Implementing JWT Authentication with Flask and Django

 In modern web development, securing APIs and user sessions is essential. JWT (JSON Web Tokens) has emerged as a popular method for handling stateless authentication in RESTful applications. This blog will walk you through how to implement JWT authentication in both Flask and Django, two leading Python web frameworks.

What is JWT?

JWT stands for JSON Web Token, a compact, URL-safe way of representing claims between two parties. It typically consists of three parts: header, payload, and signature. JWTs are self-contained, meaning they carry user information and authentication claims, allowing the server to verify identity without storing session data.

Implementing JWT in Flask

Step 1: Install Required Packages

pip install Flask Flask-JWT-Extended

Step 2: Basic Setup

from flask import Flask, jsonify, request

from flask_jwt_extended import JWTManager, create_access_token, jwt_required

app = Flask(__name__)

app.config['JWT_SECRET_KEY'] = 'your-secret-key'

jwt = JWTManager(app)

Step 3: Create Login and Protected Routes

@app.route('/login', methods=['POST'])

def login():

    username = request.json.get('username')

    password = request.json.get('password')

    if username == 'admin' and password == 'admin':

        access_token = create_access_token(identity=username)

        return jsonify(access_token=access_token), 200

    return jsonify(msg='Invalid credentials'), 401

@app.route('/protected', methods=['GET'])

@jwt_required()

def protected():

    return jsonify(msg='Access granted'), 200

Implementing JWT in Django (Using Django REST Framework)

Step 1: Install Required Packages

pip install djangorestframework djangorestframework-simplejwt

Step 2: Update Settings

In settings.py, add:

REST_FRAMEWORK = {

    'DEFAULT_AUTHENTICATION_CLASSES': (

        'rest_framework_simplejwt.authentication.JWTAuthentication',

    ),

}

Step 3: Create Token Views

from rest_framework_simplejwt.views import TokenObtainPairView, TokenRefreshView

urlpatterns = [

    path('api/token/', TokenObtainPairView.as_view(), name='token_obtain_pair'),

    path('api/token/refresh/', TokenRefreshView.as_view(), name='token_refresh'),

]

Step 4: Secure Your Views

Use Django REST Framework’s @permission_classes to protect endpoints:

from rest_framework.permissions import IsAuthenticated

@api_view(['GET'])

@permission_classes([IsAuthenticated])

def protected_view(request):

    return Response({"message": "Authenticated"})

Conclusion

JWT makes user authentication secure and scalable, especially in stateless applications. Whether you're using Flask for lightweight APIs or Django for full-featured web apps, integrating JWT is straightforward with the right libraries. By adopting JWT, developers can ensure secure data exchange and improve API performance.

Learn Fullstack Python Training in Hyderabad

Read More:

Creating Dynamic Frontend Interfaces with React and Python Backend

Using Vue.js with a Python Backend

Deploying Fullstack Python Applications on AWS

Containerizing Fullstack Python Apps with Docker

Visit our IHub Talent Training Institute

Get Direction











Comments

Post a Comment

Popular posts from this blog

SoapUI for API Testing: A Beginner’s Guide

 APIs are the backbone of modern applications, enabling communication between different software systems. Testing these APIs is crucial to ensure reliable performance and functionality. SoapUI is one of the most widely used tools for API testing, especially for SOAP and REST services. This beginner’s guide will walk you through what SoapUI is, why it's useful, and how to get started. What is SoapUI? SoapUI is an open-source tool designed for testing web services. It supports both SOAP (Simple Object Access Protocol) and REST (Representational State Transfer) APIs. SoapUI offers a user-friendly interface that makes it easier to send requests, inspect responses, automate tests, and validate data. Why Use SoapUI for API Testing? Easy to use GUI with drag-and-drop features Supports both manual and automated testing Allows functional, security, and performance testing Supports data-driven testing using external sources Enables testers to mock web services for testing in isolated environ...
Read more

Automated Regression Testing with Selenium

 Regression testing ensures that new code changes do not negatively impact the existing functionality of an application. As applications grow and evolve, manually performing regression tests becomes time-consuming and error-prone. Selenium, a leading open-source test automation tool for web applications, is an excellent choice for automating regression testing. What is Regression Testing? Regression testing involves re-running previously completed test cases after code changes to verify that existing features continue to work as expected. It is critical for maintaining application stability during frequent updates, especially in agile and DevOps environments. Why Use Selenium for Regression Testing? Selenium supports multiple browsers (Chrome, Firefox, Edge), programming languages (Java, Python, C#, etc.), and platforms. Its flexibility and integration capabilities make it ideal for building and executing automated regression test suites. Key Benefits: Open-source and community-sup...
Read more

Containerizing Java Apps with Docker and Kubernetes

 Modern application development demands speed, scalability, and consistency across environments. Containerization addresses these needs by packaging applications and their dependencies into lightweight containers. For Java applications, using tools like Docker and Kubernetes simplifies deployment, scaling, and management. In this blog, we'll explore how to containerize a Java app with Docker and manage it using Kubernetes. Why Containerize Java Applications? Java apps often depend on specific versions of libraries, Java Runtime Environment (JRE), and configurations. Containers: Ensure consistency across dev, test, and production environments Simplify dependency management Improve portability and scalability Enable microservices architecture Step 1: Create a Java Application Let’s assume you have a simple Spring Boot application with a jar file ready for deployment: ./mvnw clean package This generates a .jar file in the target/ directory. Step 2: Write a Dockerfile Create a file nam...
Read more