0
0
FlaskHow-ToBeginner · 4 min read

How to Use Server Side Session in Flask: Simple Guide

To use server side sessions in Flask, install and configure the Flask-Session extension, which stores session data on the server instead of cookies. Set SESSION_TYPE in your app config to choose storage like filesystem or Redis, then use session as usual to store data securely on the server.
📐

Syntax

Using server side sessions in Flask requires the Flask-Session extension. You configure your Flask app with a SESSION_TYPE to specify where session data is stored on the server. Common types include filesystem, redis, or memcached. Then you initialize Session(app) to enable server side sessions.

The session object works like a dictionary to store user data during requests.

python
from flask import Flask, session
from flask_session import Session

app = Flask(__name__)
app.config['SECRET_KEY'] = 'your_secret_key'
app.config['SESSION_TYPE'] = 'filesystem'  # Store sessions in server filesystem

Session(app)  # Initialize server side session

@app.route('/')
def index():
    session['username'] = 'Alice'  # Store data in session
    return f"Hello, {session.get('username')}!"
💻

Example

This example shows a Flask app using Flask-Session to store session data on the server filesystem. It saves a username in the session and retrieves it on the homepage.

python
from flask import Flask, session
from flask_session import Session

app = Flask(__name__)
app.config['SECRET_KEY'] = 'supersecretkey'
app.config['SESSION_TYPE'] = 'filesystem'

Session(app)

@app.route('/')
def index():
    if 'username' not in session:
        session['username'] = 'Alice'
    return f"Logged in as {session['username']}"

if __name__ == '__main__':
    app.run(debug=True)
Output
Running the app and visiting http://localhost:5000/ shows: Logged in as Alice
⚠️

Common Pitfalls

  • Not setting SECRET_KEY causes session errors or insecure sessions.
  • Forgetting to initialize Session(app) means sessions stay client-side (cookies only).
  • Using SESSION_TYPE='null' disables server side sessions.
  • Not installing Flask-Session package will cause import errors.
  • Storing large data in sessions can slow your app; keep session data small.
python
from flask import Flask, session

app = Flask(__name__)
# Missing SECRET_KEY and Session initialization

@app.route('/')
def index():
    session['user'] = 'Bob'  # This will fail or store client-side only
    return 'Hello'

# Correct way:
from flask_session import Session
app.config['SECRET_KEY'] = 'key'
app.config['SESSION_TYPE'] = 'filesystem'
Session(app)
📊

Quick Reference

Summary tips for server side sessions in Flask:

  • Install with pip install Flask-Session.
  • Set SECRET_KEY for security.
  • Choose SESSION_TYPE like filesystem, redis, or memcached.
  • Initialize with Session(app).
  • Use session dict to store and access data.

Key Takeaways

Use Flask-Session extension to enable server side sessions in Flask.
Always set a SECRET_KEY to secure your sessions.
Configure SESSION_TYPE to select where session data is stored on the server.
Initialize sessions with Session(app) after configuring your app.
Keep session data small and avoid storing sensitive info directly.

Related by keyword

How to Implement Session in Flask: Simple Guide with ExampleAuthenticationHow to Run a Flask App: Simple Steps to Start Your ServerGetting StartedHow to Create Error Handler in Flask: Simple GuideRoutingHow to Create Route in Flask: Simple Guide with ExamplesRoutingHow to Handle 404 Errors in Flask: Simple GuideRouting

Up next

How to Use .env File with Flask for Environment VariablesHow to Use Environment Variables in Flask for ConfigurationHow to Mock Database in Flask Test: Simple GuideHow to Test API in Flask: Simple Guide with Examples

More in Caching and Sessions

How to Use Caching in Flask for Faster Web AppsHow to Use Flask-Caching: Simple Guide with ExamplesHow to Use flask-session for Server-Side Sessions in FlaskHow to Use Redis Cache with Flask: Simple Guide