Backend Development
Python Tutorial
How to implement JSON Web Token based authentication using Flask-JWT
How to implement JSON Web Token based authentication using Flask-JWT
How to implement JSON Web Token based authentication using Flask-JWT
Overview:
In modern web applications, security is crucial. One of the key aspects is authentication. JSON Web Token (JWT) is an open standard for passing claims between web applications. It can verify data integrity through signatures and implement token-based user authentication.
In this article, we will introduce how to use the Flask-JWT extension to implement JSON Web Token-based authentication to protect our Flask application.
Install Flask-JWT:
First, make sure you have installed Flask and Flask-JWT. They can be installed using the following command:
pip install flask pip install flask-jwt
How to use:
Flask-JWT provides decorators to easily add token validation to Flask routing functions. Here is a simple example:
from flask import Flask
from flask_jwt import JWT, jwt_required, current_identity
from werkzeug.security import safe_str_cmp
app = Flask(__name__)
app.config['SECRET_KEY'] = 'super-secret-key'
class User:
def __init__(self, id, username, password):
self.id = id
self.username = username
self.password = password
def __str__(self):
return f'User(id={self.id}, username={self.username})'
users = [
User(1, 'admin', 'adminpassword'),
]
def authenticate(username, password):
user = next((user for user in users if user.username == username), None)
if user and safe_str_cmp(user.password.encode('utf-8'), password.encode('utf-8')):
return user
def identity(payload):
user_id = payload['identity']
return next((user for user in users if user.id == user_id), None)
jwt = JWT(app, authenticate, identity)
@app.route('/protected')
@jwt_required()
def protected():
return f'Hello, {current_identity}! This route is protected.'
if __name__ == '__main__':
app.run()In the above example code, we first imported the required modules. Then, we define a User class to represent the user entity. Next, we define a list of users (assuming a database) to use for authentication.
authenticate function is used to authenticate a user based on the provided username and password. The identity function obtains the user object based on the user ID in the JWT payload.
Then, we initialized a Flask application and set a secret key (SECRET_KEY). We then initialized a jwt object using the JWT class and passed the authenticate and identity functions to it.
The @jwt_required() decorator is used on the /protected route to protect the route. Only authenticated users can access it.
Finally, we launch the Flask application.
Authenticate:
To authenticate, we need to make an HTTP POST request to the application, passing the username and password. Flask-JWT will generate a JWT token for us.
Here is the sample code of how to authenticate:
import requests
def authenticate(username, password):
response = requests.post('http://localhost:5000/auth', json={'username': username, 'password': password})
if response.status_code == 200:
return response.json()['access_token']
access_token = authenticate('admin', 'adminpassword')
print(f'Access Token: {access_token}') In the above example, we sent an HTTP POST request to the /auth route, passing the user JSON data of name and password. If the authentication is successful, we will get an access_token.
The protected route will accept the token and authenticate the user. Here is an example of how to pass the token in the request header:
import requests
headers = {
'Authorization': f'Bearer {access_token}'
}
response = requests.get('http://localhost:5000/protected', headers=headers)
print(response.text) In the above example, we add the token to the Authorization field of the request header and pass it to /protectedRouting. If the token is valid, we will get a response from the protected route.
Summary:
In this article, we learned how to use the Flask-JWT extension to implement JSON Web Token-based authentication. We learned how to add an authentication decorator in a Flask application and demonstrated how to authenticate with sample code. JSON Web Token provides a simple and secure authentication mechanism that can be applied to a variety of web applications.
The above is the detailed content of How to implement JSON Web Token based authentication using Flask-JWT. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1389
52
How to build simple and easy-to-use web applications with React and Flask
Sep 27, 2023 am 11:09 AM
How to use React and Flask to build simple and easy-to-use web applications Introduction: With the development of the Internet, the needs of web applications are becoming more and more diverse and complex. In order to meet user requirements for ease of use and performance, it is becoming increasingly important to use modern technology stacks to build network applications. React and Flask are two very popular frameworks for front-end and back-end development, and they work well together to build simple and easy-to-use web applications. This article will detail how to leverage React and Flask
How to disable private browsing authentication in Safari: How-to guide for iOS 17
Sep 11, 2023 pm 06:37 PM
In iOS 17, Apple introduced several new privacy and security features to its mobile operating system, one of which is the ability to require two-step authentication for private browsing tabs in Safari. Here's how it works and how to turn it off. On an iPhone or iPad running iOS 17 or iPadOS 17, if you have any Private Browsing tab open in Safari and then exit the session or app, Apple's browser now requires Face ID/TouchID authentication or a passcode to access again they. In other words, if someone gets their hands on your iPhone or iPad while it's unlocked, they still won't be able to view it without knowing your passcode
Django vs. Flask: A comparative analysis of Python web frameworks
Jan 19, 2024 am 08:36 AM
Django and Flask are both leaders in Python Web frameworks, and they both have their own advantages and applicable scenarios. This article will conduct a comparative analysis of these two frameworks and provide specific code examples. Development Introduction Django is a full-featured Web framework, its main purpose is to quickly develop complex Web applications. Django provides many built-in functions, such as ORM (Object Relational Mapping), forms, authentication, management backend, etc. These features allow Django to handle large
Start from scratch and guide you step by step to install Flask and quickly establish a personal blog
Feb 19, 2024 pm 04:01 PM
Starting from scratch, I will teach you step by step how to install Flask and quickly build a personal blog. As a person who likes writing, it is very important to have a personal blog. As a lightweight Python Web framework, Flask can help us quickly build a simple and fully functional personal blog. In this article, I will start from scratch and teach you step by step how to install Flask and quickly build a personal blog. Step 1: Install Python and pip Before starting, we need to install Python and pi first
Guide to installing the Flask framework: Detailed steps to help you install Flask correctly
Feb 18, 2024 pm 10:51 PM
Flask framework installation tutorial: Teach you step by step how to correctly install the Flask framework. Specific code examples are required. Introduction: Flask is a simple and flexible Python Web development framework. It's easy to learn, easy to use, and packed with powerful features. This article will lead you step by step to correctly install the Flask framework and provide detailed code examples for reference. Step 1: Install Python Before installing the Flask framework, you first need to make sure that Python is installed on your computer. You can start from P
Flask vs FastAPI: The best choice for efficient Web API development
Sep 27, 2023 pm 09:01 PM
FlaskvsFastAPI: The best choice for efficient development of WebAPI Introduction: In modern software development, WebAPI has become an indispensable part. They provide data and services that enable communication and interoperability between different applications. When choosing a framework for developing WebAPI, Flask and FastAPI are two choices that have attracted much attention. Both frameworks are very popular and each has its own advantages. In this article, we will look at Fl
Comparing the performance of Gunicorn and uWSGI for Flask application deployment
Jan 17, 2024 am 08:52 AM
Flask application deployment: Comparison of Gunicorn vs suWSGI Introduction: Flask, as a lightweight Python Web framework, is loved by many developers. When deploying a Flask application to a production environment, choosing the appropriate Server Gateway Interface (SGI) is a crucial decision. Gunicorn and uWSGI are two common SGI servers. This article will describe them in detail.
Gunicorn Deployment Guide for Flask Applications
Jan 17, 2024 am 08:13 AM
How to deploy Flask application using Gunicorn? Flask is a lightweight Python Web framework that is widely used to develop various types of Web applications. Gunicorn (GreenUnicorn) is a Python-based HTTP server used to run WSGI (WebServerGatewayInterface) applications. This article will introduce how to use Gunicorn to deploy Flask applications, with
