api.pyfile for adding your API routes to:
Kernel.pyfile inside the
AuthenticatesTokensclass onto this model:
api_tokenbut this is configurable by adding a
__TOKEN_COLUMN__attribute to your model. Your migration file should look like this:
api.pyconfig file in your configuration directory that looks like this:
JWT_SECRET. This will be used as a salt for encoding and decoding the JWT token.
authenticateskey is used as a check to check against the database on every request to see if the token is set on the user. By default, the database is not called to check if the token is assigned to a user. One of the benefits of JWT is the need to not have to make a database call to validate the user but if you want that behavior, you can set this option to
web.pyfile which can be used to authenticate users to give them JWT tokens:
api.pyfile are wrapped in an
apimiddleware, you should add a middleware stack in your route middleware in your Kernel file:
By default, all routes in the
routes/api.pyfile already have the
apimiddleware stack on them so there is no need to specify the stack on all your API routes.
/api/authroute can be used to get a new authentication token:
POSTrequest with a
passwordto get back a JWT token:
tokeninput or a
expireskey in the configuration file then your JWT tokens will not expire and will be valid forever.
tokeninput containing the current JWT token. This will check the table for the token and if found, will generate a new token.
LoadUserMiddlewareand a new
guardroute middleware stack: