
JWT Middleware for the pythonic Starlette API framework

Primary LanguagePythonBSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause


JWT Middleware for the pythonic Starlette API framework


pypi travis codecov

JSON Web Token Middleware for use with Starlette framework.


$ pip install starlette-jwt

Alternatively, install through pipenv.

$ pipenv install starlette-jwt


Register the Middleware with your app.

from starlette.applications import Starlette
from starlette_jwt import JWTAuthenticationBackend
from starlette.middleware.authentication import AuthenticationMiddleware

app = Starlette()
app.add_middleware(AuthenticationMiddleware, backend=JWTAuthenticationBackend(secret_key='secret', prefix='JWT'))

Access the JWT payload in a request, Enforce handlers to be with authentication.

The @authentication_required decorator will enforce the user to be logged in for that route. Meanwhile the @anonymous_allowed will allow anonymous users to hit the route.

The default behavior is @anonymous_allowed so your code be explicit.

from starlette.authentication import requires

def my_handler(request):
async def homepage(request):
    return JSONResponse({'payload': request.session})

Not all handlers must be with authentication

async def homepage(request):
    return JSONResponse({'payload': None})



Store your secret key in this setting while creating the middleware:

app.add_middleware(AuthenticationMiddleware, backend=JWTAuthenticationBackend(secret_key='MY SECRET KEY'))


Configures the jwt algorithm to use (defaults to "HS256", "RSA256" available):

public_key = b'-----BEGIN PUBLIC KEY-----\nMHYwEAYHKoZIzj0CAQYFK4EEAC...'
app.add_middleware(AuthenticationMiddleware, backend=JWTAuthenticationBackend(secret_key=public_key, algorithm='RS256'))

NOTE: In order to make starlette-jwt with the RSA256 Algorithm, you must have the package cryptography>=2.7


Change the Authorization header prefix string (defaults to "JWT"):

# Example: changes the prefix to Bearer
app.add_middleware(AuthenticationMiddleware, backend=JWTAuthenticationBackend(secret_key='secret', prefix='Bearer'))


The user name field in the JWT token payload:

# Example: changes the username field to "user"
app.add_middleware(AuthenticationMiddleware, backend=JWTAuthenticationBackend(secret_key='secret', username_field='user'))


  • Support JWT token standard payload
  • Set JWT options (time expiration for example)


This project uses pipenv to manage its development environment, and pytest as its tests runner. To install development dependencies:

pipenv install --dev

To run tests:

pipenv shell

This project uses Codecov to enforce code coverage on all pull requests. To run tests locally and output a code coverage report, run:

pipenv shell
pytest --cov=starlette_test/

Deploying new version to pypi (Mainteiners)

python3.7 setup.py sdist
twine upload --repository-url https://pypi.org/legacy/ dist/*
