Flask: Security
Securing user sessions on Flask
The following video demonstrates that the fact that user sessions in Flask are cryptographically signed (to protect against is NOT the same as saying that they are crytographically encoded.
In fact, the contents of a Flask session are actually stored in plaintext, in Base-64 encoding, or if they are long, in Base-64 encoding that is then
compresed with gzip compression.
This article by the video’s creator explains more: