AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
![]() ![]() ![]() You can have additional roles for authenticated users, like an admin role with elevated privileges. Authentication means that the endpoint has an existing session and is unique to a specific user. Now we can explore how to use decorators for authentication.Įndpoints must be authenticated before they are allowed to make requests in an application. Setting up authentication decorators on a Flask API This workflow diagram shows how a decorator function is executed and how it enforces a requirement before the request can proceed or a response is returned. When displaying the output to a browser, this decorator converts a function into a route that can be accessed by the browser without having to explicitly invoke the function in the program. In other words, a decorator will always extend the behavior of a function without modifying the behavior of that function.Īn example of a Flask decorator that you have probably used is the for defining routes. A function can be used as a parameter and a return value, while also being assigned to a variable. This is possible because Python gives functions special status. Understanding Flask decoratorsĪ decorator is a function that takes in another function as a parameter and then returns a function. Before we get started though, let me explain what decorators are. Now you have access to the codebase I will be referring to in the rest of the tutorial. To clone the project, run this command in your terminal: $ git clone For additional details on the process of creating and configuring the tokens, you can read more in the PyJWT docs. It is important to note that this tutorial is focused on how to use and configure authentication tokens in Flask and not on the structure of the tokens or the various token configurations, such as when they expire or their composition. In this tutorial we will not focus on the process of developing the API endpoints but on the process of ensuring that the endpoints are secured by enforcing use of authentication tokens. We will use this API to create, read, and delete books. The application we will be using for this tutorial is a simple book management API. Our tutorials are platform-agnostic, but use CircleCI as an example.
0 Comments
Read More
Leave a Reply. |