class documentation
class SecureCookieSessionInterface(SessionInterface): (source)
The default session interface that stores sessions in signed cookies through the :mod:`itsdangerous` module.
Method | get |
Undocumented |
Method | open |
This is called at the beginning of each request, after pushing the request context, before matching the URL. |
Method | save |
This is called at the end of each request, after generating a response, before removing the request context. It is skipped if :meth:`is_null_session` returns ``True``. |
Class Variable | digest |
Undocumented |
Class Variable | key |
Undocumented |
Class Variable | salt |
Undocumented |
Inherited from SessionInterface
:
Method | get |
Returns the domain that should be set for the session cookie. |
Method | get |
Returns True if the session cookie should be httponly. This currently just returns the value of the ``SESSION_COOKIE_HTTPONLY`` config var. |
Method | get |
The name of the session cookie. Uses``app.config["SESSION_COOKIE_NAME"]``. |
Method | get |
Returns the path for which the cookie should be valid. The default implementation uses the value from the ``SESSION_COOKIE_PATH`` config var if it's set, and falls back to ``APPLICATION_ROOT`` or uses ``/`` if it's ``None``. |
Method | get |
Return ``'Strict'`` or ``'Lax'`` if the cookie should use the ``SameSite`` attribute. This currently just returns the value of the :data:`SESSION_COOKIE_SAMESITE` setting. |
Method | get |
Returns True if the cookie should be secure. This currently just returns the value of the ``SESSION_COOKIE_SECURE`` setting. |
Method | get |
A helper method that returns an expiration date for the session or ``None`` if the session is linked to the browser session. The default implementation returns now + the permanent session lifetime configured on the application. |
Method | is |
Checks if a given object is a null session. Null sessions are not asked to be saved. |
Method | make |
Creates a null session which acts as a replacement object if the real session support could not be loaded due to a configuration error. This mainly aids the user experience because the job of the null session is to still support lookup without complaining but modifications are answered with a helpful error message of what failed. |
Method | should |
Used by session backends to determine if a ``Set-Cookie`` header should be set for this session cookie for this response. If the session has been modified, the cookie is set. If the session is permanent and the ``SESSION_REFRESH_EACH_REQUEST`` config is true, the cookie is always set. |
Class Variable | pickle |
Undocumented |
This is called at the beginning of each request, after pushing the request context, before matching the URL. This must return an object which implements a dictionary-like interface as well as the :class:`SessionMixin` interface. This will return ``None`` to indicate that loading failed in some way that is not immediately an error. The request context will fall back to using :meth:`make_null_session` in this case.