In the session, the data is saved on the server. It can be determined as a time interval in which the client accesses the server until the user logs off. The data between them is stored in a temporary folder on the server. Each user is assigned a specific session ID. The Session object is a dictionary that contains the key-value pair of variables associated with the session. A SECRET_KEY is used to store encrypted data in the cookie.
The concept of session is very similar to that of a cookie. However, session data is stored on the server.
The session can be defined as the duration during which a user log in into the server and disconnects. The data used to track this session is stored in the temporary directory of the server.
Session data is stored on top of cookies, and the server cryptographically signs.
The syntax which is used to set the session variable to a specific value on the server are given below:-
For example:
Session[key] = value // stores the session value
To remove a session variable, use the pop() method on the session object and mention the variable to be removed.
Session.pop(key, None) // releases a session variable
Let's see a simple example to understand how we can set and get the session variable.
Session.py
from flask import * app = Flask(__name__) app.secret_key = "abc" @app.route('/') def home(): res = make_response("<h4>session variable is set, <a href='/get'>Get Variable</a></h4>") session['response']='session#1' return res; @app.route('/get') def getVariable(): if 'response' in session: s = session['response']; return render_template('getsession.html',name = s) if __name__ == '__main__': app.run(debug = True)
getsession1.html
<html> <head> <title>getting the session</title> </head> <body> <p>now session is set with value: <strong>{{name}}</strong></p> </body> </html>
Now run the Session.py file
Now click on the get variable.
Login Application in the flask using Session
Now let's create a login application in a flask where a home page is shown to the user as given below
Now write the following code in their specified files as given below
Loginpage.py
from flask import * app = Flask(__name__) app.secret_key = "ayush" @app.route('/') def home(): return render_template("homepage2.html") @app.route('/login') def login(): return render_template("loginpage3.html") @app.route('/success',methods = ["POST"]) def success(): if request.method == "POST": session['email']=request.form['email'] return render_template('success3.html') @app.route('/logout') def logout(): if 'email' in session: session.pop('email',None) return render_template('logoutpage2.html'); else: return '<p>user already logged out</p>' @app.route('/profile') def profile(): if 'email' in session: email = session['email'] return render_template('profile.html',name=email) else: return '<p>Please login first</p>' if __name__ == '__main__': app.run(debug = True)
homepage2.html
<html> <head> <title>home</title> </head> <body> <h3>Welcome to the website</h3> <a href = "/login">login</a><br> <a href = "/profile">view profile</a><br> <a href = "/logout">Log out</a><br> </body> </html>
Loginpage3.html
<html> <head> <title>login</title> </head> <body> <form method = "post" action = "http://localhost:5000/success"> <table> <tr><td>Email</td><td><input type = 'email' name = 'email'></td></tr> <tr><td>Password</td><td><input type = 'password' name = 'pass'></td></tr> <tr><td><input type = "submit" value = "Submit"></td></tr> </table> </form> </body> </html>
Success.html
<html> <head> <title>success</title> </head> <body> <h2>Login successful</h2> <a href="/profile">View Profile</a> </body> </html>
Logoutpage2.html
<html> <head> <title>logout</title> </head> <body> <p>logout successful, click <a href="/login">here</a> to login again</p> </body> </html>
Now lets run the loginpage1.py file from cmd as shown below
Now click on the login button, if you directly click on the view profile then it may show some warning as shown below
Now click on the login button.
Now click on the submit button as shown.
Now click on the view profile button.