Easily encode and decode JWT tokens
Project description
JWT easy as pie.
jwtpie is a highly opinionated library that makes encrypting and decrypting JWT tokes super easy. Perfect addition to your API backends.
jwtpie does the following:
Serialize and possibly compress your data.
Generate a signed JWT token with your serialized data.
Generate an encrypted JWT token with your signed JWT token.
And also:
Decrypt your encrypted JWT token, and validate it is still valid.
Verify signature of decrypted JWT token and validate it is still valid.
De-serialize and possibly decompress your data.
Install
pip3 install jwtpieOptionally, install either orjson (preferred) or ujson (good) for a faster JSON decoding:
pip3 install orjsonOr …
pip3 install ujsonUsage
>>> from jwtpie import JWTPie
>>> mgr = JWTPie()
>>> token = mgr.encrypt({
... 'user': 'jane_doe@anonymous.io',
... 'name': 'Jane Doe',
})
>>> token
'eyJhbGciO[.........]iJBMjU2S1ldbM'
>>> mgr.decrypt(token)
{
'user': 'jane_doe@anonymous.io',
'name': 'Jane Doe',
}So easy.
The above will generate a new signing and encryption key on-the-fly. If the process is restarted or killed, the key will be lost and all tokens generated with it will no longer be decryptable.
To allow to decode previously generated tokens pass the signing and encryption key in the constructor:
>>> mgr = JWTPie(
... issuer='myapp',
... signkey='YOUR PRIVATE SIGNING KEY',
... encryptkey='YOUR PRIVATE ENCRYPTION KEY',
... expiration_s=1209600, # In seconds. 60 * 60 * 24 * 14 = Two weeks
... )To generate a private key execute:
>>> from jwtpie import JWTPie
>>> size = 256
>>> JWTPie.generate(size)
noOIbGe_WLbTfrLIH_grNu0bf5u8Xx-bERELm2TLRaMOr launch the interactive wizard:
$ python3 -m jwtpie 1. Craft a session. 2. Generate a new encryption or signing key. What do you need? 2 Size: 256 Your key: R5Co9mHaxURSzhryvvx8JqgpFLinhvd6L3rb2TxRx7o Bye!
KEYS ARE SECRET!
Save it in your secret management system!
Do not hard code it.
Do not commit it to version control.
Never log it.
jwtpie is opinionated because it selects the signing and encryption algorithms for you. If you need to change this or change advanced parameters like the leeway please read the documentation in the docstring of the JWTPie class.
Repository
Acknowledgements
JWTPie is just an easy to use abstraction layer built on top of the great JWCrypto library. JWCrypto does the actual work of creating and verifying the tokens according to the JWT specification. JWCrypto is itself built on top of the secure cryptography library.
Changelog
1.1.0 (2021-06-08)
New
New method decrypt_with_metadata() that will return the encrypted data along with the standard JWT claims.
1.0.0 (2021-06-01)
New
Initial release.
License
Copyright (C) 2016-2021 KuraLabs S.R.L
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
