Generally, you can choose to manage your Python app’s session data in one of two ways: Cookie-based sessions : In this scenario, the session data is not stored in a data store on the back-end. Instead, it’s serialized, signed (with a SECRET_KEY), and sent to the client.