search

pallets-eco / flask-jwt

JWT (JSON Web Tokens) for Flask applications
MIT License
564 stars 178 forks source link

AttributeError when identity is a dict #122

Closed ex5 closed 7 years ago

ex5 commented 7 years ago

looking at the code, it seems like a dict identity should work, but it requires a small fix:

  File "/home/anka/envs/modelrepository/lib/python3.6/site-packages/flask_restful/__init__.py", line 273, in error_router
    return original_handler(e)
  File "/home/anka/envs/modelrepository/lib/python3.6/site-packages/flask/app.py", line 1517, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/home/anka/envs/modelrepository/lib/python3.6/site-packages/flask/_compat.py", line 33, in reraise
    raise value
  File "/home/anka/envs/modelrepository/lib/python3.6/site-packages/flask/app.py", line 1612, in full_dispatch_request
    rv = self.dispatch_request()
  File "/home/anka/envs/modelrepository/lib/python3.6/site-packages/flask/app.py", line 1598, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/home/anka/envs/modelrepository/lib/python3.6/site-packages/flask_jwt/__init__.py", line 127, in _default_auth_request_handler
    access_token = _jwt.jwt_encode_callback(identity)
  File "/home/anka/envs/modelrepository/lib/python3.6/site-packages/flask_jwt/__init__.py", line 62, in _default_jwt_encode_handler
    payload = _jwt.jwt_payload_callback(identity)
  File "/home/anka/envs/modelrepository/lib/python3.6/site-packages/flask_jwt/__init__.py", line 53, in _default_jwt_payload_handler
    identity = getattr(identity, 'id') or identity['id']
AttributeError: 'dict' object has no attribute 'id'
vimalloc commented 7 years ago

Addressed in #63 as well. This project has long been abandoned for a long time, that pr has been open for a year and a half. Perhaps check out flask-jwt-extended, it gives you more flexibility and is still maintained (full disclosure, I'm the author of that extension).

ex5 commented 7 years ago

@vimalloc oh, forgot to look through the issues, sorry. I've actually checked flask-jwt-extended out first and had to go with this one because flask-jwt-extended enforces presence of jti and type keys, and that doesn't work with third party generated tokens that happen not to have them

vimalloc commented 7 years ago

That makes sense :) Perhaps check out pyjwt directly? The API is pretty simple, and you could rip the jwt_required decorator from this extension. Good luck either way.

ex5 commented 7 years ago

yeah, using pyjwt directly makes more sense in this case

thanks! =]

vimalloc commented 7 years ago

In case you are still interested in this, or someone else stumbles upon this, let me introduce Flask-JWT-Simple (https://github.com/vimalloc/flask-jwt-simple). It is a toned down version of Flask-JWT-Extended with all the opinionated stuff needed for the extra features ripped out. This new extension allow you full control over claims when creating JWTs, and places no restrictions on what claims need to be in consumed JWTs.

If there are features missing from the simple variant of this extension that you would like to see, I would be more then happy to port them over. The two that I could see being helpful right off hand is JWT blacklisting and JWT claim verification.

Cheers.