Sometimes you'll have a scenario in your application where data has to be kept between requests, but there is no need to persist it in the database, like an authentication token that identifies a logged user or which items a user added to his shopping cart. At those times of peril, use Flask sessions.

Flask sessions are a solution for transient storage between requests implemented using browser cookies and cryptography. Flask uses the secret key value to encrypt any values you set in the session before setting it in the cookies; this way, even if a malicious person has access to the victim's browser, it won't be possible to read the cookie's content.