Skip to content

User Authentication

Isabel Costa edited this page Nov 20, 2019 · 3 revisions

How it works

User Authentication is JSON Web Token (JWT) based. To implement this we use a flask extension, flask-jwt-extended. You can see an example of basic usage with this extension here.

In short, when a user logs in, the user will receive an authentication token (e.g.: access_token) which contains part of the user's identity and other token related fields, as the expiration date.

You can get an access token once you are registered into the backend. Here's a quick tutorial on how to login using Swagger UI provided by the deployed server.

The user can then use this access_token when using a protected/restricted API, such as, GET /user API. To access this the client has to send the access_token in the header of the HTTP request, following this format: "Autorization: Bearer access_token".

Example

Here's an inside look at an access_token using jwt.io Debugger. image