Flask extension for JWT token validation
Based on pyJWT. Supports multi public key validation in form of simplified authorized_keys
format, with only keys, and comments, no options. Good for key rotations or when you need multi issuer support.
Inspired by Flask JWT Simple, nice package I was enjoying until the need for multi key support. So that's where many backward compatible settings came from.
JWT_ALGORITHM
defaultRS256
, algorithm used to decode JWT. As current iteration only asymmetric algorithms are considered. So anything symmetric will likely fail.JWT_HEADER_NAME
defaultAuthorization
, header where JWT expected to be.JWT_HEADER_TYPE
defaultBearer
, type of the token, part of the header's value.JWT_IDENTITY
optional, if provided JWT will use it.JWT_AUTHORIZED_KEYS
new line separated list of OpenSSH formatted keys.VERIFY_AUD
disable verification ofaud
during JWT decoding.
@requires_jwt - use on the flask endpoint that is desired to be protected, accepts additional parameter pass_token_payload
which will add named parameter token_payload
at the very end of the parameters accepted by decorated function.
@requires_jwt
def get(search):
# ...GET logic with search parameter
@requires_jwt(pass_token_payload=True)
def post(data, token_payload):
# ...POST logic with data parameter and token payload