CODEWITHSUNDEEP
pythonflaskhttp-headersflask-jwt-extended
abhi002
abhi002

Reputation: 91

Unable to get Authorization Header in Flask JWT Extended

I am trying to using to use Flask-JWT extended at the basic level at the moment. I get the user and password authenticated from the user form. I create an accesss token, include it in the response and route to another protected route. Please find the shorter version of code as below...

from flask import Flask, jsonify, request
from flask_jwt_extended import,JWTManager, jwt_required, create_access_token,get_jwt_identity)
app.config['JWT_SECRET_KEY'] = 'super-secret'
jwt = JWTManager(app)
app.config['JWT_TOKEN_LOCATION'] = ['headers']
app.config['JWT_BLACKLIST_ENABLED'] = True
jwt = JWTManager(app)
app.config['PROPAGATE_EXCEPTIONS'] = True


@log_blueprint.route('/', methods=['GET', 'POST'])
def login():
form = LoginForm()
if request.method == 'POST':
        if error is None and username = form.request['user'] and pwd = form.request['pwd'] :
            access_token = create_access_token(identity=user)
            resp = redirect(url_for('log_blueprint.protected'),access_token)
            resp.headers = {'Authorization': 'Bearer {}'.format(access_token)}
            return resp

@log_blueprint.route('/protected', methods=["POST","GET"])
@jwt_required
def protected():
    current_user = get_jwt_identity()
    return jsonify(logged_in_as=current_user), 200

It gives me the error as below...

 {"msg":"Missing Authorization Header"}

I tried the answers on this page...https://stackoverflow.com/questions/52087743/flask-restful-noauthorizationerror-missing-authorization-header But couldnt get better. Please let me know any solution for this issue. Sorry if any typo mistake.

Thanks and regards, Abhinay J K

Upvotes: 3

Views: 5041

Answers (3)

Timur Mingulov
Timur Mingulov

Reputation: 2519

If it works on your local machine but not on the server, make sure that your server accepts Authorization headers. See the answer here: Apache strips down "Authorization" header

Upvotes: 0

nsuchojad
nsuchojad

Reputation: 11

Depending on the version you are using, accordind to change log of latest stable version, you should be using notation like:

@log_blueprint.route('/protected', methods=["POST","GET"])
@jwt_required()
def protected():
    current_user = get_jwt_identity()
    return jsonify(logged_in_as=current_user), 200

Upvotes: 1

venkat g
venkat g

Reputation: 69

If you are using postman to send request, make sure you check the "key".

Upvotes: 0

Related Questions