Necessary Changes for Creating the Authentication API

Explore how to create a secure authentication API with Flask by implementing password hashing, managing user registration and login, issuing JWT access tokens, and protecting routes. Understand the full authentication flow including token testing and user record deletion to build safer web applications.

We'll cover the following...

Imports
Register new account
Log in
Test the token
Deleting the records
Testing API

The authentication API is where the various pieces come together. First, we’ll use password hashing to create authentication records and verify credentials. Second, we’ll provide the means by which a user can authenticate and receive their access token. Third, we’ll show an example of how to modify a route to make it require a valid access token.

Imports

The imports are mostly familiar. The new ones are auth_orm, which we just created in the previous lesson, and flask_jwt_extended, which makes it easy to work with JWT access tokens. To install it, we use pipenv. We’ll notice, however, that it’s installed using hyphens between the words but imported using underscores.

$ pipenv install flask-jwt-extended

To create the API, we’ll need the usual imports, and also our new ...

1.Introduction

2.Basic Client Pages with React

3.Dynamic Client-Side Pages with React

4.Server-Side API Creation with Flask

5.Database Definition and Creation with SQLAlchemy

6.Code Documentation with Sphinx

7.An Introduction to Code Testing

8.UI Testing

9.API Testing

10.Database Integrity Testing

11.Automatically Testing Every Update

12.Design a Web Application

13.Build the Data Model

14.Build the REST API

15.Build the React Client

16.Finishing Touches for the App

17.Web Authentication

18.Deploy the Application

Project

19.Conclusion

20.Appendix

Necessary Changes for Creating the Authentication API

Imports