Python Cookies and Sessions

in

Now, let me start by saying this: if you don’t know what these two things are or how they work, then you’ve come to the right place!
First off, cookies. Cookies are small text files that websites store on your computer or device when you visit them. They contain information like your login credentials, shopping cart items, and other personal data. When you return to the website later, it can read these cookies and use the stored information to customize your experience.
Now, sessions. Sessions are similar to cookies in that they store information on a user’s device, but they have some key differences. For one thing, sessions don’t last as long as cookies once you close your browser or log out of the website, the session is destroyed.
But why would anyone want to use sessions instead of cookies? Well, for starters, sessions are more secure because they can be easily deleted when a user logs out or closes their browser. They’re also less likely to cause issues with privacy and data protection laws.
So how do we implement these things in Python? Let me show you an example! First, let’s create a simple web server using Flask:

# Import the necessary modules
from flask import Flask, session, redirect, url_for, request, render_template

# Create an instance of the Flask class and assign it to the variable 'app'
app = Flask(__name__)

# Set a secret key for the app to ensure secure sessions
app.secret_key = 'your-super-secret-key' # set this to something unique for your app!

# Define a route for the homepage
@app.route('/')
def index():
    # Check if the 'username' key is present in the session dictionary
    if 'username' in session:
        # If present, render the index.html template and pass in the username from the session
        return render_template('index.html', username=session['username'])
    else:
        # If not present, redirect the user to the login route
        return redirect(url_for('login'))

# ... other routes and functions here...

In this example, we’re using Flask to create a simple web server that checks for the presence of a ‘username’ key in the session. If it exists, we render an HTML template with the username included. Otherwise, we redirect them to the login page.
Now how to set and get cookies using Flask:

# Import the necessary modules
from flask import Flask, request, make_response

# Create a Flask app instance
app = Flask(__name__)

# Define a route for setting cookies
@app.route('/set-cookie')
def set_cookie():
    # Create a new response object
    response = make_response('Cookies have been set!')
    # Add the cookie to the response headers
    response.set_cookie('myCookie', 'value123')
    # Return the response
    return response

# Run the app
if __name__ == '__main__':
    app.run()

# Explanation:
# - The first line imports the necessary modules for the script to run.
# - The second line creates a Flask app instance, which will handle incoming requests.
# - The @app decorator is used to define a route for the set_cookie function.
# - The set_cookie function creates a new response object using the make_response function.
# - The set_cookie function then adds a cookie to the response headers using the set_cookie function.
# - Finally, the function returns the response.
# - The if statement at the end ensures that the app is only run when the script is executed directly, not when it is imported by another script.

In this example, we’re using Flask to create a route that sets a cookie named ‘myCookie’ with a value of ‘value123’.
Now how to delete cookies and sessions:

# Import the necessary modules
from flask import Flask, session, redirect, url_for

# Create an instance of the Flask class
app = Flask(__name__)

# Create a route for logging out
@app.route('/logout')
def logout():
    # Remove the 'username' key from the session dictionary
    session.pop('username', None)
    # Redirect the user to the 'index' route
    return redirect(url_for('index'))

# The 'username' key is used to store the user's username in the session dictionary
# The 'None' value is used as a default value if the 'username' key does not exist in the session dictionary
# The 'index' route is used to redirect the user back to the homepage after logging out

In this example, we’re using Flask to create a route that removes the ‘username’ key from the session and then redirects them back to the index page.

SICORPS