Lots of changes and fixes. The main two being a refactor for maintainability and adding msgspec.
Added
- Use msgpack for serialization, along with ``SESSION_SERIALIZATION_FORMAT`` to choose between ``'json'`` and ``'msgpack'``.
- All sessions that are accessed or modified while using 0.7.0 will convert to msgspec. Once using 1.0.0, any sessions that are still in pickle will be cleared upon access.
- Add time-to-live expiration for MongoDB.
- Add retry for SQL based storage.
- Add ``flask session_cleanup`` command and alternatively, ``SESSION_CLEANUP_N_REQUESTS`` for SQLAlchemy or future non-TTL backends.
- Type hints.
- Add logo and additional documentation.
Deprecated
Deprecated pickle. It is still available to read existing sessions, but will be removed in 1.0.0. All sessions will transfer to msgspec upon first interaction with 0.1.0.
Remove null session in favour of specific exception messages.
Deprecate SESSION_USE_SIGNER.
Deprecate :class:flask_session.filesystem.FileSystemSessionInterface in favor of the broader :class:flask_session.cachelib.CacheLibSessionInterface.
Fixed
- Prevent sid reuse on storage miss.
- Abstraction to improve consistency between backends.
- Enforce ``PERMANENT_SESSION_LIFETIME`` as expiration consistently for all backends.
- Use Vary cookie header as per Flask.
- Specifically include backend session interfaces in public API and document usage.
Lots of changes and fixes. The main two being a refactor for maintainability and adding msgspec.
Added
SESSION_USE_SIGNER
.flask_session.filesystem.FileSystemSessionInterface
in favor of the broader :class:flask_session.cachelib.CacheLibSessionInterface
.Fixed