Notice: This page requires JavaScript to function properly.
Please enable JavaScript in your browser settings or update your browser.
Logout Endpoint | Authentication with JWT
Professional Web API with Flask
course content

Course Content

Professional Web API with Flask

Professional Web API with Flask

1. Introduction to the Course
2. Database and Models
3. Flask-Smorest and Schemas
4. Endpoints with Blueprints and MethodView
5. Authentication with JWT
6. Deployment

book
Logout Endpoint

To enable a user to logout, we must revoke their JWT. If the user attempts to reuse the same JWT, they will be denied access to the system. To achieve this, we need to create a storage solution for keeping revoked JWTs until their expiration.

Creating a Blocklist for Revoked Tokens

First, we create a blocklist.py file and write:

Checking if Token is Revoked

Next, in app.py, we import our BLOCKLIST variable and define a new function to check if a token is in the blocklist:

Endpoint for User Logout

To facilitate user logout, we create a UserLogout class where we add the user's JWT to the BLOCKLIST:

Everything was clear?

How can we improve it?

Thanks for your feedback!

Section 5. Chapter 7
We're sorry to hear that something went wrong. What happened?
some-alt