jhildreth / falcon-jwt-checker

MIT License
12 stars 5 forks source link

Passing jwt_claims #2

Open jhildreth opened 7 years ago

jhildreth commented 7 years ago

Currently, the decoded jwt claims are passed along to resource's responder method as the 'jwt_claims' keyword argument. Some responder methods may want to make use of data in these claims (such as the user in the 'sub' claim), so they should be passed along. However, in some applications this may be unnecessary, and resource responder methods may not be expecting it.

Perhaps this behavior should be optional (and disabled by default), toggled when a JwtChecker is instantiated.

jhildreth commented 5 years ago

Putting the claims on the request context would make the most sense, I think.

vgavro commented 5 years ago

I think that middleware is not intended to use params at all. middleware should work with request.context only, while falcon.before decorators may modify params, as they are declared before function and it's obviously that they may modify function arguments, while middlewares are not.