Properties & Methods of _auth

auth is a built-in object. It's used for, generating & verifying tokens. It also has a few other useful methods and properties.

secret_key

Specify the secret key used for encoding/decoding tokens. This is by default a randomly generated UUID string.

Usage

auth.secret_key = 'secret key goes here'

login()

Generates a JWT.

Usage

auth.login([user], [expiry])

Parameters:

decode()

Returns the payload for the current token. Use this function inside routes decorated with &protected. You can e.g. use this function to get the email/username from the token (the user parameter passed into login()).

• Returns a dictionary.

Usage

auth.decode()

encode() Advanced!

Basically the same as login(), but you provide the payload to be encoded, while login() takes a username/email and automatically converts it into a payload dictionary with an expiration value. Use encode() if you want to encode more data than just a username and an expiration.

Usage

auth.encode(payload)

Parameters:

{
    user: '[email protected]',
    exp: datetime.datetime.utcnow() + datetime.timedelta(seconds=expiry)
}

is_valid()

Returns True if the current token is still valid.

Usage

auth.is_valid() # True or False

get_token()

Returns the token sent in the request as a string.

Usage

auth.get_token()

user()

Returns the user/username/email of the current authenticated user's token, you can also access this via the decode method _auth.decode()['user'].

Usage

auth.get_token()