This post covers Cookie and Session in Flask.

Cookie

• stored on a client’s computer in the form of a text file
• to remember and track data pertaining to a client’s usage for better visitor experience and site statistics
• A Request object contains a cookie’s attribute. It is a dictionary object of all the cookie variables and their corresponding values, a client has transmitted.
• In addition to it, a cookie also stores its expiry time, path and domain name of the site.
• In Flask, cookies are set on response object. Use make_response() function to get response object from return value of a view function.
• After that, use the set_cookie() function of response object to store a cookie.
• Reading back a cookie is easy. The get() method of request.cookies attribute is used to read a cookie.

Session

• Like Cookie, Session data is stored on client.
• Session is the time interval when a client logs into a server and logs out of it.
• The data, which is needed to be held across this session, is stored in the client browser.
• A session with each client is assigned a Session ID. The Session data is stored on top of cookies and the server signs them cryptographically. For this encryption, a Flask application needs a defined SECRET_KEY.
• Session object is also a dictionary object containing key-value pairs of session variables and associated values.