aiohttp middleware and helper utils for working with JSON web token.
MIT License
Added auth_scheme
option to middleware, that allows customization of authorization header prefix. By default value is Bearer
. #77 Thanks @gbarbaten
Added explicit exception when decorators are used without proper middleware initialization & minor cleaning #85
Added support for class based views in decorators https://github.com/hzlmn/aiohttp-jwt/issues/52. Thanks @citijk for the report!
Cleanup a bit project structure
Added support for checking revoked tokens
Now users can pass is_revoked
callback that should return bool value that indicates token status and in case of True, middleware will raise HTTPForbidden with Token is revoked
message.
Better description for token decoding error.
Added more usage examples. Thanks @vikitikitavi
Published by hzlmn over 6 years ago
Introduced check_permissions decorator for providing scope based permission model for your application handlers.
Permissions should be described as an array of strings inside the JWT token, or as a space-delimited OAuth 2.0 Access Token Scope string.
Introduced JWT middleware for encoding/verifying your JWT token and setting property on aiohttp.Request object.