What is Flask's session object?

Flask's session is a dictionary-like object that persists data across requests for a specific user via a signed cookie. Values stored in the session are serialized to JSON, signed with the app's SECRET_KEY (preventing tampering), and stored in the user's browser cookie. Usage: from flask import session; session['user_id'] = user.id. Read: user_id = session.get('user_id'). Clear: session.clear(). Important: session data is stored client-side (in the cookie) — it is signed but not encrypted. Do not store sensitive data (passwords, tokens) in the session. For server-side sessions (stored in Redis or database), use Flask-Session. The default cookie size limit is ~4KB — do not store large objects. Set SESSION_COOKIE_SECURE=True for HTTPS-only cookies in production.