added support to unpack jwt token from post param

[shaioz]

please see https://stackoverflow.com/a/59363326 for why this is needed.

(more details:) First of all thanks for this great & working package! Secondly I wanted to download a file from my flask backend, but make sure only authenticated users could download. Using flask-praetorian to secure the file download endpoint was my first decision, and after failing to download the file from within the react frontend (i.e. using axios & js-file-download), I found I could easily use window.open with a post request to download files with my token as a post param (from react's localStorage) (please see stackoverflow question and comment linked), but it would require a (small) change (thanks to the quality design of this framework!). I have implemented and tested this approach in my code and it works... Please to pull this so others could benefit more easily and I will enhance the original stackoverflow answer to benefit everyone.

Thanks, Shai

[dusktreader]

Thanks for the kind words and the PR!

Reading over it and the the Stack Overflow link, this seems like a bit of a niche use-case. I wonder if there is a way to support this without using the decorators at all. The auth can be done against a token from any source using the method calls themselves in the body of a request handler function.

Could you provide an example of your API code so that I can better understand what you are doing from the backend perspective?

[dusktreader]

Closing this PR for now. I think I will need to see a clearer use-case and some example code.