I am new to web development. I work with Flask, Sqlalchemy and Postgresql.
As I understand it, each new request is like a new program stream. A new sqlalchemy session is created, with which we manage our db operations and return a response. After that, the new thread is also closed and connections are returned to the pool.
I log in to the user system and get all user data in the orm object of the user. I saved it in a jar session variable that uses cookie. Now I also want to save some other user data for the range of the entire user session, not the request. I have doubts about storing all this data in a cookie for two reasons:
1. Unnecessary data travel back and forth. 2. data can be read easily.
Are my doubts valid?
So my other questions are:
Am I correct at some level to avoid getting some session data in each request without falling into the trap of premature optimization? or Should I worry about this later, when the need arises, and now focus only on creating a working application?
An alternative to a cookie-based session is a server-side session, which can be done using redis or memcache. Where does the Beaker library get into this? Is this a separate thing or its use in combination with redis or memcache?
source share