Skip to main content

Simple JWT token flask service security library.

Project description

Build Status

jwt_authenticator

jwt_authenticator is a simply python library for adding JWT token authentication/authorization in flask web sites/services. It controls access either by checking for just a validated token, or optionally, a single role claim from the token. Access is controlled by decorating the endpoint functions with an attribute.

Installation

Use the package manager pip to install jwt_authenticator.

pip install jwt_authenticator

Usage

In the main application initialization area

from Flask import Flask
from jwt_authenticator import AuthenticationHandler

APP = Flask(__name__)
AuthenticationHandler.load_configuration()

In the endpoints

from jwt_authenticator import AuthenticationHandler, AuthError

@api.route('/<name>', methods=['GET'])
@AuthenticationHandler.requires_auth("admin")
def get_one(name):
    return f"Hello {name}"

@api.route('/<name>', methods=['GET'])
@AuthenticationHandler.requires_auth()
def get_one(name):
    return f"Hello {name}"

Configuration

jwt_authenticator requires two configuration values to work. These can be specified either in the normal Flask application configuration or as environment variables. Environment variable values will override application configuration values, when

AuthenticationHanlder.load_configuration()

is called.

APP.config (i.e. flask application configuration)

  • SECRET - the key used to sign the JWT token
  • AUDIENCE - the audience claim used in the JWT token

Environment Variables

  • JWT_SECRET - will override SECRET
  • JWT_AUDIENCE - will override AUDIENCE

Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.

Please make sure to update tests as appropriate.

Building

  • Requires 'make'
make init
make test
make package

License

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for jwt-authenticator, version 1.0.0
Filename, size File type Python version Upload date Hashes
Filename, size jwt_authenticator-1.0.0-py3-none-any.whl (4.7 kB) File type Wheel Python version py3 Upload date Hashes View
Filename, size jwt_authenticator-1.0.0.tar.gz (3.3 kB) File type Source Python version None Upload date Hashes View

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring DigiCert DigiCert EV certificate Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page