dataviews
Reputation: 3100
flask-resful api jwt_required specific identity
Is there a way to restrict the API endpoint with the @jwt_required decorator looking at only one identity?
Right now, I create the JWT with the identity of an admin user = 1 and standard user = 0. On my route, I have something like this:
@app.route('/add', methods=['POST'])
@jwt_required
def add():
if request.method == 'POST':
if get_jwt_identity()[1] == 1:
Is there a cleaner way to check the jwt_identity and perform whatever is defined there for the route? Not sure if my approach is the best.
Thanks!
Upvotes: 0
Views: 160
Answers (1)
vimalloc
Reputation: 4177
You could use a custom decorator to hold that logic: https://flask-jwt-extended.readthedocs.io/en/stable/custom_decorators/
Upvotes: 1
Related Questions
- Adding resources with jwt_required?
- Flask Restul Basic Authentication
- Authentication with Flask JWT in python
- Api with flask-jwt-extended with authentication problems?
- Flask-restful basic Authentication
- how to use flask REST API authentication
- Basic Auth in flask for only one user
- Request to API Flask-Restful with JWT header and JSON data
- Token based authentication with flask-security extension
- Flask RESTful API and authenticating for a specific user