An open source Flask extension that provides JWT support (with batteries included)!
MIT License
Bot releases are hidden (Show)
Published by vimalloc over 6 years ago
JWT_ERROR_MESSAGE_KEY
option to change the JSON key on the default error messages (#160)Published by vimalloc over 6 years ago
JWT_CLAIMS_IN_REFRESH_TOKEN
configuration option, which if set to true will cause the user claims to be loaded into refresh tokens as well as access tokens (#100).Published by vimalloc over 6 years ago
I forgot to actually increase the version number on the 3.9.0 release. Whoops. Nothing new from 3.9.0 minus a the version number fix.
Published by vimalloc over 6 years ago
role_required
decorator), or hook up functionality to a flask before_request. (#131)Published by vimalloc over 6 years ago
Published by vimalloc over 6 years ago
Published by vimalloc over 6 years ago
Published by vimalloc over 6 years ago
@jwt_optional
decorator (#129)Published by vimalloc over 6 years ago
In this release, we are no longer toggling the flask PROPAGATE_EXCEPTIONS = True
setting in this extension. It was set in here initially to get things working with flask-restful
, but setting a global flask option in here just so that it would work with another flask extension was a poor design choice.
Note that if you are using flask-restful (or possibly other extensions) and the error handlers stop working after this update, you will need to manually set the PROPAGATE_EXCEPTIONS
setting in your configuration to keep everything working. Sorry all the inconvenience.
PROPAGATE_EXCEPTIONS
setting from this extensionPublished by vimalloc over 6 years ago
@jwt_required
(et al) no longer require authorization to be present on an OPTIONS
request (#119)Add Werkzeug>=0.14
to install requirements (#115)Published by vimalloc almost 7 years ago
samesite
cookie attribute (#34, #113, #115). Requires Werkzeug >= 0.14. Thanks @farshiana!Published by vimalloc almost 7 years ago
get_csrf_token
to the api (#112)Published by vimalloc almost 7 years ago
fresh
argument when creating access tokens to a datetime.timedelta
, which will cause the token to be marked as fresh from now until the timedelta is past (#107). Thanks @dunkmann00!Published by vimalloc almost 7 years ago
Published by vimalloc almost 7 years ago
Published by vimalloc almost 7 years ago
Published by vimalloc almost 7 years ago
claims_verification_loader
(#90)Published by vimalloc about 7 years ago
InvalidHeaderError
handler if an authorization header appears in a different format then we expect in the @jwt_optional
endpoint. (refs #82)Published by vimalloc about 7 years ago
Published by vimalloc about 7 years ago
@jwt.claims_verification_loader
and @jwt.claims_verification_failed_loader
to do verification of the user_claims
in an access token (refs #64 #70)