1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
Storing Additional Data in JWTs
===============================
You may want to store additional information in the access token which you could
later access in the protected views. This can be done using the ``additional_claims``
argument with the :func:`~flask_jwt_extended.create_access_token` or
:func:`~flask_jwt_extended.create_refresh_token` functions. The claims
can be accessed in a protected route via the :func:`~flask_jwt_extended.get_jwt`
function.
It is important to remember that JWTs are not encrypted and the contents of
a JWT can be trivially decoded by anyone who has access to it. As such, you
should never put any sensitive information in a JWT.
.. literalinclude:: ../examples/additional_data_in_access_token.py
Alternately you can use the :meth:`~flask_jwt_extended.JWTManager.additional_claims_loader`
decorator to register a callback function that will be called whenever a new JWT
is created, and return a dictionary of claims to add to that token. In the case
that both :meth:`~flask_jwt_extended.JWTManager.additional_claims_loader` and the
``additional_claims`` argument are used, both results are merged together, with ties
going to the data supplied by the ``additional_claims`` argument.
.. code-block:: python
# Using the additional_claims_loader, we can specify a method that will be
# called when creating JWTs. The decorated method must take the identity
# we are creating a token for and return a dictionary of additional
# claims to add to the JWT.
@jwt.additional_claims_loader
def add_claims_to_access_token(identity):
return {
"aud": "some_audience",
"foo": "bar",
"upcase_name": identity.upper(),
}
|
