session-cookies

Can't get variable from session using SessionMiddleware in FastAPI Question: I am trying to make a primitive authorization by session, here is a sample code import uvicorn from fastapi import FastAPI, Request from starlette.middleware.sessions import SessionMiddleware app = FastAPI() app.add_middleware(SessionMiddleware, secret_key="some-random-string", max_age=0) @app.get("/a") async def session_set(request: Request): request.session["my_var"] = "1234" return ‘ok’ @app.get("/b") async def …

How can I use Flask WTForms and CSRF without session cookie? Question: I have a very simple app that has no user management or any Flask-Login auth needs. It has forms, WTForms. All I want to do is collect some data submitted by the form. I could technically disable CSRF validation but Flask WTForms really …

How to set sessions timeout in django? Question: I want to implement login and logout session in my website through which after a set of time the session should expire automatically. And if user logged in then the user could not go back. Asked By: Mandeep Thakur || Source Answers: In your settings.py set https://docs.djangoproject.com/en/dev/ref/settings/#std:setting-SESSION_COOKIE_AGE. …

Why not generate the secret key every time Flask starts? Question: When using sessions, Flask requires a secret key. In every example I’ve seen, the secret key is somehow generated and then stored either in source code or in configuration file. What is the reason to store it permanently? Why not simply generate it when …

Scrapy – how to manage cookies/sessions Question: I’m a bit confused as to how cookies work with Scrapy, and how you manage those cookies. This is basically a simplified version of what I’m trying to do: The way the website works: When you visit the website you get a session cookie. When you make a …

In django, how is request.session.set_expiry used to log out users after idle? Question: I want to log users out after some period of inactivity. This question (Logging users out of a Django site after N minutes of inactivity) has a reasonable looking answer. But I’d like to understand what distinguishes request.session.set_expiry from SESSION_COOKIE_AGE. The former …