Reputation: 125
How should I handle exceptions raised in @jwt_required decorator? (in flask-jwt-extended)
I have a function with @jwt_required decorator.
class Test(Resource):
@jwt_required
def get(self):
return {"test": "ok" }
Which works fine when the correct HTTP header is set, i.e.
Authentication: Bearer [TOKEN]
but when the token is invalid/wrong or messed with, a jwt.exceptions.DecodeError is raised:
File "env/lib/python3.6/site-packages/flask_restplus/resource.py", line 44, in dispatch_request
resp = meth(*args, **kwargs)
File "env/lib/python3.6/site-packages/flask_jwt_extended/view_decorators.py", line 103, in wrapper
verify_jwt_in_request()
File "env/lib/python3.6/site-packages/flask_jwt_extended/view_decorators.py", line 32, in verify_jwt_in_request
jwt_data = _decode_jwt_from_request(request_type='access')
File "env/lib/python3.6/site-packages/flask_jwt_extended/view_decorators.py", line 267, in _decode_jwt_from_request
decoded_token = decode_token(encoded_token, csrf_token)
File "env/lib/python3.6/site-packages/flask_jwt_extended/utils.py", line 80, in decode_token
encoded_token, verify=False, algorithms=config.algorithm
File "env/lib/python3.6/site-packages/jwt/api_jwt.py", line 84, in decode
payload, _, _, _ = self._load(jwt)
File "env/lib/python3.6/site-packages/jwt/api_jws.py", line 183, in _load
raise DecodeError('Not enough segments')
jwt.exceptions.DecodeError: Not enough segments
I cannot rely on clients always using correct tokens all the time. And I cannot catch the exception because it is raised in the decorator rather than my own function. So the result is a http 500 error. How should I handle the exception more gracefully?
Upvotes: 4
Views: 4679
Answers (1)
Reputation: 4187
Flask-jwt-extended should be handling those for you gracefully. If not, you are probably using another extension (like flask-restful for example) that is breaking native flask functionality. You can try setting this option to fix it app.config[‘PROPAGATE_EXCEPTIONS’] = True, or take a look at this thread for some advice if you are using a different flask extension that is causing problems https://github.com/vimalloc/flask-jwt-extended/issues/86
Upvotes: 7
Related Questions
- how to catch all exceptions raised in flask_restful app
- Force page redirect on token errors with a custom decorator using flask-jwt-extended
- Handle an error from flask decorator
- verify_jwt_in_request() returns None when called in custom Flask Decorator
- @JWT_Required decorator Exception Handling
- @jwt_required decorator not working on flask endpoint
- flask-jwt-extended - Catch raise RevokedTokenError('Token has been revoked')
- How can I do custom JWT validation with Flask and flask_jwt_extended?
- flask-jwt-extended: customizing error message
- Is it a good pattern to raise exceptions in a python decorator?