For all the self-taught geeks out there, here our content library with most of the learning materials we have produces throughout the years.
It makes sense to start learning by reading and watching videos about fundamentals and how things work.
Machine Learning Engineering (16 weeks)
Full-Stack Software Developer
Search from all Lessons
Curated list of small interactive and incremental exercises you can take to get better at any coding skill.
Curated section of projects to build while learning with simple instructions, videos, solutions and more.
Guides on different topics related to the technologies that we teach in our courses
Social & live learning
The most efficient way to learn: Join a cohort with classmates just like you, live streams, impromptu coding sessions, live tutorials with real experts, and stay motivated.
📹 Here is a video explaining the JWT authentication implementation using React.js, Context API and Python Flask.
Almost every API needs an authentication layer, and there are many ways to tackle that problem, today we are going to be implementing JWT token into our Flask API.
You can divide a standard authentication process in 5 main steps:
Usertable that matches with both parameters at the same time (username and password).
tokenfor that user and responds status_code=200 back to the front end.
tokenfrom now on to make any future request.
☝️ If you don't know what a token is, I would recomend this reading.
There are many ways to create tokens: Basic, Bearer, JWT, etc. All of them are different in its nature but all of them result in the same output: A hash (a big alphanumeric token).
|Type of token||How it looks|
☝️ As you can see, JWT Tokens are bigger than the other two types of token.
JSON Web Token or JWT is an open standard to create tokens
This standard has become quite popular since it's very effective for Web Apps like Google APIs, where after the user authentication you make API requests.
JSON Web Token is a type of token that includes a structure, which can be decrypted by the server that allows you to authenticate the identity of the user of that application.
In a nutshell: JWT is an amazing alternative because
Basic Token is to simple and easy to hack and Bearer Token it's harder to maintain because you have to store each token on the database.
With JWT Tokens you don't need a database, the token itself contains all the information needed.
You may notice that the string is divided in three sections separated by a (.). Each section has it meaning:
|HEADER||The first part stores the type of token and the encryption algorithm|
|PAYLOAD||The second part has the data that identifies the user: it can be its ID, user name, etc.|
|SIGNATURE||Digital signature, which is generated with the previous two sections, and it allows you to verify if the content has been modified.|
We strongly recomend using JWT Extended library to implement JWT autentication in your Python Flask API, the process can be divided in the following steps:
The endpoint should be a POST because you are creating tokens (POST is for creation).
This is how the endpoint could look like in Python:
@jwt_required()decorator on private routes
Now... any endpoint that requires authorization (private endpoints) should use the
You will be able to retrieve the authenticated user information (if valid) using the
On the front-end side we need two main steps: Creating a new token (a.k.a: login) and appending the token to the headers when fetching any other private endpoints.
Based on the endpoints we build on earlier we have to
POST /token with the username and password information in the request body.
Let's suppose I am using the front-end application and I just logged in, but now I want to fech some private or protected endpoint:
That is it! As you can see it's very simple to integrate JWT into your application using Flask/Python, just three steps on the backend and two steps on the front-ent. For any questions you can contact me on twitter @alesanchezr or use the #public-support channel on 4Geeks Academy's Slack community.