1 minute read


This post covers Cookie and Session in Flask.


  • stored on a client’s computer in the form of a text file
  • to remember and track data pertaining to a client’s usage for better visitor experience and site statistics
  • A Request object contains a cookie’s attribute. It is a dictionary object of all the cookie variables and their corresponding values, a client has transmitted.
  • In addition to it, a cookie also stores its expiry time, path and domain name of the site.
  • In Flask, cookies are set on response object. Use make_response() function to get response object from return value of a view function.
  • After that, use the set_cookie() function of response object to store a cookie.
  • Reading back a cookie is easy. The get() method of request.cookies attribute is used to read a cookie.


  • Like Cookie, Session data is stored on client.
  • Session is the time interval when a client logs into a server and logs out of it.
  • The data, which is needed to be held across this session, is stored in the client browser.
  • A session with each client is assigned a Session ID. The Session data is stored on top of cookies and the server signs them cryptographically. For this encryption, a Flask application needs a defined SECRET_KEY.
  • Session object is also a dictionary object containing key-value pairs of session variables and associated values.