fastapi-jwt-auth icon indicating copy to clipboard operation
fastapi-jwt-auth copied to clipboard

Published 20 hours ago verified publisher icon IndominusByte

Overwrite the secret key for encoding/decoding

Open mfrey777 opened this issue 4 years ago • 1 comments

Hello,

I am looking at migrating a Flask App (using to JWT Extended) tp FastApi and I could not find an equivalent to overwrite the key that is used.

I have a mulit-tenant Flask environment and I want a JWT token to only be valid for one tenant, so I add the tenant name to the secret key.

In JWT-extended I used the following function to overwrite the key that is used (and of course an equivalent decode function) def customEncodeKey(arg1): return app.config["JWT_SECRET_KEY"] + getTenant(request)

jwt.encode_key_loader(customEncodeKey)

mfrey777 avatar May 24 '21 08:05 mfrey777

I have now seen that I could use the "audience" for the purpose explained above. But is there a way to pass the audience as parameter of jwt_required() (instead of having to set the object attribute directly beforehand) ?

@app.get('/user') def user(Authorize: AuthJWT = Depends()): Authorize._decode_audience = 't2' Authorize.jwt_required()

mfrey777 avatar Jun 08 '21 08:06 mfrey777