PythonFlaskIdentityManagement: Difference between revisions
Jump to navigation
Jump to search
(→PyJWT) |
(→PyJWT) |
||
(2 intermediate revisions by the same user not shown) | |||
Line 9: | Line 9: | ||
** Demo: https://www.youtube.com/watch?v=J5bIPtEbS0Q | ** Demo: https://www.youtube.com/watch?v=J5bIPtEbS0Q | ||
= PyJWT = | = PyJWT = | ||
* working from : https://www.youtube.com/watch?v=J5bIPtEbS0Q | |||
<syntaxhighlight lang="bash" line> | <syntaxhighlight lang="bash" line> | ||
Line 14: | Line 16: | ||
python3 -m venv .venv | python3 -m venv .venv | ||
source .venv/bin/activate # deactivate to deactivate | source .venv/bin/activate # deactivate to deactivate | ||
pip install flask | pip install flask flask-pyjwt passlib | ||
</syntaxhighlight> | |||
<syntaxhighlight lang="python" line> | |||
from datetime import datetime, timedelta | |||
from flask import Flask, jsonify, request, make_response | |||
import jwt | |||
app = Flask(__name__) | |||
token_expire_offset = timedelta(minutes=30) | |||
app.config['SECRET_KEY'] = 'super secret' | |||
@app.route('/unprotected') | |||
def unprotected(): | |||
return '' | |||
@app.route('/protected') | |||
def protected(): | |||
return '' | |||
@app.route('/login') | |||
def login(): | |||
auth = request.authorization | |||
if auth and auth.password == 'password': | |||
token = jwt.encode({'user':auth.username, | |||
'exp':datetime.utcnow() + token_expire_offset}, | |||
key = app.config['SECRET_KEY']) | |||
return jsonify({'token': token}) | |||
return make_response('Could not verify!', 401, {'WWW-Authenticate': 'Basic realm="Login Required"'}) | |||
if __name__ == '__main__': | |||
app.run(debug=True) | |||
pass | |||
</syntaxhighlight> | </syntaxhighlight> |
Latest revision as of 15:55, 11 November 2023
Links
- flask-identity: https://pypi.org/project/flask-identity/
- PyJWT: https://pypi.org/project/PyJWT/
- JSON Web Tokens: login, create a token server side with a private key, store it in a cookie
- Lots of PyJWT Stuff: https://duckduckgo.com/?t=ffab&q=pyjwt&ia=web
- Demo: https://www.youtube.com/watch?v=J5bIPtEbS0Q
PyJWT
- working from : https://www.youtube.com/watch?v=J5bIPtEbS0Q
cd projects/cypherpunk/cypherpunk_reddit/flask/test_auth
python3 -m venv .venv
source .venv/bin/activate # deactivate to deactivate
pip install flask flask-pyjwt passlib
from datetime import datetime, timedelta
from flask import Flask, jsonify, request, make_response
import jwt
app = Flask(__name__)
token_expire_offset = timedelta(minutes=30)
app.config['SECRET_KEY'] = 'super secret'
@app.route('/unprotected')
def unprotected():
return ''
@app.route('/protected')
def protected():
return ''
@app.route('/login')
def login():
auth = request.authorization
if auth and auth.password == 'password':
token = jwt.encode({'user':auth.username,
'exp':datetime.utcnow() + token_expire_offset},
key = app.config['SECRET_KEY'])
return jsonify({'token': token})
return make_response('Could not verify!', 401, {'WWW-Authenticate': 'Basic realm="Login Required"'})
if __name__ == '__main__':
app.run(debug=True)
pass