Link

View Decorators

def jwt_required

A decorator to protect a Sanic endpoint.

If you decorate an endpoint with this, it will ensure that the requester has a valid access token before allowing the endpoint to be called.

If blacklist has enabled, the decorator automatically checks token in request has been revoked.

Endpoint to be decorated must specify token keyword argument to take over token object.

@app.route("/protected", methods=["GET"])
@jwt_required
async def protected(request, token):
    ...

By enable fresh_required option, You can check the freshness of the access token.

@app.route("/protected", methods=["GET"])
@jwt_required(fresh_required=True)
async def protected(request, token):
    ...

By specify allow or deny option, You can control which roles has permission. if access control is enabled,

@app.route("/protected", methods=["GET"])
@jwt_required(allow=["ADMIN", "SUPER_ADMIN", ])
async def protected(request, token):
    ...

Parmeters

  • fresh_required - A boolean to enable option
  • allow - A list of roles that expected to be allowed. this can’t be used with deny together
  • deny - A list of roles that expected to be denied. this can’t be used with allow together

def jwt_optional

A decorator to optionally protect a Sanic endpoint.

This means decorated endpoint will still be called if no access token is present in the request. but decorator will propagate None instead of valid token object

But if there is an invalid access token in the request (expired, tampered with, etc), this will still call the appropriate error handler instead of allowing the endpoint to be called as if there is no access token in the request.

@app.route("/protected", methods=["GET"])
@jwt_optional
async def protected(request: Request, token: Optional[Token]):
    ...

Parmeters

This decorator dosen’t requries any parameter

def refresh_jwt_required

A decorator to protect a Sanic endpoint.

If you decorate an endpoint with this, it will ensure that the requester has a valid request token before allowing the endpoint to be called.

If blacklist has enabled, the decorator automatically checks token in request has been revoked.

Endpoint to be decorated must specify token keyword argument to take over token object.

Parmeters

  • fresh_required - A boolean to enable option
  • allow - A list of roles that expected to be allowed. this can’t be used with deny together
  • deny - A list of roles that expected to be denied. this can’t be used with allow together