search

nighthawkcoders / teacher_portfolio

GitHub Pages / Jupyter Notebook guides for Python, Java, JavaScript, Linux
https://nighthawkcoders.github.io/teacher_portfolio/
Apache License 2.0
1 stars 50 forks source link

Python / Flask JWT implementation review #50

Open jm1021 opened 10 months ago

jm1021 commented 10 months ago

Owners

P1. Jayden Chen, Miguel Villa, Nihar Gupta, Brandon So, Marcus Hernandez P2. Abdullah, Tanuj, Tucker, Alara, Monica P4. Beijan, Tim, Howie, Jake, Rayhan P5. Lindsay, Grace, Samhita, Anika

JWT overview

Students will provide materials that overview JWT and it's implementation into the flask_portfolio project. Student/Teachers will build anatomy lesson and describe concept that go into adding JWT to a flask project. Additionally, student will review Postman and validating a JWT cookie is obtained. In Postman, show cookie and break down the anatomy of cookie.

jm1021 commented 10 months ago

This review ticket contains the history of implementation changes.

Flask/JWT additions

jm1021 commented 10 months ago

There are essentially two parts to JWT...

  1. The implementation on the backend that is discussed in the review ticket above.
  2. The secure interaction between the frontend and the backend (that generates token). You will see some of that discussed in the second part of the ticket.

In this lesson, you need to understand the total RestAPI picture (recently posted in #general). Next, understand how the token is maintained in cookies and travels to backend host on a HTTP request. FYI, the token contains information about the user and potentially roles (if implemented). This lesson should leverage off of Postman to help in understand JWT and Cookie.