flask-jwt icon indicating copy to clipboard operation
flask-jwt copied to clipboard

Published 20 hours ago verified publisher icon mattupstate

Get current_identity outside of the @jwt_required

Open hirecom opened this issue 8 years ago • 11 comments

I'd like to get the current_identity in routes where authorization is not required. For instance a list of news items, if they are logged in they can comment, otherwise no commenting allowed.

Is there another way to get the current_identity of a user if they are logged in from a route that's not decorated with @jwt_required?

hirecom avatar Nov 10 '16 07:11 hirecom

Quick hack by implementing your own decorator :

from functools import wraps
from flask import current_app
from flask_jwt import _jwt_required, current_identity


def jwt_optionnal(realm=None):
    def wrapper(fn):
        @wraps(fn)
        def decorator(*args, **kwargs):
            try:
                _jwt_required(realm or current_app.config['JWT_DEFAULT_REALM'])
            except:
                pass
            return fn(*args, **kwargs)
        return decorator
    return wrapper

then :

from flask_jwt import current_identity


@jwt_optionnal()
def view():
  if current_identity:
    [...]

jarmani avatar Nov 10 '16 08:11 jarmani

👍 Wow - thanks! I'll give it a try tonight!

hirecom avatar Nov 10 '16 16:11 hirecom

@jarmani - Awesome, this worked great!

hirecom avatar Nov 11 '16 00:11 hirecom

Is this being added to the library? I would like to have it officially

Garito avatar Sep 22 '17 16:09 Garito

This library has been abandoned for a while now. Check out flask-jwt-extended (better if you are creating the JWTs in your flask app) or flask-jwt-simple (better if you are consuming tokens from another JWT provider). Both of them have @jwt_optional built into the extension, and are still actively maintained.

Full disclosure, I'm the author of those extensions.

vimalloc avatar Sep 22 '17 16:09 vimalloc

Thanks

Garito avatar Sep 22 '17 17:09 Garito

By the way: could you modify the readme to point this fact?

Garito avatar Sep 22 '17 17:09 Garito

Nope, I don't have access to this repo (Flask-JWT). The owner has been AWAL for a while, and at this point it seems like the project has been entirely abandoned.

vimalloc avatar Sep 22 '17 17:09 vimalloc

Oh, boy... That kind of things piss me off a lot It makes a bunch of people lost their time... I'm going to put an issue explaining that

Thanks

Garito avatar Sep 22 '17 17:09 Garito

@Garito I'm sorry I don't want to start a flame, but I strongly disagree.

The authors of this and in fact any Open Source project are not responsible for anything including your lost time. It was their choice to create the project and they still retain ownership of the project and therefore are able to abandon it (ius dereliquendi) or even destroy it (ius abutendi). It was solely their goodwill that they licensed their work in such a way that you could gain some of the rights of their ownership of this project: use it (ius utendi) and even profit from it (ius fruendi) all at your own risk. Please reevaluate your view of this issue and also do your due diligence; a project without a commit for three years is probably dead.

aidik avatar Jun 08 '18 18:06 aidik

Yeah, I totally reevaluate my view: change of library, so long and thanks for all the fish

Garito avatar Jun 09 '18 10:06 Garito