diff --git a/CHANGELOG.md b/CHANGELOG.md index 9754d49..2fd7cd5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,6 @@ +## 0.4.0 +* Support set and unset cookies when returning a **Response** directly + ## 0.3.0 * **(Deprecated)** environment variable support * Change name function **load_end()** -> **load_config()** diff --git a/docs/api-doc.md b/docs/api-doc.md index 77d0255..fd0a60d 100644 --- a/docs/api-doc.md +++ b/docs/api-doc.md @@ -65,33 +65,47 @@ In here you will find the API for everything exposed in this extension. * **user_claims**: Custom claims to include in this token. This data must be dictionary * Returns: An encoded refresh token -**set_access_cookies**(encoded_access_token, max_age=None) +**set_access_cookies**(encoded_access_token, response=None, max_age=None) : *Configures the response to set access token in a cookie. This will also set the CSRF double submit values in a separate cookie.* * Parameters: * **encoded_access_token**: The encoded access token to set in the cookies + * **response**: The FastAPI response object to set the access cookies in * **max_age**: The max age of the cookie value should be `integer` the number of seconds * Returns: None -**set_refresh_cookies**(encoded_refresh_token, max_age=None) +**set_refresh_cookies**(encoded_refresh_token, response=None, max_age=None) : *Configures the response to set refresh token in a cookie. This will also set the CSRF double submit values in a separate cookie.* * Parameters: * **encoded_refresh_token**: The encoded refresh token to set in the cookies + * **response**: The FastAPI response object to set the refresh cookies in * **max_age**: The max age of the cookie value should be `integer` the number of seconds * Returns: None -**unset_jwt_cookies**() +**unset_jwt_cookies**(response=None) : *Unset (delete) all jwt stored in a cookies.* -**unset_access_cookies**() + * Parameters: + * **response**: The FastAPI response object to delete the JWT cookies in + * Returns: None + +**unset_access_cookies**(response=None) : *Remove access token and access CSRF double submit from the response cookies.* -**unset_refresh_cookies**() + * Parameters: + * **response**: The FastAPI response object to delete the access cookies in + * Returns: None + +**unset_refresh_cookies**(response=None) : *Remove refresh token and refresh CSRF double submit from the response cookies.* + * Parameters: + * **response**: The FastAPI response object to delete the refresh cookies in + * Returns: None + **get_raw_jwt**() : *This will return the python dictionary which has all of the claims of the JWT that is accessing the endpoint. If no JWT is currently present, return `None` instead.* diff --git a/docs/usage/jwt-in-cookies.md b/docs/usage/jwt-in-cookies.md index cca9ef6..9cb5bb0 100644 --- a/docs/usage/jwt-in-cookies.md +++ b/docs/usage/jwt-in-cookies.md @@ -2,6 +2,19 @@ Highly recommended using JWT in cookies, if your frontend interacts with the bac Here is a basic example of how to store JWT in cookies: +!!! note + You can also create cookies or unset cookies when returning a `Response` directly in your code. + To do that, you can create a response then set the response in set cookies or unset cookies + + ``` python + ... + response = JSONResponse(content={"msg":"Successfully login"}) + # Set the JWT and CSRF double submit cookies in the response + Authorize.set_access_cookies(access_token,response) + Authorize.set_refresh_cookies(refresh_token,response) + return response + ``` + ```python hl_lines="21 23 46-47 57 69" {!../examples/jwt_in_cookies.py!} ``` diff --git a/fastapi_jwt_auth/__init__.py b/fastapi_jwt_auth/__init__.py index 81f421d..cdad7a8 100644 --- a/fastapi_jwt_auth/__init__.py +++ b/fastapi_jwt_auth/__init__.py @@ -1,5 +1,5 @@ """FastAPI extension that provides JWT Auth support (secure, easy to use and lightweight)""" -__version__ = "0.3.0" +__version__ = "0.4.0" from .auth_jwt import AuthJWT diff --git a/mkdocs.yml b/mkdocs.yml index 14a6a9c..c8ca410 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -25,6 +25,7 @@ markdown_extensions: - def_list - admonition - codehilite + - pymdownx.tabbed - pymdownx.superfences - pymdownx.inlinehilite