Skip to main content

Extended JWT integration with Flask

Project description

# Flask-JWT-Extended [![Build Status](https://travis-ci.org/vimalloc/flask-jwt-extended.svg?branch=master)](https://travis-ci.org/vimalloc/flask-jwt-extended) [![Coverage Status](https://coveralls.io/repos/github/vimalloc/flask-jwt-extended/badge.svg?branch=master)](https://coveralls.io/github/vimalloc/flask-jwt-extended?branch=master) [![PyPI version](https://badge.fury.io/py/Flask-JWT-Extended.svg)](https://badge.fury.io/py/Flask-JWT-Extended) [![Documentation Status](https://readthedocs.org/projects/flask-jwt-extended/badge/)](http://flask-jwt-extended.readthedocs.io/en/latest/) [![Join the chat at https://gitter.im/flask-jwt-extended/Lobby](https://badges.gitter.im/flask-jwt-extended/Lobby.svg)](https://gitter.im/flask-jwt-extended/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)

### When to use Flask-JWT-Extended?

Flask-JWT-Extended not only adds support for using JSON Web Tokens (JWT) to Flask for protecting views, but also many helpful (and optional) features built in to make working with JSON Web Tokens easier. These include:

  • Support for adding custom claims to JSON Web Tokens

  • Custom claims validation on received tokens

  • Creating tokens from complex objects or complex object from received tokens

  • [Refresh tokens](https://auth0.com/blog/refresh-tokens-what-are-they-and-when-to-use-them/)

  • Token freshness and separate view decorators to only allow fresh tokens

  • Token revoking/blacklisting

  • Storing tokens in cookies and CSRF protection

### When not to use Flask-JWT-Extended?

This extension is very opinionated about what claims need to exist in received JWTs to get all these extra features to work. If you are working with other JWT providers, only using Flask for rapid prototyping of your application, or do not care about any of these extra features, [Flask-JWT-Simple](https://github.com/vimalloc/flask-jwt-simple) may be a better fit for your application. It is the sister extension of this one (both maintained by me), which strips all of the extra features and opinionated JWT requirements out.

### Upgrading to the 3.x.x releases [See here](https://github.com/vimalloc/flask-jwt-extended/releases/tag/3.0.0) for help upgrading to the 3.x.x releases.

### Installation [View Installation Instructions](http://flask-jwt-extended.readthedocs.io/en/latest/installation.html)

### Usage [View the documentation online](http://flask-jwt-extended.readthedocs.io/en/latest/)

### Chatting We have moved from irc to gitter. The official support channel can now be found at https://gitter.im/flask-jwt-extended/Lobby.

### Testing and Code Coverage We require 100% code coverage in our unit tests. You can run the tests locally with tox which will print out a code coverage report. Creating a pull request will run the tests against python 2.7, 3.4, 3.5, 3.6, and PyPy. ` $ tox `

### Generating Documentation You can generate a local copy of the documentation. After installing the requirements, go to the docs directory and run: ` $ make clean && make html `

Project details


Release history Release notifications | RSS feed

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Flask-JWT-Extended-3.14.0.tar.gz (29.2 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page