search

pallets-eco / flask-session

Server side session extension for Flask
https://flask-session.readthedocs.io
BSD 3-Clause "New" or "Revised" License
501 stars 239 forks source link

Question about flask sessions #94

Closed alejcas closed 1 year ago

alejcas commented 5 years ago

Hi, I know this is not the place for this question... but I'm was looking everywhere for an answer and couldn't find one.

Current Flask session implementation doesn't allow to configure multiple sessions per request. All the flask session implementation is grouped around a single dict called 'session' that stores everything in it and only allows a single backend (either a cookie or whatever).

What if a need to store the user credentials inside a session backend (redis or whatever), but I want to keep the CSRF tokens inside a simple cookie?

So... I was trying to change the session implementation of flask. I implement a SessionStore that has a method called 'get_session' that accepts a name (the cookie name) and a backend and returns a Session dict from the provided backend (a SecureCookieSession, a Redis Session, etc). I change the RequestContext to push a session store. And changed the LocalProxy session to be a SessionStore, I also changed the Flask App class to allow this.

But the problem I'm facing is that all the flask plugins that use the flask session are now incompatible because they all asume a single session (Flask-Login, Flask-WTF, etc).

So my question is:

1st) ¿Do you know any way of implementing multiple sessions with multiple backends in a compatible way?

2nd) If not, ¿Can a change like this see a future in Flask?

therealadityashankar commented 5 years ago

Not sure if this answers your question but - see - https://github.com/janscas/flask-session-plus

alejcas commented 5 years ago

hahaha yes, and no.

This is my project!

therealadityashankar commented 5 years ago

lol ! literally just saw that :smile: :smile: :smile:

alejcas commented 5 years ago

@therealadityashankar It is now fully working! But it needs more testing! See u

davidism commented 1 year ago

I think this is out of scope for Flask-Session, and I'm not entirely clear what the proposed mechanism is. If you want to discuss further, please open a new issue with a clear example and description.

alejcas commented 1 year ago

@davidism a little bit late but ok!

Solved in https://github.com/janscas/flask-session-plus

Thanks