flask-middleware-jwt

Release 1.0

This is a middleware for jwt

Homepage PyPI Python

License
Apache-2.0
Install
pip install flask-middleware-jwt==1.0

Documentation

Flask Middleware JWT

made-with-python PyPi download

drawing

This library was originally developed in a project where it was necessary to make usage of the same package among several smaller services on a microservice archictecture. It was needed that a JWT token was validated on requests, checking whether it had the required structure and if it hadn't expired.

Flask Middleware JWT aims to improve a flask micro-framework with a new way of authenticating your services. For further reading on it's functionalities, plase check our medium article.

Instalation

Run the command in shell:

pip3 install flask-middleware-jwt

App Configuration

Example on how to set your flask app configuration:

app.config possible values
MIDDLEWARE_URL_IDENTITY http://0.0.0.0:5000
MIDDLEWARE_VERIFY_ENDPOINT /token/verify
MIDDLEWARE_BEARER True or False
MIDDLEWARE_VERIFY_HTTP_VERB GET or POST
JWT_SECRET your secret
JWT_ALGORITHMS ['HS256']

Annotations

JWT Token

@middleware_jwt_required

Validates initially if tokens via headers in requests contains "Autorization" before your jwt token and returns an invalid token message otherwise.

Example - How to run

To start your app, please follow these instructions:
Navigate to the 'example' directory and execute either of the following commands on both 'identity' and 'your_app' folders:

flask run

or

python3 app.py

Once both services are up and running, use your prefered API Client, such as Postman to test your app.

Requests

Login:

For API Clients, input these parameters:

  • Headers:

Content-Type: application/json

  • POST

endpoint: http://127.0.0.1:5000/login

For Curl Commands:

curl -d '{"username": "test", "password": "test"}' -X POST -H "Content-Type: application/json" http://127.0.0.1:5000/login

A successful response should return you
{"access_token": "you_token"}


Token Verification:

For API Clients, input these parameters:

  • Headers:

Key: Authorization
Bearer: jwt token returned from login request

  • GET

endpoint: http://127.0.0.1:5000/your_path/verify

For Curl Commands:

curl -X GET -H "Authorization: Bearer you_token" http://127.0.0.1:5000/your_path/verify

Body of the message returned should be either related to your token integrity or in case of sucessful request:

{"message": "Authorization Valid"}


Test Response:

curl -X GET -H "Authorization: Bearer your_token" http://127.0.0.1:5001

Body of the message returned should be either related to your token integrity or in case of sucessful request:

Hello World!

License

Apache License, Version 2.0

Stats

Dependencies
3
Dependent packages
0
Dependent repositories
0
Total releases
4
Latest release
First release
Stars
18
Forks
1
Watchers
2
Contributors
3
Repository size
23.4 KB
SourceRank
7

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

1.3
1.2
1.1
1.0

Contributors

Daniel Zitei carlalmadureira Guilherme Bruno


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2021-02-15 13:33:51 UTC

Login to resync this project