How to POST the refresh token to Flask JWT Extended?
Asked Answered
F

3

7

I am trying to refresh a JWT token from the code here. The issue is with how to get the new token with the refresh.

This works:

curl http://127.0.0.1:5000/protected
{"msg":"Missing Authorization Header"}

This works and I get my token and put it in ACCESS

curl -H "Content-Type: application/json" -X POST   -d '{"username":"test","password":"test"}' http://localhost:5000/login

This works and I get my username

curl -H "Authorization: Bearer $ACCESS" http://localhost:5000/protected

But when the token expires, how do I get curl with my refresh token and/or access token to get my new access token? I've tried numerous POST's and nothing seems to work:

https://flask-jwt-extended.readthedocs.io/en/latest/refresh_tokens.html

from flask import Flask, jsonify, request
from flask_jwt_extended import (
    JWTManager, jwt_required, create_access_token,
    jwt_refresh_token_required, create_refresh_token,
    get_jwt_identity
)

app = Flask(__name__)

app.config['JWT_SECRET_KEY'] = 'super-secret'  # Change this!
jwt = JWTManager(app)


@app.route('/login', methods=['POST'])
def login():
    username = request.json.get('username', None)
    password = request.json.get('password', None)
    if username != 'test' or password != 'test':
        return jsonify({"msg": "Bad username or password"}), 401

    # Use create_access_token() and create_refresh_token() to create our
    # access and refresh tokens
    ret = {
        'access_token': create_access_token(identity=username),
        'refresh_token': create_refresh_token(identity=username)
    }
    return jsonify(ret), 200


# The jwt_refresh_token_required decorator insures a valid refresh
# token is present in the request before calling this endpoint. We
# can use the get_jwt_identity() function to get the identity of
# the refresh token, and use the create_access_token() function again
# to make a new access token for this identity.
@app.route('/refresh', methods=['POST'])
@jwt_refresh_token_required
def refresh():
    current_user = get_jwt_identity()
    ret = {
        'access_token': create_access_token(identity=current_user)
    }
    return jsonify(ret), 200


@app.route('/protected', methods=['GET'])
@jwt_required
def protected():
    username = get_jwt_identity()
    return jsonify(logged_in_as=username), 200


if __name__ == '__main__':
    app.run()
Fickle answered 10/3, 2019 at 16:32 Comment(4)
If I want render template with in Jwt token settings time, how can do it?Eiser
I mean can I use code as return jsonify(ret),200,render_template('home.html') like thisEiser
Why don't you ask a new question? This is not related to what was asked here.Fickle
i asked ,have you any idea about this? #59083189Eiser
D
8

Try

curl -H "Authorization: Bearer $REFRESH" -X POST http://localhost:5000/refresh
Depositor answered 10/3, 2019 at 17:28 Comment(1)
I’d tried this and got an error. It was actually because I’d copied the refresh token incorrectly. Thanks for your help.Fickle
J
0

For me only this worked, both were required - post data and Auth header.

 curl -X POST -H "Content-Type: Application/json" -H "Authorization: Bearer $REFRESH" -d "{\"refresh_token\":\"$REFRESH\"}" http://localhost:5000/refresh
Joesphjoete answered 4/9, 2020 at 12:0 Comment(0)
T
-2

First, when creating a new user you should ensurer that you created both the access_key and the refresh_key (there are flask-jwt-extended functions for that).

Then you have to create an endpoint, which requires the refresh_key (through @jwt.required(refresh=True)). This says: Give me specifically the refresh key.

The endpoint should seem like this:

@blp.route("/refresh") # Route
class TokenRefresh(MethodView): 
    @jwt_required(refresh=True) # Requiring the refresh_token
    def post(self):
        current_user = get_jwt_identity() # Obtaining the ID, through the refresh token
        new_token = create_access_token(identity=current_user, fresh=False)
        return {"access_token":new_token}

This will provide you with a new access_token.

Tulle answered 21/10, 2022 at 23:52 Comment(1)
This doesn't really helper the questioner - if you look at the other answers, nothing new needs to be implemented here.Gaygaya

© 2022 - 2024 — McMap. All rights reserved.