UD - FLASK - JWT

https://arac.tecladocode.com/

1. Basic JWT

1.1 JWT

create authenticate & identity methods.

# security.py
from werkzeug.security import safe_str_cmp
from user import User

users = [
    User(1, 'user1', 'abcxyz'),
]

username_table = {u.username: u for u in users}
userid_table = {u.id: u for u in users}

def authenticate(username, password): # use for login. When username & password are valid, then return user.
    user = username_table.get(username, None)
    if user and safe_str_cmp(user.password, password):
        return user

def identity(payload): # retrieve user_id from jwt in every request
    user_id = payload['identity']
    return userid_table.get(user_id, None)

init jwt

1.Appendix. Core of JWT

1.2. Configure

https://blog.tecladocode.com/learn-python-advanced-configuration-of-flask-jwt/

2. JWT-extended

JWT

JWT-extended

access token

access token & refresh token

-

refresh token without asking the user again.

2.1. Core

(1) Removed security.py file from JWT

(2) Added UserLogin resource for authenticate & identity

(3) Changed @jwt_required() to @jwt_required

2.2. Claim

claim: additional payload (not identity)

see app.py& Item.delete()

  1. claims loader in app.py.

  2. claims check in Item.delete()

2.3. Optional

see ItemList

  1. add @jwt_optional in ItemList

  2. use get_jwt_identity() to retrieve the identity in JWT.

2.4. Refresh token

  • fresh token = Set after you key-in password, and you will be sudo for few hours. You can delete your account in few hrs.

  • non-fresh token = when fresh token is expired, you will get a non-fresh token and not sudo anymore.

see app.py& TokenRefresh

  1. add TokenRefresh resource.

  2. add TokenRefresh to app.py.

require a fresh token for sudo

  1. Added @fresh_jwt_required to Item.post()

2.4. Callback

PreviousUD - FLASK - SQLAlchemyNextUD - FLASK - Serialization

Last updated

Was this helpful?