Open rivasd opened 6 years ago
So in your User model which presumably is based on the UserMixin - you can override:
get_auth_token() and get_security_payload() which should be pretty close to what you need?
@rivasd Would you be able to share any progress you have made with integrating flask-jwt-extended with flask-security?
Hi!
I am trying to use flask-jwt-extended in conjuction with your awesome Flask-Security, which in in my opinion takes care of a lot of the boilerplate away from standard authentication.
However, use cases for both Flask-Login and Flask-jwt-extended depend on us writing our own login() view to allow users to log in given a username+password, giving them back a JWT string. I can see Flask-Security ships with a nice implementation of such view that even takes into account whether it is called by AJAX or not. But it currently suffers from 2 things:
I assume this would be possible using Flask-Login's
user-logged-in
signal, in conjunction withFlask.after_this_request
and theflask.request
global to, for example, attach anAuthorization: Bearer
header, but this seems very contrived. Additionally, if theresponse
is a json string, there is no officially documented way to my knowledge to alter the contents of aresponse
object in Flask