+ access_token = create_access_token(identity=str(user.id), expires_delta=expires) + authorized = user.check_password(body.get('password')) +from flask_jwt_extended import create_access_tokenīody = -9,4 +11,16 class SignupApi(Resource):
#Flask blueprint authentication install
To use JWT, let's install another flask extension called flask-jwt-extended it uses a value we want to save as token (in our case it's userid) and combines that with the salt (secret key) to create a token. There are many methods for working with token-based authentication, In this part, we are going to learn about JWT also known as JSON Web Token. So, we need functionality such that once the user is logged in into the website they can use their token to access other parts of the website.
So, users can send email and password every time they need to do something on the website, which is not a good idea from a security viewpoint. Note: To view the information stored in our database I used mongo compassĪlright, we have created the functionality of creating a user through signup, now we need to be able to login as that user.įor logging users into a website, we need functionality to verify if the user is who they claim them to be. Send JSON body with email and password to If we take a look at our database, we can see that our password is hashed to some random password compared to the password we sent in the API request. + api.add_resource(SignupApi, '/api/auth/signup') Api.add_resource(MoviesApi, '/api/movies')Īpi.add_resource(MovieApi, '/api/movies/')
0 kommentar(er)
