DEV Community

Cover image for Encode Decode JWT
Ravi Kumar Gupta
Ravi Kumar Gupta

Posted on

Encode Decode JWT

JWT stands for JSON Web Tokens.

A simple function to encode the content -

'''
Encode the given text with given secret key. The default number of seconds for token validity is 600 seconds.
'''
def encode_token(text, secret_key, validity_seconds = 600):
    import datetime, jwt
    try:
        payload = {
            'exp': datetime.datetime.utcnow() + datetime.timedelta(days=0, seconds=validity_seconds),
            'iat': datetime.datetime.utcnow(),
            'secret': text
        }
        return jwt.encode(
            payload,
            secret_key,
            algorithm='HS256'
        )
    except Exception as e:
        return e
Enter fullscreen mode Exit fullscreen mode

And to decode -

'''
Decode the encoded token with given secret_key
'''
def decode_token(auth_token, secret_key):
    import jwt
    try:
        payload = jwt.decode(auth_token, secret_key, algorithms='HS256')
        return {'auth': True, 'error': '', 'decoded': payload}
    except jwt.ExpiredSignatureError:
        return {'auth': False, 'error': 'Token expired'}
    except jwt.InvalidTokenError:
        return {'auth': False, 'error': 'Invalid token'}
    return {'auth': False, 'error': 'Some error'}

Enter fullscreen mode Exit fullscreen mode

Let's get to work -

Define a secret

secret = 'This-is-my-super-secret'
Enter fullscreen mode Exit fullscreen mode

Encode the content

encoded_data = encode_token('Something to encode', secret)
print(encoded_data)
Enter fullscreen mode Exit fullscreen mode

This outputs as -

'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2MjcyMjY4NDUsImlhdCI6MTYyNzIyNjI0NSwic2VjcmV0IjoiU29tZXRoaW5nIHRvIGVuY29kZSJ9.CombVr-757PXau8yeXtyjCLn54E3pGNntlnpoADnPRI'
Enter fullscreen mode Exit fullscreen mode

If You copy this to https://jwt.io you will see -

Alt Text

Decode the token

To decode the data you need the same secret

decoded_data = decode_token(encoded_data, secret)
print(decoded_data['decoded']['secret'])
Enter fullscreen mode Exit fullscreen mode

This outputs to -
'Something to encode'

If you try to decode using some other secret key, the data won't be decoded correctly

decoded_data = decode_token(encoded_data, 'some-other-secret')
print(decoded_data)
Enter fullscreen mode Exit fullscreen mode

This output as -

{'auth': False, 'error': 'Invalid token'}
Enter fullscreen mode Exit fullscreen mode

Hope these simple functions help you :)

You can follow me on Twitter — @kravigupta . You can also connect on LinkedIn — kravigupta.

Top comments (0)