PythonFlaskIdentityManagement: Difference between revisions

From Traxel Wiki
Jump to navigation Jump to search
 
(One intermediate revision by the same user not shown)
Line 16: Line 16:
python3 -m venv .venv
python3 -m venv .venv
source .venv/bin/activate # deactivate to deactivate
source .venv/bin/activate # deactivate to deactivate
pip install flask
pip install flask flask-pyjwt passlib
pip install flask-pyjwt
</syntaxhighlight>
 
<syntaxhighlight lang="python" line>
from datetime import datetime, timedelta
from flask import Flask, jsonify, request, make_response
import jwt
 
app = Flask(__name__)
 
token_expire_offset = timedelta(minutes=30)
 
app.config['SECRET_KEY'] = 'super secret'
 
@app.route('/unprotected')
def unprotected():
    return ''
 
@app.route('/protected')
def protected():
    return ''
 
@app.route('/login')
def login():
    auth = request.authorization
 
    if auth and auth.password == 'password':
        token = jwt.encode({'user':auth.username,
                            'exp':datetime.utcnow() + token_expire_offset},
                          key = app.config['SECRET_KEY'])
        return jsonify({'token': token})
   
    return make_response('Could not verify!', 401, {'WWW-Authenticate': 'Basic realm="Login Required"'})
 
if __name__ == '__main__':
    app.run(debug=True)
    pass
</syntaxhighlight>
</syntaxhighlight>

Latest revision as of 15:55, 11 November 2023

Links

PyJWT

cd projects/cypherpunk/cypherpunk_reddit/flask/test_auth
python3 -m venv .venv
source .venv/bin/activate # deactivate to deactivate
pip install flask flask-pyjwt passlib
from datetime import datetime, timedelta
from flask import Flask, jsonify, request, make_response
import jwt

app = Flask(__name__)

token_expire_offset = timedelta(minutes=30)

app.config['SECRET_KEY'] = 'super secret'

@app.route('/unprotected')
def unprotected():
    return ''

@app.route('/protected')
def protected():
    return ''

@app.route('/login')
def login():
    auth = request.authorization

    if auth and auth.password == 'password':
        token = jwt.encode({'user':auth.username,
                            'exp':datetime.utcnow() + token_expire_offset},
                           key = app.config['SECRET_KEY'])
        return jsonify({'token': token})
    
    return make_response('Could not verify!', 401, {'WWW-Authenticate': 'Basic realm="Login Required"'})

if __name__ == '__main__':
    app.run(debug=True)
    pass