aiohttp middleware and helper utils for working with JSON web token.
Clone or download
pyup-bot and hzlmn Scheduled weekly dependency update for week 48 (#72)
* Update aiohttp from 3.1.2 to 3.4.4

* Update async-timeout from 2.0.1 to 3.0.1

* Update coverage from 4.5.1 to 4.5.2

* Update flake8 from 3.5.0 to 3.6.0

* Update multidict from 4.4.2 to 4.5.2

* Update pycodestyle from 2.3.1 to 2.4.0

* Update pyflakes from 1.6.0 to 2.0.0

* Update pyjwt from 1.6.1 to 1.7.0

* Update pytest from 3.9.2 to 4.0.1

* Update pytest-cov from 2.5.1 to 2.6.0

* Update pytest-mock from 1.8.0 to 1.10.0
Latest commit 2c46f4d Dec 4, 2018

README.md

aiohttp-jwt

stability-unstable Updates Python 3 Build Status codecov Documentation Status

The API is in the process of settling, but has not yet had sufficient real-world testing to be considered stable. Backwards-compatibility will be maintained if reasonable.

The library provides aiohttp middleware and helper utils for working with JSON web tokens.

  • Works on Python3.5+
  • MIT License
  • Latest docs TBD
  • Contributions are highly welcome!

Requirements

Install

$ pip install aiohttp_jwt

Simple Usage

server.py

import jwt
from aiohttp import web

from aiohttp_jwt import JWTMiddleware

sharable_secret = 'secret'


async def protected_handler(request):
    return web.json_response({'user': request['payload']})


app = web.Application(
    middlewares=[
        JWTMiddleware(sharable_secret),
    ]
)

app.router.add_get('/protected', protected_handler)

if __name__ == '__main__':
    web.run_app(app)

client.py

import asyncio

import aiohttp
import async_timeout


async def fetch(session, url, headers=None):
    async with async_timeout.timeout(10):
        async with session.get(url, headers=headers) as response:
            return await response.json()


async def main():
    async with aiohttp.ClientSession() as session:
        response = await fetch(
            session,
            'http://localhost:8080/protected',
            headers={'Authorization': 'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6InRlc3QifQ.pyNsXX_vNsUvdt6xu13F1Gs1zGELT4Va8a38eG5svBA'})
        print(response)

loop = asyncio.get_event_loop()
loop.run_until_complete(main())

Examples

Credits

This module inspired by official auth0/express-jwt middleware and express-jwt-permissions extension.

Related packages

For advanced security facilities check aio-libs/aiohttp_security

License

MIT License