The library provides aiohttp
middleware and helper utils for working with JSON web tokens.
- Works on Python3.5+
- MIT License
- Latest docs TBD
- Contributions are highly welcome!
$ pip install aiohttp_jwt
server.py
import jwt
from aiohttp import web
from aiohttp_jwt import JWTMiddleware
sharable_secret = 'secret'
async def protected_handler(request):
return web.json_response({'user': request['payload']})
app = web.Application(
middlewares=[
JWTMiddleware(sharable_secret),
]
)
app.router.add_get('/protected', protected_handler)
if __name__ == '__main__':
web.run_app(app)
client.py
import asyncio
import aiohttp
import async_timeout
async def fetch(session, url, headers=None):
async with async_timeout.timeout(10):
async with session.get(url, headers=headers) as response:
return await response.json()
async def main():
async with aiohttp.ClientSession() as session:
response = await fetch(
session,
'http://localhost:8080/protected',
headers={'Authorization': 'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6InRlc3QifQ.pyNsXX_vNsUvdt6xu13F1Gs1zGELT4Va8a38eG5svBA'})
print(response)
loop = asyncio.get_event_loop()
loop.run_until_complete(main())
This module inspired by official auth0/express-jwt middleware and express-jwt-permissions extension.
For advanced security facilities check aio-libs/aiohttp_security
MIT License