def save_session(self, app, sdata, response): cookie_domain = self.get_cookie_domain(app) sess = Session.query.get(sdata.sid) if not sdata: # Session has become empty (i.e. `if not some_dict`), so drop it if sess: db.session.delete(sess) else: if not sess: sess = Session(sdata.sid) db.session.add(sess) sess.data = pickle.dumps(dict(sdata), protocol=2) sess.last_access = datetime.now() # Expire old(er than 30 days) sessions Session.query.filter(Session.last_access < (datetime.now() - timedelta(days=30))).delete() db.session.commit() response.set_cookie(app.session_cookie_name, sess.uuid, expires=(datetime.now() + timedelta(days=30)), domain=cookie_domain, httponly=True)