Using JWT Authentication in Full Stack Python Apps

 WT (JSON Web Token) authentication is a popular way to manage secure user sessions in full-stack Python apps. It’s stateless, scalable, and works well for APIs. Here’s a breakdown of how to implement JWT authentication in a full-stack Python app.

πŸ” What is JWT?

JWT is a compact, URL-safe token that contains claims (user data) and is digitally signed. It typically includes:

  • Header: Algorithm and token type

  • Payload: Claims (e.g., user id, roles)

  • Signature: Verifies that the token hasn't been tampered with

πŸ—️ Tech Stack Example

Let’s say your full-stack app uses:

  • Backend: Python with Flask (or FastAPI)

  • Frontend: React (or any JS framework)

  • Database: PostgreSQL or MongoDB

🧠 How JWT Auth Works in Full Stack

  1. User logs in → Frontend sends login data to backend

  2. Backend validates credentials → Creates and sends JWT back

  3. Frontend stores JWT → Typically in localStorage or sessionStorage

  4. Frontend includes JWT in requests → Usually in Authorization: Bearer <token>

  5. Backend verifies token → Allows or denies access

πŸ› ️ Backend: Python (Flask Example)

Install Dependencies:

bash
pip install Flask PyJWT Flask-CORS

Sample Flask Code:

python
from flask import Flask, request, jsonify
import jwt
import datetime
from functools import wraps

app = Flask(__name__)
app.config['SECRET_KEY'] = 'your_secret_key'

# Decorator for protecting routes
def token_required(f):
    @wraps(f)
    def decorated(*args, **kwargs):
        token = request.headers.get('Authorization', None)
        if token:
            try:
                token = token.split(" ")[1]  # Remove 'Bearer'
                data = jwt.decode(token, app.config['SECRET_KEY'], algorithms=["HS256"])
                current_user = data['user']
            except:
                return jsonify({'message': 'Invalid Token'}), 401
        else:
            return jsonify({'message': 'Token Missing'}), 403
        return f(current_user, *args, **kwargs)
    return decorated

# Login route
@app.route('/login', methods=['POST'])
def login():
    auth_data = request.json
    if auth_data['username'] == 'admin' and auth_data['password'] == 'password':
        token = jwt.encode({
            'user': auth_data['username'],
            'exp': datetime.datetime.utcnow() + datetime.timedelta(hours=1)
        }, app.config['SECRET_KEY'], algorithm="HS256")
        return jsonify({'token': token})
    return jsonify({'message': 'Invalid Credentials'}), 401

# Protected route
@app.route('/protected', methods=['GET'])
@token_required
def protected(current_user):
    return jsonify({'message': f'Welcome {current_user}'})

if __name__ == '__main__':
    app.run(debug=True)

🌐 Frontend (React Example)

javascript
// Store the token after login
localStorage.setItem('token', response.data.token);

// Send with request
fetch('/protected', {
  headers: {
    'Authorization': 'Bearer ' + localStorage.getItem('token')
  }
})
.then(res => res.json())
.then(data => console.log(data));

🧩 Tips

  • Use HTTPS to protect tokens in transit

  • Set token expiration (exp) and refresh it with refresh tokens

  • Don’t store tokens in localStorage if XSS is a concern (use HttpOnly cookies instead)

  • Use libraries like Flask-JWT-Extended or FastAPI for better handling

πŸ§ͺ Want a full project example?

Let me know if you'd like a working GitHub project template or a walkthrough using FastAPI + React or Flask + Vue.

READ MORE

Full Stack Python Course In Hyderabad

Introduction to React for Python Developers

Visit Our QUALITY THOUGHT Training Institute

GET DIRECTIONS

Comments

Post a Comment

Popular posts from this blog

Integrating WebSockets with React and Python Backend

 WebSockets are a powerful tool for building real-time web applications where the server and client can communicate instantly without needing to refresh the page. They enable two-way communication over a single, long-lived connection, which makes them ideal for real-time features such as chat apps, live notifications, and live updates in dashboards. In this blog, we will walk through integrating WebSockets between a React frontend and a Python backend using FastAPI for the backend and Socket.IO for the frontend in React. 1. Setting Up the Python Backend with WebSockets For the backend, we will use FastAPI . FastAPI is an easy-to-use, modern framework for building APIs and supports WebSocket integration out-of-the-box. Socket Initialization : The useEffect hook establishes a connection with the WebSocket server at http://localhost:8000 . Sending and Receiving Messages : We listen for incoming messages from the server with socket.on("message") and display them in t...
Read more

How to Repurpose Old Content for Better Engagement

 Repurposing old content is a smart and efficient way to boost engagement without always starting from scratch. Here's how you can do it effectively: πŸ” 1. Update & Refresh Existing Content Why: Information can get outdated quickly. How: Update stats, screenshots, links, and references. Add new insights or examples. Improve headlines, SEO keywords, and formatting. Bonus Tip: Republish with a “Last updated on…” date to signal freshness to Google and readers. πŸŽ₯ 2. Turn Blog Posts into Videos or Reels Why: Video is highly engaging and often favored by algorithms. How: Use key takeaways to create explainer videos or tutorials. Use tools like Canva, Lumen5, or InVideo to create quick visuals. Post it on: YouTube, Instagram, LinkedIn, or TikTok. πŸŽ™️ 3. Convert into Podcasts or Audio Bites Why: Some audiences prefer listening over reading. How: Record a quick episode explaining the blog topic. Use tools like Anchor or Au...
Read more

Introduction to AWS for Data Science Beginners

  Introduction to AWS for Data Science Beginners What is AWS? Amazon Web Services (AWS) is a leading cloud computing platform that provides scalable, on-demand computing resources. It offers a wide range of services, including data storage, processing, machine learning, and analytics, making it a powerful tool for data scientists. Why Use AWS for Data Science? AWS enables data scientists to process large datasets, build machine learning models, and deploy data-driven applications efficiently. Key benefits include: Scalability: Handle large datasets with ease. Cost-Effectiveness: Pay-as-you-go pricing model. Security & Compliance: Industry-leading security for data protection. Flexibility: Supports multiple programming languages and frameworks. Essential AWS Services for Data Science Data Storage & Management: Amazon S3: Secure, scalable cloud storage for data lakes. Amazon RDS: Managed relational databases for structured data. AWS Glue: Serverless ETL (Extract, Trans...
Read more