search

pallets-eco / flask-session

Server side session extension for Flask
https://flask-session.readthedocs.io
BSD 3-Clause "New" or "Revised" License
501 stars 239 forks source link

The session is unavailable because no secret key was set. #107

Closed raucci2000 closed 1 year ago

raucci2000 commented 4 years ago

Hi guys! I'm trying to use flask-session, but something happening.

ERROR MESSAGE: RuntimeError: The session is unavailable because no secret key was set. Set the secret_key on the application to something unique and secret.

MY CODE: from flask import request, url_for, Flask, Response, session from flask_session import Session import os

app = Flask(name) SESSION_TYPE='redis' PERMANENT_SESSION_LIFETIME=1800

app.config.update( SECRET_KEY=os.urandom(24) )

app.config.from_object(name) Session(app) app.run()

TESTING SESSION: session["key"]="test 123"

frostming commented 4 years ago

Try this snippet

from flask import Flask, session
from flask_session import Session
import os

app = Flask(__name__)
SESSION_TYPE = "redis"
PERMANENT_SESSION_LIFETIME = 1800

app.config.update(SECRET_KEY=os.urandom(24))

app.config.from_object(__name__)
Session(app)

if __name__ == "__main__":
    with app.test_request_context("/"):
        session["key"] = "value"

you can run the script directly, but I can't reproduce the issue as you described.

sginne commented 4 years ago

Have the same problem. init.py of app

app = Flask(name, static_folder='./static/') app.config.from_pyfile('../allium.cfg') app.config.update(SECRET_KEY=app.secret_key) Session(app)

allium.cfg

import random,string SESSTION_TYPE="memcached" WTF_CSRF_ENABLED=True SECRET_KEY = ''.join(random.SystemRandom().choice(string.asciiuppercase + string.digits) for in range(52))

And

session['masterkey']='masterkey' in Blueprint

gives:

FLASK_APP = run.py FLASK_ENV = development FLASK_DEBUG = 0 In folder /home/sginne/dev/src/Allium /home/sginne/dev/src/Allium/venv/bin/python3.7 -m flask run

  • Serving Flask app "run.py"
  • Environment: development
  • Debug mode: off ESNIOK2NVCW9BKDJ9MVXKL8DAXCA03GRAHRA517KVMKIZP6PZN86
  • Running on http://127.0.0.1:5000/ (Press CTRL+C to quit) no master key [2020-02-12 20:32:59,990] ERROR in app: Exception on /admin [GET] Traceback (most recent call last): File "/home/sginne/dev/src/Allium/venv/lib64/python3.7/site-packages/flask/app.py", line 2446, in wsgi_app response = self.full_dispatch_request() File "/home/sginne/dev/src/Allium/venv/lib64/python3.7/site-packages/flask/app.py", line 1951, in full_dispatch_request rv = self.handle_user_exception(e) File "/home/sginne/dev/src/Allium/venv/lib64/python3.7/site-packages/flask/app.py", line 1820, in handle_user_exception reraise(exc_type, exc_value, tb) File "/home/sginne/dev/src/Allium/venv/lib64/python3.7/site-packages/flask/_compat.py", line 39, in reraise raise value File "/home/sginne/dev/src/Allium/venv/lib64/python3.7/site-packages/flask/app.py", line 1949, in full_dispatch_request rv = self.dispatch_request() File "/home/sginne/dev/src/Allium/venv/lib64/python3.7/site-packages/flask/app.py", line 1935, in dispatch_request return self.view_functionsrule.endpoint File "/home/sginne/dev/src/Allium/app/routes/admin.py", line 9, in admin session['masterkey']='masterkey' File "/home/sginne/dev/src/Allium/venv/lib64/python3.7/site-packages/werkzeug/local.py", line 350, in setitem self._get_current_object()[key] = value File "/home/sginne/dev/src/Allium/venv/lib64/python3.7/site-packages/flask/sessions.py", line 103, in _fail "The session is unavailable because no secret " RuntimeError: The session is unavailable because no secret key was set. Set the secret_key on the application to something unique and secret. 127.0.0.1 - - [12/Feb/2020 20:32:59] "GET /admin HTTP/1.1" 500 -

?

psdon commented 4 years ago

Got the same error even SECRET_KEY was set

Armster15 commented 3 years ago

For me it works when you add:

app.config['SESSION_TYPE'] = 'filesystem'

Anyways this project seems dead , and the forks of this project are also dead. Any good alternatives to this library?

tf42src commented 2 years ago

For me it works when you add:

app.config['SESSION_TYPE'] = 'filesystem'

Anyways this project seems dead , and the forks of this project are also dead. Any good alternatives to this library?

If it is complete and works as expected, you can still use it?

cgironda commented 2 years ago

I am not using even a session in my Flask application but I need to define the code below to get the flash message on my HTML homepage. app.secret_key="anystringhere"

otherwise, I get the message below: The session is unavailable because no secret key was set.

Do I really need to define a secret key under this situation?

b-simjoo commented 1 year ago

I have the same problem, many times ago I wrote a program that used session and I didn't need to set SECRET_KEY and everything worked fine, now even if I set SECRET_KEY it does not work and throw exception for every request. I tried all different ways to configure, even I used debugger to trace SECRET_KEY and everything seemed OK, it was there! but it keep saying that SECRET_KEY is not set.

christopherpickering commented 1 year ago

This should be fixed in release 0.5.0, coming soon.

rayluo commented 1 year ago

This should be fixed in release 0.5.0, coming soon.

The change in release 0.5.0 does not seem to be relevant to this issue. That being said, it is fine to close it. People can always reopen it if necessary.

AMAN1620 commented 6 months ago

from flask_session import Session from flask import Flask, render_template, request, jsonify,session,redirect

app = Flask(name) app.secret_key = '_5#y2L"F4Q8z\n\xec]/' app.config["SESSION_PERMANENT"] = True app.config["PERMANENT_SESSION_LIFETIME"] = 300 app.config['SESSION_TYPE'] = 'filesystem' Session(app)

@app.route("/") def index_get(): return render_template("base.html")

after adding the session_type it worked

Lxstr commented 6 months ago

@AMAN1620 Which version are you using? In 0.6.0 and up you shouldn't need to set a secret key unless you are using SESSION_USE_SIGNER