13

How do I delete all sessions and cookies set by my Flask/python app. So that when users return they have to re-login. I want to do this each time I push a new version of the code to production otherwise.

Improve this question
3
  • You could try changing your secret_key for each deployment. Otherwise, I don't think you have many options. Commented Feb 6, 2013 at 19:56
  • If you store your sessions in Redis, you could just wipe them all. Commented Feb 6, 2013 at 20:02
  • There are many options to store it, there are modules to save them in files and database, I mean, the same database you use for the other data. No real need to add Redis to your setup. I won't. Commented Jul 6, 2022 at 11:49

1 Answer 1

Reset to default
20

Best way I found is to invalidate the secret key like so

app.secret_key = os.urandom(32)

The key is secure enough, and each time you launch your system the key changes invalidating all sessions.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.