flask-login never logs out


I am doing some tests with flask-login. I am following exactly the example at


everything is working fine, i manage to log in correctly and i am able to access the routes protected by the @login_required decorator.

I can log out if I explicitly do it (going to the ‘/logout’ route) and after i do i’m no longer able to access the protected routes.

The only problem is: i never get logged out if i close the browser. In the official guide it says

By default, when the user closes their browser the Flask Session is deleted and the user is logged out.

but this never seems to happen.


OK i’ve finally find a solution:

def before_request():
    flask.session.permanent = True
    app.permanent_session_lifetime = datetime.timedelta(minutes=20)
    flask.session.modified = True

setting flask.session.permanent to True forces flask to expire after a certain amount of time, and not when the browser is closed (which is the default behavior).

flask.session.modified = True resets the time. since this is called every request the user does, you are sure that he is going to be logged out after 20minutes of true inactivity.

Answered By – a.costa

This Answer collected from stackoverflow, is licensed under cc by-sa 2.5 , cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply

(*) Required, Your email will not be published