PythonFlaskIdentityManagement: Difference between revisions
Jump to navigation
Jump to search
(Created page with "Category:Python = Links = * flask-identity: https://pypi.org/project/flask-identity/ ** Tutorial: https://www.digitalocean.com/community/tutorials/how-to-add-authentication-to-your-app-with-flask-login ** Quickstart: https://flask-identity.readthedocs.io/en/stable/quickstart.html * PyJWT: https://pypi.org/project/PyJWT/ ** JSON Web Tokens: login, create a token server side with a private key, store it in a cookie") |
(→PyJWT) |
||
| (10 intermediate revisions by the same user not shown) | |||
| Line 6: | Line 6: | ||
* PyJWT: https://pypi.org/project/PyJWT/ | * PyJWT: https://pypi.org/project/PyJWT/ | ||
** JSON Web Tokens: login, create a token server side with a private key, store it in a cookie | ** JSON Web Tokens: login, create a token server side with a private key, store it in a cookie | ||
** Lots of PyJWT Stuff: https://duckduckgo.com/?t=ffab&q=pyjwt&ia=web | |||
** Demo: https://www.youtube.com/watch?v=J5bIPtEbS0Q | |||
= PyJWT = | |||
* working from : https://www.youtube.com/watch?v=J5bIPtEbS0Q | |||
<syntaxhighlight lang="bash" line> | |||
cd projects/cypherpunk/cypherpunk_reddit/flask/test_auth | |||
python3 -m venv .venv | |||
source .venv/bin/activate # deactivate to deactivate | |||
pip install flask flask-pyjwt passlib | |||
</syntaxhighlight> | |||
<syntaxhighlight lang="python" line> | |||
from datetime import datetime, timedelta | |||
from flask import Flask, jsonify, request, make_response | |||
import jwt | |||
app = Flask(__name__) | |||
token_expire_offset = timedelta(minutes=30) | |||
app.config['SECRET_KEY'] = 'super secret' | |||
@app.route('/unprotected') | |||
def unprotected(): | |||
return '' | |||
@app.route('/protected') | |||
def protected(): | |||
return '' | |||
@app.route('/login') | |||
def login(): | |||
auth = request.authorization | |||
if auth and auth.password == 'password': | |||
token = jwt.encode({'user':auth.username, | |||
'exp':datetime.utcnow() + token_expire_offset}, | |||
key = app.config['SECRET_KEY']) | |||
return jsonify({'token': token}) | |||
return make_response('Could not verify!', 401, {'WWW-Authenticate': 'Basic realm="Login Required"'}) | |||
if __name__ == '__main__': | |||
app.run(debug=True) | |||
pass | |||
</syntaxhighlight> | |||
Latest revision as of 15:55, 11 November 2023
Links
- flask-identity: https://pypi.org/project/flask-identity/
- PyJWT: https://pypi.org/project/PyJWT/
- JSON Web Tokens: login, create a token server side with a private key, store it in a cookie
- Lots of PyJWT Stuff: https://duckduckgo.com/?t=ffab&q=pyjwt&ia=web
- Demo: https://www.youtube.com/watch?v=J5bIPtEbS0Q
PyJWT
- working from : https://www.youtube.com/watch?v=J5bIPtEbS0Q
cd projects/cypherpunk/cypherpunk_reddit/flask/test_auth
python3 -m venv .venv
source .venv/bin/activate # deactivate to deactivate
pip install flask flask-pyjwt passlib
from datetime import datetime, timedelta
from flask import Flask, jsonify, request, make_response
import jwt
app = Flask(__name__)
token_expire_offset = timedelta(minutes=30)
app.config['SECRET_KEY'] = 'super secret'
@app.route('/unprotected')
def unprotected():
return ''
@app.route('/protected')
def protected():
return ''
@app.route('/login')
def login():
auth = request.authorization
if auth and auth.password == 'password':
token = jwt.encode({'user':auth.username,
'exp':datetime.utcnow() + token_expire_offset},
key = app.config['SECRET_KEY'])
return jsonify({'token': token})
return make_response('Could not verify!', 401, {'WWW-Authenticate': 'Basic realm="Login Required"'})
if __name__ == '__main__':
app.run(debug=True)
pass