## 1. Cookies & Sessions

Goal: 
- Keep track of information (store) for multiple requests
- Considerations:
    - Location
    - Security



# 2. Flask built-in session object

`from flask import session`

|Type|Pupose|Storage|Comments|
|-|-|-|-|
|Proxy object (like dictionary) | Store & retrieve data on a ***per-client*** basis.<br>Client-side sessions.|Session data in a ***secure cookie*** on the *client* (browser).|..|
|...|...|...|...|


In [None]:
from flask import Flask, session

app = Flask(__name__)
app.secret_key = 'your_secret_key'

@app.route('/set')
def set_session():
    session['username'] = 'tony'
    return 'Session set!'

@app.route('/get')
def get_session():
    return session.get('username', 'Not set')


# OLD NOTES

Solution 1: 
- **Cookies** on *Client-Side*
    - Information stored in clients browser

Solution 2: 
- **Sessions** on *Server-Side*
    - **Session-ID** provided to client
    - Signed with **Secret-Key**
    - Information stored on server


# 2. Sessions: Server-Side Storage

|Step|Action|Example|Comments|
|-|-|-|-|
|1.|Set **Secret_Key**|`app.secret_key=...`|Allows issue of **Session_IDs** for individual users on server-side.|
|2.|Import **session** module|`import session`|...|
|3.|Update index with jinja msg|`import session`|...|
|4.|Add **set_data** route|`url_for('py_fn')...`|Include:<br> - jinja_msg in p tag based on route<br> - anchor url_for set_data|
|5.|Set User's **session** values |`session['name']=...`|**session** is a python dictionary for each user.<br><br>**session** data is: <br> - *sensitve* data <br> - data not to be changed or seen by user<br> - data trusted on server side, <br> - data produced/configured on server-side (ie app.py).<br> - associated with a **Session_ID**|
|6.|Browser: Inspect Session Cookies Value|`F12`|Open Browser's Deverlop Tools (F12):<br>- Session ID Values should appear but unreadable by hoomans<br>- **Session_ID**<br>- Stored in browser to identify user to server|
|7.|Add **get_data** route|`url_for('py_fn')...`|Same as 4.|
|8.|Add **clear_data** route|`url_for('py_fn')...`|Same as 4.|

# 3. Cookies: Client-Side Storage
Server sends back a `response`:
- The response ***instructs*** the browser to make the **cookie** (client-side)
    - Unlike **session**, where server simply set the cookie values (itself)

    

|Step|Action|Example|Comments|
|-|-|-|-|
|1.|Create **Response** Object|`make_response(...)`|Wrap a `render_template()` by a `make_reponse()`|
|2.|Set **Cookie_Value** on response object|`resp.set_cookie(🍪,🍪_value)`|Set cookie attribute of the response object & `return response` object|
|3.|Get **Cookie_Value** |`request.cookies['🍪']`|Get cookies values via python dictionary of `request.cookies`|
|4.|Delete **Cookie_Value**|`resp.set_cookie(🍪,expires=0)`|Set cookies expiration `expires` to 0 to delete the cookie & `return response` object|

In [None]:
<!--     
    <a href={{url_for('set_cookie_fn')}}>Set Cookies.</a><br>
    <a href={{url_for('get_cookie_fn')}}>Get Cookies.</a><br>
    <a href={{url_for('clear_cookie_fn')}}>Clear Cookies.</a><br>
    <a href={{url_for('set_session_fn')}}>Set Session Data.</a><br>
    <a href={{url_for('get_session_fn')}}>Get Session Data.</a><br>
    <a href={{url_for('clear_session_fn')}}>Clear Session.</a><br> -->



# Tunneling 101

cloudflare (https://github.com/cloudflare/cloudflared/releases)
uninstall
sudo rm /usr/local/bin/cloudflared (easy because binaries are manually placed)
rm -rf ~/.cloudflared  (as above)

install
wget https://github.com/cloudflare/cloudflared/releases/download/2025.4.0/cloudflared-linux-amd64
chmod +x cloudflared-linux-amd64
sudo mv cloudflared-linux-amd64 /usr/local/bin/cloudflared
cloudflared --version
cloudflared tunnel --url http://localhost:5000

localtunnel
uninstall
ll $(which lt)   (check how installed, and then uninstall)
npm uninstall -g localtunnel
which lt

install
npm install -g localtunnel
npm list -g --depth=0 (That will show all globally installed npm packages)
lt --port 5000

ngrok
uninstall - deepseek
dpkg -l | grep (check if installed via apt/dpkg .deb)
sudo apt remove --purge ngrok # Purge all traces (even configs)
sudo rm -f /usr/bin/ngrok /usr/local/bin/ngrok # Manually delete leftovers
rm -rf ~/.config/ngrok


uinstall - chatgpt
sudo apt remove ngrok

actual install - https://dashboard.ngrok.com/get-started/setup/linux

install - deep
sudo apt update && sudo apt install ngrok
ngrok config add-authtoken <your_token>
ngrok http 5000
