https://github.com/riton/flask-encrypted-cookies-session
An encrypted cookie based session implementation for flask (mirror of https://gitlab.in2p3.fr/rferrand/flask-encrypted-cookies-session for Pull Requests and issues)
https://github.com/riton/flask-encrypted-cookies-session
fernet-cryptography flask session-management
Last synced: 2 months ago
JSON representation
An encrypted cookie based session implementation for flask (mirror of https://gitlab.in2p3.fr/rferrand/flask-encrypted-cookies-session for Pull Requests and issues)
- Host: GitHub
- URL: https://github.com/riton/flask-encrypted-cookies-session
- Owner: riton
- License: other
- Created: 2023-04-30T18:00:48.000Z (about 3 years ago)
- Default Branch: develop
- Last Pushed: 2023-04-30T18:28:27.000Z (about 3 years ago)
- Last Synced: 2025-09-11T17:19:17.167Z (10 months ago)
- Topics: fernet-cryptography, flask, session-management
- Language: Python
- Homepage:
- Size: 66.4 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
README
#
[](https://gitlab.in2p3.fr/rferrand/flask-encrypted-cookies-session/-/commits/develop)
[](https://gitlab.in2p3.fr/rferrand/flask-encrypted-cookies-session/-/commits/develop)
[](https://img.shields.io/badge/code%20style-black-000000.svg)
[](https://github.com/pre-commit/pre-commit)
## Description
A cookie based session for `flask` relying on `Fernet` encrypted cookies.
### Motivation
`flask` default session rely on _signed cookies_. This sometimes is not enough, and encrypted data should be used.
_Example_ : Use cookies to store OAuth2 _access tokens_ without the burden of server side storage.
## Usage
### Installation
`pip install flask-encrypted-cookies-session`
### Flask application configuration
Private key used to encrypt cookies can be generated with `python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key())"`
```python
# -*- coding: utf-8 -*-
from flask import Flask, session
from flask_encrypted_cookies_session import EncryptedCookieSession
DEBUG = "True"
ENCRYPTED_COOKIES_SECRET_KEY = (
"JNJQuYdaUGr8XBSoZNYF9FC-A7RZ7iFqV_KqrCwYr0s=" # Fernet.generate_key()
)
# To rotate your keys:
# ENCRYPTED_COOKIES_SECRET_KEY = "JNJQuYdaUGr8XBSoZNYF9FC-A7RZ7iFqV_KqrCwYr0s=,Dfo2hCeG-S6CeY-_tgJ33gip9rxC2t8qNK0CM0gZlRk=" # [Fernet.generate_key(), Fernet.generate_key()]
app = Flask(__name__)
app.config.from_object(__name__)
# This will replace the default Flask application session interface with the encrypted
# cookie based session
EncryptedCookieSession(app)
@app.route("/set/")
def session_set():
session["key"] = "value"
return "ok"
@app.route("/get/")
def session_get():
return session.get("key", "not set")
```
## Development
[`poetry`](https://python-poetry.org/) is used to manage this project.
[`poe the poet`](https://github.com/nat-n/poethepoet) is used as the _task runner_ of this project. If you don't know what a _task runner_ is, think about an alternative version of a `Makefile`.
### Install project dependencies
```
$ poetry install
```
### Unit testing
#### Test with all python versions
```
$ poe test
```
#### Test with a specific python version
```
$ poe test-py39
```
## F.A.Q
### Where can I open an _Issue_ or a _Pull Request_ to contribute ?
The [github repository](https://github.com/riton/flask-encrypted-cookies-session) should be used for _Issues_ or _contributions_.