This is a simple example of JWT usage for authentication with python on server side and angularjs on client side.
JWT (JSON Web Token) is compact and self-contained way for securely transmitting information between parties as a JSON object defined on a RFC (#7519).
The main usage for JWT may be for authentication/authorization purposes but it can be used also for exchanging information between parties.
It runs a webserver (Flask) on localhost, port 5000, exposing the following routes:
/
: rendersindex.html
, a html page that links to all other routes./signin
: receives a login/password combinades and validates it. If it's correct, the response will contain an authentication token./public
: a simple endpoint that doesn't demand a valid token./restricted
: a simple endpoint that demands a valid token.
These routes are all implemented in server.py
. Furthermore, there are an AngularJS client, implemented in /static/app.js
.
- install requirements
pip install -r requirements.txt
- run the Flask app
python server.py
- access
http://localhost:5000
with your browser. - to login use any of the credentials in
users.json
.
You can test it surfing with your browser or using curl in your bash:
-
authenticate and store token
token=`curl -H "Content-Type: application/json" -X POST -d '{"email":"scott@gmail.com", "password":"12345"}' http://localhost:5000/signin`
-
access a restricted area
curl -X GET http://localhost:5000/restricted -H "Authorization: Bearer $token"