Endpoints¶
An endpoint is provided for JWT login, and is designed to integrate with an ASGI app, such as Starlette or FastAPI.
jwt_login¶
This creates an endpoint for logging in, and getting a JSON Web Token (JWT).
from piccolo_api.jwt_auth.endpoints import jwt_login
from starlette import Starlette
from starlette.routing import Route, Router
app = Starlette(
routes=[
Route(
path="/login/",
endpoint=jwt_login(
secret='mysecret123'
)
),
]
)
secret¶
This is used for signing the JWT.
expiry¶
An optional argument, which allows you to control when a token expires. By default it’s set to 1 day.
from datetime import timedelta
jwt_login(
secret='mysecret123',
expiry=timedelta(minutes=10)
)
Hint
You generally want short expiry tokens for web applications, and longer expiry times for mobile applications.
Hint
See JWTMiddleware
for how to protect your endpoints.
Usage¶
You can use any HTTP client to get the JWT token. In our example we use curl
.
To get a JWT token:
curl -X POST \
-H "Content-Type: application/json" \
-d '{"username": "piccolo", "password": "piccolo123"}' \
http://localhost:8000/login/
To get data from a protected endpoint:
curl -H "Authorization: Bearer your-JWT-token" \
http://localhost:8000/private/movies/
Hint
You can use all HTTP
methods by passing a valid JWT token in the Authorization
header.
Source¶
- piccolo_api.jwt_auth.endpoints.jwt_login(secret: str, auth_table: Type[BaseUser] = BaseUser, expiry: timedelta = timedelta(days=1)) Type[JWTLoginBase] [source]¶
Create an endpoint for generating JWT tokens.
- Parameters:
secret – Used to sign the the JWT tokens.
auth_table – Which Piccolo table to use to authenticate the user.
expiry – How long before the JWT token expires.