search

pallets-eco / flask-jwt

JWT (JSON Web Tokens) for Flask applications
MIT License
564 stars 177 forks source link

Get current_identity outside of the @jwt_required #106

Open hirecom opened 8 years ago

hirecom commented 8 years ago

I'd like to get the current_identity in routes where authorization is not required. For instance a list of news items, if they are logged in they can comment, otherwise no commenting allowed.

Is there another way to get the current_identity of a user if they are logged in from a route that's not decorated with @jwt_required?

jarmani commented 8 years ago

Quick hack by implementing your own decorator :

from functools import wraps
from flask import current_app
from flask_jwt import _jwt_required, current_identity

def jwt_optionnal(realm=None):
    def wrapper(fn):
        @wraps(fn)
        def decorator(*args, **kwargs):
            try:
                _jwt_required(realm or current_app.config['JWT_DEFAULT_REALM'])
            except:
                pass
            return fn(*args, **kwargs)
        return decorator
    return wrapper

then : 

from flask_jwt import current_identity

@jwt_optionnal()
def view():
  if current_identity:
    [...]
hirecom commented 8 years ago

👍 Wow - thanks! I'll give it a try tonight!

hirecom commented 8 years ago

@jarmani - Awesome, this worked great!

Garito commented 7 years ago

Is this being added to the library? I would like to have it officially

vimalloc commented 7 years ago

This library has been abandoned for a while now. Check out flask-jwt-extended (better if you are creating the JWTs in your flask app) or flask-jwt-simple (better if you are consuming tokens from another JWT provider). Both of them have @jwt_optional built into the extension, and are still actively maintained.

Full disclosure, I'm the author of those extensions.

Garito commented 7 years ago

Thanks

Garito commented 7 years ago

By the way: could you modify the readme to point this fact?

vimalloc commented 7 years ago

Nope, I don't have access to this repo (Flask-JWT). The owner has been AWAL for a while, and at this point it seems like the project has been entirely abandoned.

Garito commented 7 years ago

Oh, boy... That kind of things piss me off a lot It makes a bunch of people lost their time... I'm going to put an issue explaining that

Thanks

aidik commented 6 years ago

@Garito I'm sorry I don't want to start a flame, but I strongly disagree.

The authors of this and in fact any Open Source project are not responsible for anything including your lost time. It was their choice to create the project and they still retain ownership of the project and therefore are able to abandon it (ius dereliquendi) or even destroy it (ius abutendi). It was solely their goodwill that they licensed their work in such a way that you could gain some of the rights of their ownership of this project: use it (ius utendi) and even profit from it (ius fruendi) all at your own risk. Please reevaluate your view of this issue and also do your due diligence; a project without a commit for three years is probably dead.

Garito commented 6 years ago

Yeah, I totally reevaluate my view: change of library, so long and thanks for all the fish