audiolion / apistar-jwt Goto Github PK

Based on the API Star Authorization documentation

An authentication class must implement the authenticate method, and should return a subclass of Auth, or None if the request was not authenticated.

This allows having multiple authentication mechanisms, and to globally set JWTAuthentication in the authentication setting w/out it requiring authorization for every endpoint. Right now, setting

settings = {
    'AUTHENTICATION': [JWTAuthentication()],
}

will 401 if a JWT hasn't been set, which doesn't work well for public endpoints.

Version Info:

Python: 3.6
API Star JWT: 0.2.1
API Star: 0.3.9

Thanks for creating this btw - it's been extremely handy for a side project.

Hi, @audiolion. I noticed your project on the Discuss site so I thought I'd check it out. I see that the code calls import jwt, but I don't see PyJWT as a dependency in setup.py. Am I missing something?

Thanks for you efforts so far. I look forward to a time where API Star has a robust 3rd party ecosystem.

Should be nice to have a working Example, something that people can just download and run.

The framework is new, I am using it for some time and yet I dont understand how to use Apistar-JWT,
should I use as Component?, or not?, or both at the same time can be used?, Pros Vs Cons of using it as Component?,
JWT supports passing Token on URL or POST args, does apistar-jwt supports that?,
I read the tests, but actually implementing it on the code just from reading the tests and readme seems complicated.

At least 1 minimal working example should be very useful and bring more users to the project.
Just a /example/app.py
Ive created the same for my Apistar components

Keep it up!, is a great project!. 😸

it's datetime.datetime.utcnow() and not datetime.utcnow()

Where are the tokens stored? What if I have two or three instances of my app running, seems there is no way to share the tokens among the multiple instances.

Given the refined direction that apistar has taken with 0.6, will this repo be likely to stick around?

I've a few apistar containers running 0.5.42 that are not likely to receive any major updates other than introduction of JWT for authentication. This package seems to fit the bill nicely, and rather than write something same-same-but-different or clone the repo, it would be good to know the future of this repo.

I noticed travis doesn't have an end point, so thought I'd ask the question as to if that was the direction of this package.

Found your package on pypi.org I think you need to correct the url in your setup.py.