Flask-EncryptedSession is a replacement for the default Flask session. In addition to signing, it encrypts the cookie using the keyczar library. It is based on (and provides a similar interface to) Werkzeug's SecureCookie and Flask's SecureCookieSession and SecureCookieSessionInterface.
In addtion to Flask, Flask-EncryptedSession requires pyasn1, PyCrypto, and python-keyczar.
$ pip install http://keyczar.googlecode.com/files/python-keyczar-0.71b.tar.gz $ pip install https://github.com/saltycrane/flask-encryptedsession/tarball/master
$ mkdir -p /tmp/keys $ keyczart create --location=/tmp/keys --purpose=crypt $ keyczart addkey --location=/tmp/keys --status=primary
from flask import Flask from flask_encryptedsession.encryptedsession import ( EncryptedCookieSessionInterface) app = Flask(__name__) app.session_interface = EncryptedCookieSessionInterface("/tmp/keys")
from datetime import datetime from flask import Flask, session from flask_encryptedsession.encryptedsession import ( EncryptedCookieSessionInterface) app = Flask(__name__) app.debug = True app.session_interface = EncryptedCookieSessionInterface("/tmp/keys") @app.route("/") def hello_world(): now = str(datetime.now()) last_visit = session.get('last_visit', 'Never') page = "Today's date: %s<br> Last visit: %s" % (now, last_visit) session['last_visit'] = now return page if __name__ == '__main__': app.run()
$ git clone git@github.com:saltycrane/flask-encryptedsession.git $ cd flask-encryptedsession $ pip install http://keyczar.googlecode.com/files/python-keyczar-0.71b.tar.gz $ pip install -e ./ $ python setup.py test