Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

disable flask-jwt across all routes

See original GitHub issue

I have a situation where I am building an API, which allows access to different datasets. One dataset requires authentication and another dataset is public and does not. I need to use the same defined API (and all its routes) for access. Is there a way I can use flask-jwt for API authentication across all of my routes, but then disable it on a config setting or toggle?

I currently apply the jwt_required decorator as a default to all my of routes from a single base class. This works perfectly for the cases for private data. I need a way to turn off the authentication system when a certain setting is applied. Is there a way to disable the jwt_required decorator once applied, or to disable the flask-jwt extension all together? Or maybe override it?

Issue Analytics

State:
Created 5 years ago
Comments:6 (2 by maintainers)

Top GitHub Comments

1reaction

pgalileacommented, Mar 13, 2019

In my flask-restplus app I’m doing this:

import os
from flask_restful.inputs import boolean
if not boolean(os.getenv('JWT_ON', False)): jwt_required = lambda fn: fn

0reactions

Kolterdyxcommented, Aug 5, 2022

This is what I use for debugging (@pgalilea’s method didn’t work for me):

def dummy_jwt_required(realm=None):
    def wrapper(fn):
        @wraps(fn)
        def decorator(*args, **kwargs):
            return fn(*args, **kwargs)
        return decorator
    return wrapper

auth_required = dummy_jwt_required if config['DEBUG'] else jwt_required

@app.route('/dashboard')
@auth_required()
def dashboard():
    ...

Top Results From Across the Web

Configuration Options — flask-jwt-extended 4.4.4 documentation

This can be overridden on a per-route basis by using the locations argument in flask_jwt_extended.jwt_required() . Default: "headers". Header Options:¶. These ...

flask jwt extended protect only specified request methods

I want to have the GET method opened for all users without JWT token , but the POST , PUT and DELETE methods...

Flask-JWT 0.3.2 documentation

Flag indicating if all tokens should be verified. Defaults to True. It is not recommended to change this value. JWT_AUTH_HEADER_PREFIX, The Authorization header ......

How To Authenticate Flask API Using JWT

The API is a book library API using which users can create books and upload cover images for the books and relevant data....

Create a Flask API with JWT-Based Authentication (Part 3)

For example, the API route that registers a new user account will be /api/v1/auth/register . The /api/v1 prefix will apply to all API...