Notice: This page requires JavaScript to function properly.
Please enable JavaScript in your browser settings or update your browser.JWT Required | Authentication with JWT
Professional Web API with Flask
course content

Contenido del Curso

Professional Web API with Flask

Professional Web API with Flask

1. Introduction to the Course
Course OutlineAbout APIAbout REST APIProject DescriptionProject InitializationEnvironment Configuration and Dependency ManagementEstablish SSH Connection to GitHub
2. Database and Models
SQLAlchemy Set UpCreate ModelsMany-to-One RelationshipOne-to-One RelationshipMany-to-Many Relationship
3. Flask-Smorest and Schemas
Introduction to Flask-SmorestIntroduction to MarshmallowJSON ExplanationSchema Handling with Marshmallow
4. Endpoints with Blueprints and MethodView
Blueprints and MethodView OverviewStart with Blueprints and MethodViewsFirst Endpoint, Flask-Migration and SQLite StudioPostman and InsomniaTeam EndpointsUser and Player EndpointsSwagger UI
5. Authentication with JWT
What is JWT?Flask-JWT-Extended Set UpUser RegistrationLogin EndpointJWT RequiredPermissionsLogout EndpointTesting New Endpoints
6. Deployment
Enhancing Your AppLast Git Push

bookJWT Required

To apply new login request functionality to endpoints, it means that before making a request for an action (e.g., returning a list of players or creating a new one), a user must send a valid JWT.

JWT Validation

Our application can easily check if the JWT is valid because it is signed by our application.

Example: Applying Security to Team Endpoints

For example, only authorized users can delete, modify, or add teams, while unauthorized users can only access information. To achieve this, we apply a new decorator @jwt_required imported from the flask_jwt_extended library to the respective methods. This decorator is similarly applied to views of other models.

Error Handling

To effectively handle errors, we need to add some code to our app.py. Here are a few scenarios that can occur with JWT usage:

  • The JWT can expire - it is not infinite;
  • The JWT can be invalid if the client has tampered with it;
  • No JWT is provided when it is required, among others.

In the app.py file, under the initialization of our JWT, we will write several functions to handle the most common errors.

In these functions, we use the jsonify function imported from the Flask library. jsonify is a Flask function used to convert data into a JSON format response, making it easy to send structured, HTTP-friendly responses from a server to a client.

1. What is the primary purpose of using JWTs (JSON Web Tokens) in Flask applications?
2. What does the `@jwt_required` decorator do in Flask routes?
3. What does the `@jwt.expired_token_loader` callback function handle?
4. What is set by `app.config["JWT_SECRET_KEY"]` in a Flask application?
What is the primary purpose of using JWTs (JSON Web Tokens) in Flask applications?

What is the primary purpose of using JWTs (JSON Web Tokens) in Flask applications?

Selecciona la respuesta correcta

What does the `@jwt_required` decorator do in Flask routes?

What does the @jwt_required decorator do in Flask routes?

Selecciona la respuesta correcta

What does the `@jwt.expired_token_loader` callback function handle?

What does the @jwt.expired_token_loader callback function handle?

Selecciona la respuesta correcta

What is set by `app.config["JWT_SECRET_KEY"]` in a Flask application?

What is set by app.config["JWT_SECRET_KEY"] in a Flask application?

Selecciona la respuesta correcta

¿Todo estuvo claro?

¿Cómo podemos mejorarlo?

¡Gracias por tus comentarios!

Sección 5. Capítulo 5
some-alt