Clean server-side session files - Flask-Session using filesystem

Asked 18/12, 2018 at 22:16 Answered 12/7, 2023 at 6:32

Solved python session flask server-side flask-session

I chose to use a server-side session management with Flask using Flask-Session.

I store the data using filesystem and as expected, these files are stored under a /flask_session folder in my config directory.

Here is how I set this up in my __init__.py

# __init__.py

from flask_session import Session

[...]

app.config['SESSION_TYPE'] = 'filesystem'
app.config['SECRET_KEY'] = config.SECRET_KEY
sess = Session()
sess.init_app(app)

As expected, session files generated & stored under /flask_session

▾ flask_session/
        1695e5cbf9b4edbbbb82a8ef1fad89ae
        192761f7ce8e3cbf3ca11665133b7794
        2029240f6d1128be89ddc32729463129
        ...

Question is: Are these files automatically removed by flask_session after a specific amount of time (ie. as the session stored client-side)? If yes, is it possible to decrease/increase this timing?

Frondescence answered 18/12, 2018 at 22:16 Comment(2)

did you try to set PERMANENT_SESSION_LIFETIME? – Kerwinn 19/12, 2018 at 14:32

Thanks @DanilaGanchar, indeed config for Flask-Session are the same builtin config than in Flask itself (related to session). – Frondescence 19/12, 2018 at 14:45

As Danila Ganchar commented, using PERMANENT_SESSION_LIFETIME allows to control the session expiration time.

Flask-Session use the same builtin config than Flask itself (related to session). From Flask-Session doc:

The following configuration values are builtin configuration values within Flask itself that are related to session. They are all understood by Flask-Session, for example, you should use PERMANENT_SESSION_LIFETIME to control your session lifetime.

Example:

# __init__.py

from flask_session import Session
from datetime import timedelta

app.config['SESSION_PERMANENT'] = True
app.config['SESSION_TYPE'] = 'filesystem'
app.config['PERMANENT_SESSION_LIFETIME'] = timedelta(hours=5)

# The maximum number of items the session stores 
# before it starts deleting some, default 500
app.config['SESSION_FILE_THRESHOLD'] = 100  

app.config['SECRET_KEY'] = config.SECRET_KEY
sess = Session()
sess.init_app(app)

Frondescence answered 19/12, 2018 at 14:50 Comment(0)

You will notice I import Session from flask_session.init Also I just call Session(app) I do not use sess.init_app(app)

#!/usr/bin/python
# -*- coding: utf-8 -*-

from __future__ import annotations

from datetime import timedelta
from flask import Flask
from flask_session.__init__ import Session


app = Flask(__name__)
app.config['SERVER_NAME'] = "www.mslscript.com"
app.secret_key = config.secret
app.config["SESSION_PERMANENT"] = True
app.config["SESSION_TYPE"] = "filesystem"
app.config['SESSION_FILE_THRESHOLD'] = 250
app.config['PERMANENT_SESSION_LIFETIME'] = timedelta(hours=10)

Session(app)

from website.views import views
from website.auth import auth
app.register_blueprint(views, url_prefix='/')
app.register_blueprint(auth, url_prefix='/')

Shaft answered 12/7, 2023 at 6:32 Comment(0)

Recommended topics

Hot tags