Professional Web API with Flask

Logout Endpoint

To enable a user to logout, we must revoke their JWT. If the user attempts to reuse the same JWT, they will be denied access to the system. To achieve this, we need to create a storage solution for keeping revoked JWTs until their expiration.

Creating a Blocklist for Revoked Tokens

First, we create a blocklist.py file and write:


python
BLOCKLIST = set()

Checking if Token is Revoked

Next, in app.py, we import our BLOCKLIST variable and define a new function to check if a token is in the blocklist:


python
9
1
2
3
4
5
6
7
8
9
from blocklist import BLOCKLIST
...
def create_app():
    ...
    jwt = JWTManager(app)
   ...
   @jwt.token_in_blocklist_loader
def check_if_token_in_blocklist(jwt_header, jwt_payload):
       return jwt_payload["jti"] in BLOCKLIST

Endpoint for User Logout

To facilitate user logout, we create a UserLogout class where we add the user's JWT to the BLOCKLIST:


python
9
1
2
3
4
5
6
7
@blp.route("/logout")
class UserLogout(MethodView):
   @jwt_required()
   def post(self):
       jti = get_jwt()["jti"]
       BLOCKLIST.add(jti)
       return {"message": "Successfully logged out"}, 200

Var alt klart?

Tak for dine kommentarer!

Sektion 5. Kapitel 7

Spørg AI

Spørg om hvad som helst eller prøv et af de foreslåede spørgsmål for at starte vores chat

some-alt

Professional Web API with Flask

0%

1. Introduction to the Course

Dive into the world of web APIs with Flask, starting with the basics. You'll learn what APIs and REST APIs are, how to set up your project, configure your environment, and establish a GitHub SSH connection. This foundational knowledge will set you up for success.

Project Description

Project Initialization

Environment Configuration and Dependency Management

Establish SSH Connection to GitHub

2. Database and Models

Explore the core of database handling with SQLAlchemy. You'll learn to create robust models and understand many-to-one, one-to-one, and many-to-many relationships. This section empowers you with the skills to structure complex databases for real-world applications.

SQLAlchemy Set Up

Many-to-One Relationship

One-to-One Relationship

Many-to-Many Relationship

3. Flask-Smorest and Schemas

Unveil the power of Flask-Smorest and Marshmallow for managing web APIs and data serialization. You'll delve into JSON, schema handling, and the intricacies of data representation and validation, paving the way for advanced API development.

Introduction to Flask-Smorest

Introduction to Marshmallow

JSON Explanation

Schema Handling with Marshmallow

4. Endpoints with Blueprints and MethodView

Master the art of creating and managing endpoints with Flask's Blueprints and MethodView. From setting up your first endpoints to exploring Flask-Migration and SQLite Studio, and utilizing tools like Postman and Insomnia, you'll craft scalable and maintainable web architectures.

Blueprints and MethodView Overview

Start with Blueprints and MethodViews

First Endpoint, Flask-Migration and SQLite Studio

Postman and Insomnia

User and Player Endpoints

5. Authentication with JWT

Secure your web APIs with JWT authentication. Learn to set up Flask-JWT-Extended, handle user registration, login, and logout processes, and implement permissions and security measures. By the end of this section, you'll be adept at protecting and testing your endpoints.

Flask-JWT-Extended Set Up

User Registration

Logout Endpoint

Testing New Endpoints

6. Deployment

Prepare your Flask project for deployment. This final leap covers the essentials: creating a requirements.txt, code formatting with Black and Flake8, and documenting your project with a README.md. You'll also master Git for version control and branch merging, readying you for a seamless project launch.

Enhancing Your App