sanic_jwt_extended.tokens module¶
-
class
sanic_jwt_extended.tokens.
Token
(app: sanic.app.Sanic, token: dict)[source]¶ Bases:
object
Token object that contains decoded token data and passed with kwargs to endpoint function
-
jti
¶ Returns: jti data
-
jwt_identity
¶ Returns: jwt identity claim data (or this can be None if data does not exist)
-
jwt_user_claims
¶ Returns: user claim data
-
raw_jwt
¶ Returns: full jwt data in dictionary form
-
-
sanic_jwt_extended.tokens.
decode_jwt
(encoded_token: str, secret: str, algorithm: str, identity_claim_key: str, user_claims_key: str) → Dict[source]¶ Decodes an encoded JWT
Parameters: - encoded_token – The encoded JWT string to decode
- secret – Secret key used to encode the JWT
- algorithm – Algorithm used to encode the JWT
- identity_claim_key – expected key that contains the identity
- user_claims_key – expected key that contains the user claims
Returns: Dictionary containing contents of the JWT
-
sanic_jwt_extended.tokens.
encode_access_token
(identity: str, secret: str, algorithm: str, expires_delta: datetime.timedelta, fresh: Union[datetime.timedelta, bool], user_claims: dict, role: str, identity_claim_key: str, user_claims_key: str, json_encoder: Callable[..., str] = None) → str[source]¶ Creates a new encoded (utf-8) access token. :param identity: Identifier for who this token is for (ex, username). This
data must be json serializableParameters: - secret – Secret key to encode the JWT with
- algorithm – Which algorithm to encode this JWT with
- expires_delta (datetime.timedelta or False) – How far in the future this token should expire (set to False to disable expiration)
- fresh – If this should be a ‘fresh’ token or not. If a datetime.timedelta is given this will indicate how long this token will remain fresh.
- user_claims – Custom claims to include in this token. This data must be json serializable
- role – A role field for RBAC
- identity_claim_key – Which key should be used to store the identity
- user_claims_key – Which key should be used to store the user claims
- json_encoder – json encoder
Returns: Encoded access token
-
sanic_jwt_extended.tokens.
encode_refresh_token
(identity, secret, algorithm, expires_delta, user_claims, identity_claim_key, user_claims_key, json_encoder=None)[source]¶ Creates a new encoded (utf-8) refresh token.
Parameters: - identity – Some identifier used to identify the owner of this token
- secret – Secret key to encode the JWT with
- algorithm – Which algorithm to use for the toek
- expires_delta (datetime.timedelta or False) – How far in the future this token should expire (set to False to disable expiration)
- user_claims – Custom claims to include in this token. This data must be json serializable
- identity_claim_key – Which key should be used to store the identity
- user_claims_key – Which key should be used to store the user claims
- json_encoder – json encoder
Returns: Encoded refresh token