This guy doesn't waste any time with superfluous detail or pontificating on random design features. Just gives you exactly what you need to understanding the fundamentals. Quite a gifted teacher IMHO. Thanks for the help!
Great explanation skills, Thanks. Yet, for that particular topic, these are client side sessions that are stored in a cookie, and not stored on the server side. They are encoded and not encrypted. The secret key is to cryptographically sign them.
Thanks for the tutorial. I just would like to clarify that the session object imported from flask is actually a client-side session, meaning that the data are stored in the client browser, not in the server as you said at the beginning of the video.
Thanks for pointing that out. I also frowned a little when he said that, because he also said that all that session data is forgotten when the user quits browsing. Which is false (unless the browser is set to clear the cookies upon closing, which they aren't by default).
@@itpugil Hi, your comment was 6 months ago so don't know if you still need the info or not, but you can use a database like sqlite3. Server side storage = databases
Dude. All of your tutorials is top-class material. I'm extremely thankful for all of the things you've taught me. It's simple and precise! THANK YOU! :)
I'm using your Flask course as a jumping point into learning Python and eventually cybersecurity and ethical hacking with python. I just wanted some foundations into building simple web apps, learning the Python lang, and this is helping me a ton get my foot in the door into what I want to eventually learn with more in-depth courses later. TY!
When you use pop on a dictionary, the first argument is the key which you want to delete. When you use pop it will return the value associated with that key. If the first argument is not found as a key, it will return the second argument. You can then assign the returned value to a variable the same as with popping from a list. Most of the time you know the key exists though, so you just put None as the second argument.
If you know the key exists then you don’t need the second argument. You provide the second argument just in case the key isn’t found, in which case the second argument is returned instead of an error being thrown.
whatever coding tutorial i search for there are a bunch of tutorials in results and many of them has more views that techwithtim ones but eventhough i choose tim
Just wanted you to know this was the only video/web page that properly described the use of sessions without either being voerly complex, or just plain wrong. Thanks!!
In 5:00, what’s the difference between redirected back to the login page “return redirect(url_for(login))” v.s rendering the login page via “render_template(‘login.html’)”?
Hi Tim, this is great but these sessions are for client side storage (cookies) , can you tell us how to use server side session. Because client side sessions have a very small size limit. I want to store a dataframe in sessions. Can you tell something about the same?
Save a dataframe in sessions? Sessions are ideal for strings or numbers, but not for a whole dataframe. A dataframe you can store in a database for example.
Awesome content. Parts 1-5 have a TEXT version which I prefer over just plain video. Are parts 6+ going to have a text version too? Seems they aren't linked after part 5.
Hey Tim i'm your regular viewer because your's way of teaching is so simple and to the point but in this video you have done something which is very confusing that you have created a variable and a function with same name "user" and it's confusing to understand that where you are using function and where you're using var
Ye... im going to read all flask docs... hey better idea!! lets just chill and let tim explain that for us :D!!! THANKS TIM THANK YOU VERY MUCH, PEACE!
it was not working at my end... and how is this session different from flask_session? would be nice if u run 2 app side by side explaining this.... which one to prefer session or flask_session?
But is session stored in the server? Is that a new thing? I know of Flask-Session which is used for making it server side, but maybe that's superfluous now? Great video btw, very clear and useful.
The video is incorrect, the session data in this tutorial is stored client side. the server encrypts it with the secret key and it is pas sed from the client to the server with every request.
I just watched your flappy bird video and I have a question. How did you learn ml ? Did you have it in uni or did you just learn it by yourself? I learned the basics of python on my own but when I tried to dabble into ml I got discouraged. It seemed like only a person that that is in computer engineering at uni could truly understand ml. Is there any hope for self teaching ml? And thanks for the amazing videos btw.
I know you did not ask me :> but I think it is not about uni, at my uni even though im a cs major they didn't teach me much, I believe it depends on you. they did teach us math as a separate course, and basics ml but they didn't link it together so it was useless at the time.
This is a really good tutorial overall, but I think the permanent session was poorly explained. My website behaves in a different way than you described. Before the session variable was imported from flask, I stayed logged in unless I manually changed the url to /logout or closed the flask app. For example I could close the browser, reopen and do different things on the website or do nothing and still would be logged in. After importing the session variable and setting the value of app.permanent_session_lifetime to timedelta(seconds=10) for testing purposes, I got the following result. After logging in, every GET request resets the timer. For example, I can close the browser for 9 seconds, than open it up quickly before the session is lost, and then refresh every 9 seconds to stay logged in.
Don't store anything that really needs to be secure/private in the session key, as they are simply base64 encoded and easily deciphered/exposed. However, if the value is altered {"user":"mary"}, re-encoded in base64 and then the session cookie value edited, the session will become invalid (this is good), kindof like JWT.
if you press backspace after logout, you land back to the accounts page.... why? logically we should not be able to go back to account page after logout, but this code lets u the access after pressing backspace
Sir my session is not deleted when i closed browser and open again...Session stored the value permanantly and also i am not used app.permanent_session_lifetime yet.?? please help me to solve this issue.
I do believe this is because Flask has been updated. If you restart the server it will still redirect you to /user with the correct information. If you restart the server and change the secret key it will then forget your session. This is not an issue, for it is actually a feature.
Hi Tim 1... Is it possible to have a secret_key for each session???? 2... Let's say my session's diccionay has more than 2 elements being "user" one of them ... by using session.pop("user", None) I will erase the whole session or just the element "user" in its diccionary?
Thanks for this! I'm playing with sessions, trying to increment a session variable (day counter, for instance) by 1 with every POST request, but for some reason it is NOT kept in the session's "memory" for the next "POST". What am I doing wrong? Is Sessions the way to go about it, or do I need a DB?
i was screwing around with the login page and i found a vulnerability. if you type alert("Hello World!") it will pop up on the page an alert using javascript
Hello Tim, thank you for the tutorial, do you have any tutorial about Flask Authenticating Using JSON Web Tokens, if not is it possible to create one for us? Thanks.
Hey Tim, I'd like to know if its possible to create an alert when the session timeout occurs, for example a prompt alert stating that, "You have been logged out". How do you go about doing it? Thanks.
Hi tim, just one question. Since the python file is basically the server (right?), does everyone who goes to your webpage basically get handed this code or is there just one version of this code that everyone goes to
Can someone please explain more on the secret key. I am unable to find its usage and how a random secret keys makes a difference, than having no key at all?
Would it be ok to place an instance of a class in a session? Like I have a quiz web app and I want all the routes to be able to communicate with each other by using a class. I don't want to just initialize the class because then, a lot of users will be using the same class. So I thought of creating an instance inside a route, placing it inside a session and getting that session in a different route? Is that safe?
I have a question, can we put more than an element in the session if I have more than a single information like storing both name and password? Or I should create an another session that contains password.
Hey Tim, can you help me with flask+webcam+socketio? Any example tutorial to understand and club them so that each user can launch the app and give the data
So is there some file being stored in the project which indicates the session's creation time and the time it should last or will is this just a run time parameter cause the server shouldn't even stop running?
How does one pass session from one python file to another and can it be used with WTForms? Right now I'd like to pass information from one page to the next and have info from a form go to session and then pass that to make a database query. Thanks!
Please are you using a private browser. Because it seems flask stores sessions as cookies on the browser which are still persistent even after the browser is closed in my case
This guy doesn't waste any time with superfluous detail or pontificating on random design features. Just gives you exactly what you need to understanding the fundamentals. Quite a gifted teacher IMHO. Thanks for the help!
Great explanation skills, Thanks. Yet, for that particular topic, these are client side sessions that are stored in a cookie, and not stored on the server side. They are encoded and not encrypted. The secret key is to cryptographically sign them.
Thanks for your comment. But are they still safe / good practise to remember a logged in user, or should something else be used instead?
why its coming too many redirects
this tutorial is helping me more in my mid-term project than the classes themselves, thank you sooo much
The amount of happiness I get when I was stuck, then finally came out of the issue is immacluate. Thanks for the help!
Thanks for the tutorial. I just would like to clarify that the session object imported from flask is actually a client-side session, meaning that the data are stored in the client browser, not in the server as you said at the beginning of the video.
Question, what should be imported to have it get saved on the server rather than the client?
True, Flask's sessions are client-side sessions...
Thanks for pointing that out. I also frowned a little when he said that, because he also said that all that session data is forgotten when the user quits browsing.
Which is false (unless the browser is set to clear the cookies upon closing, which they aren't by default).
nice clearout, apreciate
@@itpugil Hi, your comment was 6 months ago so don't know if you still need the info or not, but you can use a database like sqlite3. Server side storage = databases
Dude. All of your tutorials is top-class material. I'm extremely thankful for all of the things you've taught me. It's simple and precise! THANK YOU! :)
Is session just a cookie?
explaining the session and the purpose of secret key was more clear than any other I heard. Thanks
I'm using your Flask course as a jumping point into learning Python and eventually cybersecurity and ethical hacking with python. I just wanted some foundations into building simple web apps, learning the Python lang, and this is helping me a ton get my foot in the door into what I want to eventually learn with more in-depth courses later. TY!
how's it going now, man?
And now?
This was so great. I've searched the internet for hours and you're the first person to actually help me.
congratulations my young man, not only you are super smart, but extremely well articulated...
When you use pop on a dictionary, the first argument is the key which you want to delete. When you use pop it will return the value associated with that key. If the first argument is not found as a key, it will return the second argument.
You can then assign the returned value to a variable the same as with popping from a list.
Most of the time you know the key exists though, so you just put None as the second argument.
Thanks man
@@capslock3250 yeah i meant dictionary.
Edited it. Thanks
If you know the key exists then you don’t need the second argument. You provide the second argument just in case the key isn’t found, in which case the second argument is returned instead of an error being thrown.
whatever coding tutorial i search for there are a bunch of tutorials in results and many of them has more views that techwithtim ones but eventhough i choose tim
This was exactly what I was searching for......Thanks a lot
me too
Short, sweet, simple, straight to the point
Love it !
Just wanted you to know this was the only video/web page that properly described the use of sessions without either being voerly complex, or just plain wrong. Thanks!!
Great tutorial, great and clear voice for easy to understand
Tim you are very dear to me, I love you bro. Your family should be very proud of you. You've got a very great channel.
Tim you are literally saving me, thank youuu so so so much for your help
u are my favourite ❤️❤️
Great tutorial!!! I wasn't even halfway through the video and already found the solution to my problem
Your tutorials are excellent. Thanks
One of the best tutorials for flask!!
9:38 Thanks Bro That's Quite Interesting .Upload more videos.Our Support with you...
The standard flask session is stored client side, not server side.
Nice tuts..Really appreciate your efforts. It makes Python on the web feel like a breeze. Thanks a lot Tim!
Tim is so awesome! Have no words to describe! Thanks mate!
Your skills are just amazing for beginners ❤️❤️❤️ love from india
Tim I believe the session is stored on the browser, and is encrypted with the secret key. They browser sends the session with the request.
Is it a Cookie that's stored on the browser and Sessions on the server?🤔
In 5:00, what’s the difference between redirected back to the login page “return redirect(url_for(login))” v.s rendering the login page via “render_template(‘login.html’)”?
Tim, flask series is excellent. And very much helpful.
Thanks Tim. You are a life-saver bro!
I am so happy that this got recommended to me
awesome again! kindly keep making advanced Flask tutorials...
Hi Tim, this is great but these sessions are for client side storage (cookies) , can you tell us how to use server side session. Because client side sessions have a very small size limit. I want to store a dataframe in sessions. Can you tell something about the same?
Save a dataframe in sessions? Sessions are ideal for strings or numbers, but not for a whole dataframe. A dataframe you can store in a database for example.
Thats exacly what I was looking for!
The best teacher
You just saved my day! Thanks man.
Awesome content. Parts 1-5 have a TEXT version which I prefer over just plain video. Are parts 6+ going to have a text version too? Seems they aren't linked after part 5.
Hey Tim i'm your regular viewer because your's way of teaching is so simple and to the point but in this video you have done something which is very confusing that you have created a variable and a function with same name "user" and it's confusing to understand that where you are using function and where you're using var
Outstanding, very clear, thank you.
Great video and super helpful, thank you a ton Tim!
Ye... im going to read all flask docs... hey better idea!! lets just chill and let tim explain that for us :D!!! THANKS TIM THANK YOU VERY MUCH, PEACE!
Thank's Tim. Great tutorial
Thanks for all your work, really good contents
Thanks! you save my life from headache :)
This video just saved me ... Thank you so
Thank you for making these!
Thanks man really appreciate your tutorial
Thank you very much for this video! I learnt a lot from this :)
Thanks Tim, it helps me alot!
really easy thanks!
it was not working at my end... and how is this session different from flask_session? would be nice if u run 2 app side by side explaining this.... which one to prefer session or flask_session?
very useful! thanks mate
But is session stored in the server? Is that a new thing? I know of Flask-Session which is used for making it server side, but maybe that's superfluous now?
Great video btw, very clear and useful.
The video is incorrect, the session data in this tutorial is stored client side. the server encrypts it with the secret key and it is pas
sed from the client to the server with every request.
So far Im loving backend more than frontend
I think this is exactly what i need for missing the first 8 weeks of lectures and work from my university lmao.
Thanks 😊 really helpful
great video tim
Amazing video, thank you!
really helpful tutorial
thanks
Very Good tutorial
I just watched your flappy bird video and I have a question. How did you learn ml ? Did you have it in uni or did you just learn it by yourself? I learned the basics of python on my own but when I tried to dabble into ml I got discouraged. It seemed like only a person that that is in computer engineering at uni could truly understand ml. Is there any hope for self teaching ml? And thanks for the amazing videos btw.
I know you did not ask me :>
but I think it is not about uni, at my uni even though im a cs major they didn't teach me much, I believe it depends on you.
they did teach us math as a separate course, and basics ml but they didn't link it together so it was useless at the time.
Nice one Tim!
Hey Tim, I enjoy your tutorial but I have to lower the speed from normal to 0.75. English is my 3rd language.
nice and very helpful
This is a really good tutorial overall, but I think the permanent session was poorly explained.
My website behaves in a different way than you described.
Before the session variable was imported from flask, I stayed logged in unless I manually changed the url to /logout or closed the flask app. For example I could close the browser, reopen and do different things on the website or do nothing and still would be logged in.
After importing the session variable and setting the value of app.permanent_session_lifetime to timedelta(seconds=10) for testing purposes, I got the following result.
After logging in, every GET request resets the timer. For example, I can close the browser for 9 seconds, than open it up quickly before the session is lost, and then refresh every 9 seconds to stay logged in.
Don't store anything that really needs to be secure/private in the session key, as they are simply base64 encoded and easily deciphered/exposed. However, if the value is altered {"user":"mary"}, re-encoded in base64 and then the session cookie value edited, the session will become invalid (this is good), kindof like JWT.
I love you brov i never understood how get post sessions worked
if you press backspace after logout, you land back to the accounts page.... why? logically we should not be able to go back to account page after logout, but this code lets u the access after pressing backspace
Back button returns to session even after logout
Please help me
Sir my session is not deleted when i closed browser and open again...Session stored the value permanantly and also i am not used app.permanent_session_lifetime yet.?? please help me to solve this issue.
I do believe this is because Flask has been updated. If you restart the server it will still redirect you to /user with the correct information. If you restart the server and change the secret key it will then forget your session. This is not an issue, for it is actually a feature.
did you close browser or did you close the tab
@@darthvader4899 you might be 3 months late
BPMPlayz you are right lol. Anyways i just wanted to comment :)
hahaha
Love u bro
this is very helpfull ,can you say how to add one more field that would be very very more helpfull than.
waw so good thnkyou
So cookies not needed? Done in background when you use session object?
great stuff
thanku man keep coding
Hi Tim
1... Is it possible to have a secret_key for each session????
2... Let's say my session's diccionay has more than 2 elements being "user" one of them ... by using session.pop("user", None) I will erase the whole session or just the element "user" in its diccionary?
awesome!
Thanks for this! I'm playing with sessions, trying to increment a session variable (day counter, for instance) by 1 with every POST request, but for some reason it is NOT kept in the session's "memory" for the next "POST". What am I doing wrong? Is Sessions the way to go about it, or do I need a DB?
is not workin if i try to run it it shows me an error
thx, very usefull
Your pfp looks delicious😋😋
i was screwing around with the login page and i found a vulnerability. if you type alert("Hello World!") it will pop up on the page an alert using javascript
What language you did use to create website techwithtim.net
That is obviously a wordpress site.
Hello Tim, thank you for the tutorial, do you have any tutorial about Flask Authenticating Using JSON Web Tokens, if not is it possible to create one for us? Thanks.
best tnx
thanks bro :)
Hey Tim, I'd like to know if its possible to create an alert when the session timeout occurs, for example a prompt alert stating that, "You have been logged out". How do you go about doing it? Thanks.
Hi tim, just one question. Since the python file is basically the server (right?), does everyone who goes to your webpage basically get handed this code or is there just one version of this code that everyone goes to
They don’t have access to the code
Obrigado
Can someone please explain more on the secret key. I am unable to find its usage and how a random secret keys makes a difference, than having no key at all?
Would it be ok to place an instance of a class in a session? Like I have a quiz web app and I want all the routes to be able to communicate with each other by using a class. I don't want to just initialize the class because then, a lot of users will be using the same class. So I thought of creating an instance inside a route, placing it inside a session and getting that session in a different route? Is that safe?
I have a question, can we put more than an element in the session if I have more than a single information like storing both name and password? Or I should create an another session that contains password.
ofcourse u can
Hey Tim, can you help me with flask+webcam+socketio? Any example tutorial to understand and club them so that each user can launch the app and give the data
So is there some file being stored in the project which indicates the session's creation time and the time it should last or will is this just a run time parameter cause the server shouldn't even stop running?
For some reason, when I open the web again, if I have logged in with my name then the user page still displays my name!!
How to handle the case when different users logged in from different computers then how to separate the users
i followed this video every step of the way and found an issue....when i close my browser...the session stil remains....help please
That’s intended!
@@TechWithTim oh ok my bad hehe
Hi, can you explain, how to shut down the development / built-in server of flask without using ctrl+c? Is there a way to code it in the python script?
How does one pass session from one python file to another and can it be used with WTForms? Right now I'd like to pass information from one page to the next and have info from a form go to session and then pass that to make a database query. Thanks!
Please are you using a private browser. Because it seems flask stores sessions as cookies on the browser which are still persistent even after the browser is closed in my case