Closed ex5 closed 7 years ago
Addressed in #63 as well. This project has long been abandoned for a long time, that pr has been open for a year and a half. Perhaps check out flask-jwt-extended, it gives you more flexibility and is still maintained (full disclosure, I'm the author of that extension).
@vimalloc oh, forgot to look through the issues, sorry.
I've actually checked flask-jwt-extended
out first and had to go with this one because flask-jwt-extended
enforces presence of jti
and type
keys, and that doesn't work with third party generated tokens that happen not to have them
That makes sense :) Perhaps check out pyjwt directly? The API is pretty simple, and you could rip the jwt_required
decorator from this extension. Good luck either way.
yeah, using pyjwt
directly makes more sense in this case
thanks! =]
In case you are still interested in this, or someone else stumbles upon this, let me introduce Flask-JWT-Simple (https://github.com/vimalloc/flask-jwt-simple). It is a toned down version of Flask-JWT-Extended with all the opinionated stuff needed for the extra features ripped out. This new extension allow you full control over claims when creating JWTs, and places no restrictions on what claims need to be in consumed JWTs.
If there are features missing from the simple variant of this extension that you would like to see, I would be more then happy to port them over. The two that I could see being helpful right off hand is JWT blacklisting and JWT claim verification.
Cheers.
looking at the code, it seems like a dict
identity
should work, but it requires a small fix: