PythonFlaskIdentityManagement
Revision as of 17:52, 9 November 2023 by RobertBushman (talk | contribs)
Links
- flask-identity: https://pypi.org/project/flask-identity/
- PyJWT: https://pypi.org/project/PyJWT/
- JSON Web Tokens: login, create a token server side with a private key, store it in a cookie
- Lots of PyJWT Stuff: https://duckduckgo.com/?t=ffab&q=pyjwt&ia=web
- Demo: https://www.youtube.com/watch?v=J5bIPtEbS0Q
PyJWT
- working from : https://www.youtube.com/watch?v=J5bIPtEbS0Q
cd projects/cypherpunk/cypherpunk_reddit/flask/test_auth
python3 -m venv .venv
source .venv/bin/activate # deactivate to deactivate
pip install flask
pip install flask-pyjwt
from datetime import datetime, timedelta
from flask import Flask, jsonify, request, make_response
import jwt
app = Flask(__name__)
token_expire_offset = timedelta(minutes=30)
app.config['SECRET_KEY'] = 'super secret'
@app.route('/unprotected')
def unprotected():
return ''
@app.route('/protected')
def protected():
return ''
@app.route('/login')
def login():
auth = request.authorization
if auth and auth.password == 'password':
token = jwt.encode({'user':auth.username,
'exp':datetime.utcnow() + token_expire_offset},
key = app.config['SECRET_KEY'])
return jsonify({'token': token})
return make_response('Could not verify!', 401, {'WWW-Authenticate': 'Basic realm="Login Required"'})
if __name__ == '__main__':
app.run(debug=True)
pass