As reported by Duncan, the current code has some issues with persisting sessions. This PR contains two fixes for this problem:
Dictionaries (and other structures) containing session info are now created independently from the Flask.session object and then explicitly assigned to the object only after all modifications to the dictionary (or other structure) are done.
Fixed a bug in utils.generate_secret_key() for the non-existent wsgi_session_key file case that caused the function to return early with a non-persistent key instead of first trying to populate a newly created file with a persistent key.
As reported by Duncan, the current code has some issues with persisting sessions. This PR contains two fixes for this problem:
Flask.sessionobject and then explicitly assigned to the object only after all modifications to the dictionary (or other structure) are done.utils.generate_secret_key()for the non-existentwsgi_session_keyfile case that caused the function to return early with a non-persistent key instead of first trying to populate a newly created file with a persistent key.