Staying logged in between browser sessions without remember-me

I am not sure what I’m doing wrong, and any pointers in the right direction would be appreciated.

When I log in a user using Flask-login, I check to see if they checked the “remember me” box and then use the appropriate login_user:

if remember:
    login_user(user, remember=True)
else:
    login_user(user)

I don’t know if the remember-me version is working as it’s supposed to, because even when the no-remember login_user(user) is run, the user is remembered. (I thought I might just always be calling the login_user(user, remember=True) code, but the if/else is working correctly.) So, when I log in without clicking the “remember me,” close the browser tab, close the browser, and then come back to the site, I’m still logged in. I thought maybe the cookie wasn’t expiring, but before going to my site I confirmed that the browser doesn’t have it. (Also, no remember-me cookie). If I remove the cookie from my browser either by logging out or through browser settings, I’m logged out and will have to log in if I close and re-open the browser.

For the config, I have SESSION_COOKIE_NAME, REMEMBER_COOKIE_NAME, and REMEMBER_COOKIE_SECURE all set.

Where the user needs to be logged in, I have the @login_required decorator set, or a if current_user.is_authenticated:.

I’ve gone over the docs and my code again and again, and for the life of me I can’t figure out why this is happening.

Ideas?