0
0
Flaskframework~20 mins

Secret key configuration in Flask - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Challenge - 5 Problems
🎖️
Secret Key Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
component_behavior
intermediate
2:00remaining
What happens if Flask app's secret key is not set?

Consider a Flask app where the secret_key is not configured. What will happen when you try to use sessions?

Flask
from flask import Flask, session
app = Flask(__name__)

@app.route('/')
def index():
    session['user'] = 'Alice'
    return 'Session set!'

if __name__ == '__main__':
    app.run()
AFlask will raise a RuntimeError complaining about missing secret key.
BThe session data will be stored securely and encrypted.
CSession data will be stored but not encrypted, causing a warning.
DThe app will crash immediately on startup.
Attempts:
2 left
💡 Hint

Think about what Flask requires to sign session cookies.

📝 Syntax
intermediate
1:30remaining
Which code correctly sets a secret key in Flask?

Choose the correct way to set a secret key for a Flask app.

Flask
from flask import Flask
app = Flask(__name__)

# Set secret key here
Aapp.config['SECRET_KEY'] = 'mysecret'
Bapp.secret_key = 'mysecret'
Capp.set_secret_key('mysecret')
Dapp.secretKey = 'mysecret'
Attempts:
2 left
💡 Hint

Flask configuration keys are usually uppercase strings.

state_output
advanced
2:30remaining
What is the output when secret key changes between requests?

Given a Flask app that sets a new random secret key on every request, what happens to the session data?

Flask
from flask import Flask, session
import os

app = Flask(__name__)

@app.before_request
def set_key():
    app.config['SECRET_KEY'] = os.urandom(16)

@app.route('/')
def index():
    session['count'] = session.get('count', 0) + 1
    return f"Count: {session['count']}"

if __name__ == '__main__':
    app.run()
AThe count will increment on each refresh as expected.
BThe count will reset to 1 on every request.
CFlask will raise an error about changing secret key during request.
DThe session will persist but with corrupted data.
Attempts:
2 left
💡 Hint

Think about how Flask uses the secret key to sign session cookies.

🔧 Debug
advanced
2:30remaining
Why does this Flask app's session data not persist?

Review the code below. The session data does not persist between requests. What is the cause?

Flask
from flask import Flask, session
app = Flask(__name__)

app.config['SECRET_KEY'] = 'abc123'

@app.route('/')
def index():
    session['visits'] = session.get('visits', 0) + 1
    return f"Visits: {session['visits']}"

if __name__ == '__main__':
    app.run(debug=True, use_reloader=True)
AThe app is running with debug and use_reloader, causing the secret key to reset.
BSession data requires a database backend configured.
CThe session key must be set inside the route function.
DThe secret key is too short and Flask ignores it.
Attempts:
2 left
💡 Hint

Consider what happens when Flask reloads the app in debug mode.

🧠 Conceptual
expert
2:00remaining
Why should Flask's secret key be kept secret and unpredictable?

Choose the best explanation for why Flask's SECRET_KEY must be kept secret and hard to guess.

ABecause it encrypts all data sent to the client, preventing snooping.
BBecause it controls the Flask app's debug mode and error messages.
CBecause it is used to hash passwords stored in the database.
DBecause it signs session cookies to prevent tampering and impersonation.
Attempts:
2 left
💡 Hint

Think about what the secret key is used for in Flask sessions.