This is a quick-start application that demonstrates how to create secured API applications using Flask and JWT. It is built with:
I wrote an article about creating the quickstart: Flask API Quickstart Application with JSON Web Tokens, SQLAlchemy and Pytest.
You will need Python 3 installed, together with Pipenv to install dependencies.
The app uses a SQL database via SQLAlchemy. It was tested with PostgreSQL, but should work with other supported databases as well.
- Clone the repository
- Install dependencies using
pipenv install
All configuration can be found in app/config.py file.
Change at least:
SQLALCHEMY_DATABASE_URIfor the db connectionSECRET_KEYto be unique to your application
- Enter virtual environment using
pipenv shell - Run database migrations using
flask db upgrade - Run
python run.py - Check to see if the application is running with
curl -XGET http://localhost:5000/ping
curl -i -H "Content-Type: application/json" -X POST -d '{"username":"user1", "password":"Password1", "email": "t@example.com"}' http://localhost:5000/api/v1/auth/signup
curl -i -H "Content-Type: application/json" -X POST -d '{"username":"user1", "password":"Password1"}' http://localhost:5000/api/v1/auth/login
You should get a token that can be used for the following two endpoints:
Replace XXXXX with your token:
curl -i -H "Authorization: Bearer XXXXX" -H "Content-Type: application/json" -XGET http://localhost:5000/protected
Replace XXXXX with your token:
curl -i -H "Authorization: Bearer XXXXX" -H "Content-Type: application/json" -XPOST http://localhost:5000/api/v1/auth/logout
- Enter virtual environment using
pipenv shell - Run the test suite with
pytest
There is API specification written in OpenAPI Specification in docs/api.yaml
Various parts of the quickstart were inspired by Bucket List API.
Author: Petr Stříbný
License: The MIT License (MIT)