An application sets flask.session.modifed = True and is using a TTL supporting store.
The result is that sessions are expired based on absolute time passed since the creation of the session without any consideration of whether a session has been updated (and it's TTL also updated).
Consider the following case:
An application sets
flask.session.modifed = True
and is using a TTL supporting store. The result is that sessions are expired based on absolute time passed since the creation of the session without any consideration of whether a session has been updated (and it's TTL also updated).