Sessions are a sequence of request and response transactions associated with a single user. The sessions are usually maintained on the server level by authenticating the user and keeping track of his/her activity over the web page.
Session with each client is assigned a session ID. Sessions are generally stored on top of cookies and the server signs them cryptographically--they are decrypted by the Flask application using the secret key for a temporary duration.
Currently, we haven't set up authentication--we will be defining it in Chapter 8, Securing the Web Application. So, at this point in time, we will create the session by asking about the username accessing the web page and making sure that the user is identified using the sessions.
Now let's create a web page, say, main.html, which will have a URL to create the session if it is needed to be set up, and routes to perform operations on the backend services. You could clear the session if it already exists. See the following code:
<html>
<head>
<title>Twitter App Demo</title>
<link rel=stylesheet type=text/css href="{{ url_for('static',
filename='style.css') }}">
</head>
<body>
<div id="container">
<div class="title">
<h1></h1>
</div>
<div id="content">
{% if session['name'] %}
Your name seems to be <strong>{{session['name']}}</strong>.
<br/>
{% else %}
Please set username by clicking it <a href="{{
url_for('addname') }}">here</a>.<br/>
{% endif %}
Visit <a href="{{ url_for('adduser') }}">this for adding new
application user </a> or <a href="{{ url_for('addtweetjs')
}}">this to add new tweets</a> page to interact with RESTFUL
API.
<br /><br />
<strong><a href="{{ url_for('clearsession') }}">Clear
session</a></strong>
</div>
</div>
</div>
</body>
</html>
Currently in this web page, a few URLs, such as clearsession and addname won't work, since we haven't set up the web page and route for them.
Also, we haven't set up the route for the main.html web page; let's first add it in app.py, as follows:
@app.route('/')
def main():
return render_template('main.html')
Since we have added the route for main.html, let's add the route for addname in app.py, as follows:
@app.route('/addname')
def addname():
if request.args.get('yourname'):
session['name'] = request.args.get('yourname')
# And then redirect the user to the main page
return redirect(url_for('main'))
else:
return render_template('addname.html', session=session)
As you can see in the preceding route, it calls addname.html, which we haven't created yet. Let's create the addname template with the following code:
<html>
<head>
<title>Twitter App Demo</title>
<link rel=stylesheet type=text/css href="{{ url_for('static',
filename='style.css') }}">
</head>
<body>
<div id="container">
<div class="title">
<h1>Enter your name</h1>
</div>
<div id="content">
<form method="get" action="{{ url_for('addname') }}">
<label for="yourname">Please enter your name:</label>
<input type="text" name="yourname" /><br />
<input type="submit" />
</form>
</div>
<div class="title">
<h1></h1>
</div>
<code><pre>
</pre></code>
</div>
</div>
</body>
</html>
Great! Now we can set the session using the preceding code; you will see a web page that looks something like this:
Now, what if we need to clear sessions? Since we are already calling the clearsession function from the main web page, we need to create a route in app.py, which further calls the session's Clear inbuilt function as follows:
@app.route('/clear')
def clearsession():
# Clear the session
session.clear()
# Redirect the user to the main page
return redirect(url_for('main'))
This is how we can set the session, maintain it for users, and clear the session, as per the requirement.