quart.sessions module#

class quart.sessions.SecureCookieSessionInterface#

Bases: SessionInterface

A Session interface that uses cookies as storage.

This will store the data on the cookie in plain text, but with a signature to prevent modification.

static digest_method(string=b'', *, usedforsecurity=True)#

Returns a sha1 hash object; optionally initialized with a string

get_signing_serializer(app: Quart) URLSafeTimedSerializer | None#

Return a serializer for the session that also signs data.

This will return None if the app is not configured for secrets.

key_derivation = 'hmac'#
async open_session(app: Quart, request: BaseRequestWebsocket) SecureCookieSession | None#

Open a secure cookie based session.

This will return None if a signing serializer is not available, usually if the config SECRET_KEY is not set.

salt = 'cookie-session'#
async save_session(app: Quart, session: SessionMixin, response: Response | WerkzeugResponse | None) None#

Saves the session to the response in a secure cookie.

serializer = <flask.json.tag.TaggedJSONSerializer object>#
session_class#

alias of SecureCookieSession

class quart.sessions.SessionInterface#

Bases: object

Base class for session interfaces.

null_session_class#

Storage class for null (no storage) sessions.

pickle_based#

Indicates if pickling is used for the session.

Helper method to return the Cookie Domain for the App.

Helper method to return if the Cookie should be HTTPOnly for the App.

Helper method to return the Cookie Name for the App.

Helper method to return the Cookie path for the App.

Helper method to return the Cookie Samesite configuration for the App.

Helper method to return if the Cookie should be Secure for the App.

get_expiration_time(app: Quart, session: SessionMixin) datetime | None#

Helper method to return the Session expiration time.

If the session is not ‘permanent’ it will expire as and when the browser stops accessing the app.

is_null_session(instance: object) bool#

Returns True is the instance is a null session.

async make_null_session(app: Quart) NullSession#

Create a Null session object.

This is used in replacement of an actual session if sessions are not configured or active.

null_session_class#

alias of NullSession

async open_session(app: Quart, request: BaseRequestWebsocket) SessionMixin | None#

Open an existing session from the request or create one.

Returns:

The Session object or None if no session can be created, in which case the null_session_class is expected to be used.

pickle_based = False#
async save_session(app: Quart, session: SessionMixin, response: Response | WerkzeugResponse | None) None#

Save the session argument to the response.

Parameters:

response – Can be None if the session is being saved after a websocket connection closes.

Returns:

The modified response, with the session stored.

Helper method to return if the Set Cookie header should be present.

This triggers if the session is marked as modified or the app is configured to always refresh the cookie.