Skip to content

english

Jump to bottom
Diego Martínez Sánchez edited this page Jan 1, 2023 · 7 revisions

Flask JWT library

Documentation_v2.0.0

Here you can find documentation in english and some description of the project.

This is a library for generate via API a JWT using first basic authentication to later generate the JWT and also you can use this library to validate the same JWT received. Basically this resume the way you generate the JWT token and how you process the same one.

Classes

Here you have the attributes that can be configured as part of the library to give more liberty or not about how to implement each class functionality. Also I need to be clear that it is not necessary to impllement both classes in your API, you can use only one.

  • DecJwt: Class to process the JWT. The attributes below can be used at the moment of the declaration of the object:

    • token_as_attr: With this attribute you can set the decoded token as an attribute, so you will have a dictionary with all claims inside the token accesible if you need some of the claims inside your API logic further, default is False so you should set in True if you want to make available the decoded claims of the token.

  • GenJwt: Class to generate JWTs. Use this class if you need to generate your own JWTs firstly using basic auth.

    • rsa_encrypt: With this attribute default is False but you should set it in True only if you're using the functionality to generate tokens with a private key with a passphrase to access to the same private key, if not then it is not necessary to set this flag, as I said, default is False.
    • json_body_token: This flag by default is in False, if you set in True then this means that at the moment to put the username and password as part of the creation of the token it will not come from the basic auth credentials, instead of that you need to send to the endpoint in charge of generating the token a json body with the keys username and password obligatory, if for some reason yo want to change the names of that fields you should use the respective decorator that changes that that is described below.

Decorators

Here are going to be the description about the decorators that you can use and configure in the project. Some of them are obligatory to be implemented so minimal functionality can be used and some others are not neccessary at all.

We are going to divide per class the decorators so you can know to which class belongs the decorator.

  • DecJwt: Class to process the JWT

    1. enc_dec_jwt_config
      • Obligatory
      • Description: This decorator should be implemented with a function in which you should return a dictionary with the keys key and algorithm. In the key "key" you should specify a secret phrase to decode the JWT. In the key "algorithm" you should write the algorithm to use to decode the JWT, this algorithms should be compatible with the pyjwt library.
    2. personal_credentials_field:
      • Not obligatory
      • Description: This decorator is only for changing the key names of the default fields that are included in the generation of the token.
    3. get_user_roles:
      • Not obligatory
      • Description: This decorator should be implementes with a function in which you should return a list/array of str content in which will be the roles of the user so with this we can verify if the user has the correcct role to access to the endpoint the user is trying to request. If this function is implemented should be added to the endpoints for example.
        • If you implement the class to generate the token inside the decortator to validate authentication you should add roles=["role1", "role2"..."roleX"]
        • If you implement the class to only validate access with JWT inside the decorator to validate authentication you should add roles=["role1", "role2"..."roleX"]
    4. get_jwt_claims_to_verify:
      • Not obligatory
      • Description: This decorator should be implemented only if you want to validate some specific claims inside the JWT, for sure theree should be at least one claim inside JWT, if not error will be raised.
    5. verify_jwt_credentials
      • Obligatory
      • Description: Decorator that needs to wrap a method in which you validate the credentials received from token and return a bool value. True if credentials are correct and should pass and False if credentials are not correct and shouldnt pass.
    6. login_required:
      • Obligatory
      • Description: This decorator should be implemented to all endpoints that needs the JWT to authenticate to the respective endpoints. This decorator will do the authentication using all the decorators described above to finally pass and let the endpoints defined to the functionality that are supposed to do.

  • GenJwt: Class to generate JWTs

    1. enc_dec_jwt_config:
      • Obligatory
      • Description: This decorator should be implemented with a function in which you should return a dictionary with the keys key and algorithm. In the key "key" you should specify a secret phrase to encode the JWT. In the key "algorithm" you should write the algorithm to use to encode the JWT, this algorithms should be compatible with the pyjwt library.
    2. personal_credentials_field:
      • Not obligatory
      • Description: This decorator is only for changing the key names of the default fields that are included in the generation of the token.
    3. get_user_roles:
      • Not obligatory
      • Description: This decorator should be implementes with a function in which you should return a list/array of str content in which will be the roles of the user so with this we can verify if the user has the correcct role to access to the endpoint the user is trying to request. If this function is implemented should be added to the endpoints for example.
        • If you implement the class to generate the token inside the decortator to validate authentication you should add roles=["role1", "role2"..."roleX"]
        • If you implement the class to only validate access with JWT inside the decorator to validate authentication you should add roles=["role1", "role2"..."roleX"]
    4. verify_bauth_credentials:
      • Obligatory
      • Description: Decorator that needs to wrap a method in which you validate the credentials received from basic auth and return a bool value. True if credentials are correct and should pass and False if credentials are not correct and shouldnt pass.
    5. jwt_claims: Here you can implement what you want in order to include all claims that should be inside the JWT to be generated, with you need only to take in consideration tha instance of the class that generates the token.
    6. jwt_claims:
      • Not obligatory
      • Description: In this decorator you can add more fields to the token that its going to be generated, default fields are username and password but in thsi decorator you can define and add more fields than the default ones.
    7. generate_jwt:
      • Obligatory
      • Description: This is the main decorator, this should be above of the function in which is going to be all the logic of the endpoint to generate the token. This decorator validates using all the decorators explained above to validate everything and finally send the new token generated.

This is all the description for the decorators of all functionality that you can use as programmer, for examples please go to the navbar of this wiki and go to the Examples or Ejemplos

Flask-authgen-jwt © Diego Martinez

Wiki

The project

Clone this wiki locally