JWT stands for JSON Web Tokens.
A simple function to encode the content -
'''
Encode the given text with given secret key. The default number of seconds for token validity is 600 seconds.
'''
def encode_token(text, secret_key, validity_seconds = 600):
import datetime, jwt
try:
payload = {
'exp': datetime.datetime.utcnow() + datetime.timedelta(days=0, seconds=validity_seconds),
'iat': datetime.datetime.utcnow(),
'secret': text
}
return jwt.encode(
payload,
secret_key,
algorithm='HS256'
)
except Exception as e:
return e
And to decode -
'''
Decode the encoded token with given secret_key
'''
def decode_token(auth_token, secret_key):
import jwt
try:
payload = jwt.decode(auth_token, secret_key, algorithms='HS256')
return {'auth': True, 'error': '', 'decoded': payload}
except jwt.ExpiredSignatureError:
return {'auth': False, 'error': 'Token expired'}
except jwt.InvalidTokenError:
return {'auth': False, 'error': 'Invalid token'}
return {'auth': False, 'error': 'Some error'}
Let's get to work -
Define a secret
secret = 'This-is-my-super-secret'
Encode the content
encoded_data = encode_token('Something to encode', secret)
print(encoded_data)
This outputs as -
'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2MjcyMjY4NDUsImlhdCI6MTYyNzIyNjI0NSwic2VjcmV0IjoiU29tZXRoaW5nIHRvIGVuY29kZSJ9.CombVr-757PXau8yeXtyjCLn54E3pGNntlnpoADnPRI'
If You copy this to https://jwt.io you will see -
Decode the token
To decode the data you need the same secret
decoded_data = decode_token(encoded_data, secret)
print(decoded_data['decoded']['secret'])
This outputs to -
'Something to encode'
If you try to decode using some other secret key, the data won't be decoded correctly
decoded_data = decode_token(encoded_data, 'some-other-secret')
print(decoded_data)
This output as -
{'auth': False, 'error': 'Invalid token'}
Hope these simple functions help you :)
You can follow me on Twitter — @kravigupta . You can also connect on LinkedIn — kravigupta.
Top comments (0)