Notice: This page requires JavaScript to function properly.
Please enable JavaScript in your browser settings or update your browser.
Lære Logout Endpoint | Authentication with JWT
Professional Web API with Flask

bookLogout Endpoint

To enable a user to logout, we must revoke their JWT. If the user attempts to reuse the same JWT, they will be denied access to the system. To achieve this, we need to create a storage solution for keeping revoked JWTs until their expiration.

Creating a Blocklist for Revoked Tokens

First, we create a blocklist.py file and write:

BLOCKLIST = set()

Checking if Token is Revoked

Next, in app.py, we import our BLOCKLIST variable and define a new function to check if a token is in the blocklist:

from blocklist import BLOCKLIST
...
def create_app():
    ...
    jwt = JWTManager(app)
   ...
   @jwt.token_in_blocklist_loader
def check_if_token_in_blocklist(jwt_header, jwt_payload):
       return jwt_payload["jti"] in BLOCKLIST

Endpoint for User Logout

To facilitate user logout, we create a UserLogout class where we add the user's JWT to the BLOCKLIST:

@blp.route("/logout")
class UserLogout(MethodView):
   @jwt_required()
   def post(self):
       jti = get_jwt()["jti"]
       BLOCKLIST.add(jti)
       return {"message": "Successfully logged out"}, 200

Var alt klart?

Hvordan kan vi forbedre det?

Tak for dine kommentarer!

Sektion 5. Kapitel 7

Spørg AI

expand

Spørg AI

ChatGPT

Spørg om hvad som helst eller prøv et af de foreslåede spørgsmål for at starte vores chat

Awesome!

Completion rate improved to 3.03

bookLogout Endpoint

Stryg for at vise menuen

To enable a user to logout, we must revoke their JWT. If the user attempts to reuse the same JWT, they will be denied access to the system. To achieve this, we need to create a storage solution for keeping revoked JWTs until their expiration.

Creating a Blocklist for Revoked Tokens

First, we create a blocklist.py file and write:

BLOCKLIST = set()

Checking if Token is Revoked

Next, in app.py, we import our BLOCKLIST variable and define a new function to check if a token is in the blocklist:

from blocklist import BLOCKLIST
...
def create_app():
    ...
    jwt = JWTManager(app)
   ...
   @jwt.token_in_blocklist_loader
def check_if_token_in_blocklist(jwt_header, jwt_payload):
       return jwt_payload["jti"] in BLOCKLIST

Endpoint for User Logout

To facilitate user logout, we create a UserLogout class where we add the user's JWT to the BLOCKLIST:

@blp.route("/logout")
class UserLogout(MethodView):
   @jwt_required()
   def post(self):
       jti = get_jwt()["jti"]
       BLOCKLIST.add(jti)
       return {"message": "Successfully logged out"}, 200

Var alt klart?

Hvordan kan vi forbedre det?

Tak for dine kommentarer!

Sektion 5. Kapitel 7
some-alt