Use string for identity in JWT

This is required because of vimalloc/flask-jwt-extended#556

docs/docs/08_flask_jwt_extended/07_login_users_rest_api/README.md

@@ -29,10 +29,12 @@ class UserLogin(MethodView):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id))
             return {"access_token": access_token}, 200
 
         abort(401, message="Invalid credentials.")
 ```
 
-Here you can see the when we call `create_access_token(identity=user.id)` we pass in the user's `id`. This is what gets stored (among other things) inside the JWT, so when the client sends the JWT back on every request, we can tell who the JWT belongs to.
+Here you can see the when we call `create_access_token(identity=str(user.id))` we pass in the user's `id`. This is what gets stored (among other things) inside the JWT, so when the client sends the JWT back on every request, we can tell who the JWT belongs to.
+
+**Update Nov 2024**: Before now, we used `identity=user.id`, but now we have to convert it to a string first.

docs/docs/08_flask_jwt_extended/07_login_users_rest_api/end/resources/user.py

@@ -37,7 +37,7 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id))
             return {"access_token": access_token}, 200
 
         abort(401, message="Invalid credentials.")

docs/docs/08_flask_jwt_extended/08_protect_resources_with_jwt_required/end/resources/user.py

@@ -37,7 +37,7 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id))
             return {"access_token": access_token}, 200
 
         abort(401, message="Invalid credentials.")

docs/docs/08_flask_jwt_extended/08_protect_resources_with_jwt_required/start/resources/user.py

@@ -37,7 +37,7 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id))
             return {"access_token": access_token}, 200
 
         abort(401, message="Invalid credentials.")

docs/docs/08_flask_jwt_extended/09_jwt_claims_and_authorization/end/resources/user.py

@@ -37,7 +37,7 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id))
             return {"access_token": access_token}, 200
 
         abort(401, message="Invalid credentials.")

docs/docs/08_flask_jwt_extended/09_jwt_claims_and_authorization/start/resources/user.py

@@ -37,7 +37,7 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id))
             return {"access_token": access_token}, 200
 
         abort(401, message="Invalid credentials.")

docs/docs/08_flask_jwt_extended/10_logout_users_rest_api/end/resources/user.py

@@ -42,7 +42,7 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id))
             return {"access_token": access_token}, 200
 
         abort(401, message="Invalid credentials.")

docs/docs/08_flask_jwt_extended/10_logout_users_rest_api/start/resources/user.py

@@ -37,7 +37,7 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id))
             return {"access_token": access_token}, 200
 
         abort(401, message="Invalid credentials.")

docs/docs/08_flask_jwt_extended/12_token_refreshing_flask_jwt_extended/README.md

@@ -64,14 +64,16 @@ class UserLogin(MethodView):
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
             # highlight-start
-            access_token = create_access_token(identity=user.id, fresh=True)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
             refresh_token = create_refresh_token(user.id)
             return {"access_token": access_token, "refresh_token": refresh_token}, 200
             # highlight-end
 
         abort(401, message="Invalid credentials.")
 ```
 
+**Update Nov 2024**: Before now, we used `identity=user.id`, but now we have to convert it to a string first.
+
 ## Writing the token refresh endpoint
 
 When a user logs in, they will now have the access token and the refresh token.
@@ -91,6 +93,8 @@ class TokenRefresh(MethodView):
         return {"access_token": new_token}, 200
 ```
 
+**Note**: here we don't need to call `str(current_user)` because `get_jwt_identity()` returns what we previously stored, which is a string.
+
 Note that above, we've told Flask-JWT-Extended that a refresh token is required with `@jwt_required(refresh=True)`. We'll do something similar for requiring fresh tokens in a second!
 
 ## Requiring a fresh token for certain endpoints

docs/docs/08_flask_jwt_extended/12_token_refreshing_flask_jwt_extended/end/resources/user.py

@@ -44,7 +44,7 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
             refresh_token = create_refresh_token(user.id)
             return {"access_token": access_token, "refresh_token": refresh_token}, 200
 

docs/docs/08_flask_jwt_extended/12_token_refreshing_flask_jwt_extended/end_video/resources/user.py

@@ -44,7 +44,7 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
             refresh_token = create_refresh_token(user.id)
             return {"access_token": access_token, "refresh_token": refresh_token}, 200
 

docs/docs/08_flask_jwt_extended/12_token_refreshing_flask_jwt_extended/start/resources/user.py

@@ -42,7 +42,7 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id))
             return {"access_token": access_token}, 200
 
         abort(401, message="Invalid credentials.")

docs/docs/09_flask_migrate/02_add_flask_migrate_to_app/end/resources/user.py

@@ -44,7 +44,7 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
             refresh_token = create_refresh_token(user.id)
             return {"access_token": access_token, "refresh_token": refresh_token}, 200
 

docs/docs/09_flask_migrate/02_add_flask_migrate_to_app/start/resources/user.py

@@ -44,7 +44,7 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
             refresh_token = create_refresh_token(user.id)
             return {"access_token": access_token, "refresh_token": refresh_token}, 200
 

docs/docs/09_flask_migrate/03_initialize_database_flask_db_init/end/resources/user.py

@@ -44,7 +44,7 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
             refresh_token = create_refresh_token(user.id)
             return {"access_token": access_token, "refresh_token": refresh_token}, 200
 

docs/docs/09_flask_migrate/03_initialize_database_flask_db_init/start/resources/user.py

@@ -44,7 +44,7 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
             refresh_token = create_refresh_token(user.id)
             return {"access_token": access_token, "refresh_token": refresh_token}, 200
 

docs/docs/09_flask_migrate/04_change_models_generate_alembic_migration/end/resources/user.py

@@ -44,7 +44,7 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
             refresh_token = create_refresh_token(user.id)
             return {"access_token": access_token, "refresh_token": refresh_token}, 200
 

docs/docs/09_flask_migrate/04_change_models_generate_alembic_migration/start/resources/user.py

@@ -44,7 +44,7 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
             refresh_token = create_refresh_token(user.id)
             return {"access_token": access_token, "refresh_token": refresh_token}, 200
 

docs/docs/11_deploy_to_render/06_run_everything_docker_compose/end/resources/user.py

@@ -38,8 +38,8 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
-            refresh_token = create_refresh_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
+            refresh_token = create_refresh_token(identity=str(user.id))
             return {"access_token": access_token, "refresh_token": refresh_token}
 
         abort(401, message="Invalid credentials.")

docs/docs/11_deploy_to_render/06_run_everything_docker_compose/start/resources/user.py

@@ -38,8 +38,8 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
-            refresh_token = create_refresh_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
+            refresh_token = create_refresh_token(identity=str(user.id))
             return {"access_token": access_token, "refresh_token": refresh_token}
 
         abort(401, message="Invalid credentials.")

docs/docs/12_task_queues_emails/01_send_emails_python_mailgun/end/resources/user.py

@@ -60,8 +60,8 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
-            refresh_token = create_refresh_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
+            refresh_token = create_refresh_token(identity=str(user.id))
             return {"access_token": access_token, "refresh_token": refresh_token}
 
         abort(401, message="Invalid credentials.")

docs/docs/12_task_queues_emails/01_send_emails_python_mailgun/start/resources/user.py

@@ -38,8 +38,8 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
-            refresh_token = create_refresh_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
+            refresh_token = create_refresh_token(identity=str(user.id))
             return {"access_token": access_token, "refresh_token": refresh_token}
 
         abort(401, message="Invalid credentials.")

docs/docs/12_task_queues_emails/02_send_email_user_registration/end/resources/user.py

@@ -73,8 +73,8 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
-            refresh_token = create_refresh_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
+            refresh_token = create_refresh_token(identity=str(user.id))
             return {"access_token": access_token, "refresh_token": refresh_token}
 
         abort(401, message="Invalid credentials.")

docs/docs/12_task_queues_emails/02_send_email_user_registration/start/resources/user.py

@@ -60,8 +60,8 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
-            refresh_token = create_refresh_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
+            refresh_token = create_refresh_token(identity=str(user.id))
             return {"access_token": access_token, "refresh_token": refresh_token}
 
         abort(401, message="Invalid credentials.")

docs/docs/12_task_queues_emails/04_populate_rq_task_queue/end/resources/user.py

@@ -61,8 +61,8 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
-            refresh_token = create_refresh_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
+            refresh_token = create_refresh_token(identity=str(user.id))
             return {"access_token": access_token, "refresh_token": refresh_token}
 
         abort(401, message="Invalid credentials.")

docs/docs/12_task_queues_emails/04_populate_rq_task_queue/start/resources/user.py

@@ -73,8 +73,8 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
-            refresh_token = create_refresh_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
+            refresh_token = create_refresh_token(identity=str(user.id))
             return {"access_token": access_token, "refresh_token": refresh_token}
 
         abort(401, message="Invalid credentials.")

docs/docs/12_task_queues_emails/05_rq_background_worker/end/resources/user.py

@@ -61,8 +61,8 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
-            refresh_token = create_refresh_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
+            refresh_token = create_refresh_token(identity=str(user.id))
             return {"access_token": access_token, "refresh_token": refresh_token}
 
         abort(401, message="Invalid credentials.")

docs/docs/12_task_queues_emails/05_rq_background_worker/start/resources/user.py

@@ -61,8 +61,8 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
-            refresh_token = create_refresh_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
+            refresh_token = create_refresh_token(identity=str(user.id))
             return {"access_token": access_token, "refresh_token": refresh_token}
 
         abort(401, message="Invalid credentials.")

docs/docs/12_task_queues_emails/06_sending_html_emails/end/resources/user.py

@@ -61,8 +61,8 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
-            refresh_token = create_refresh_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
+            refresh_token = create_refresh_token(identity=str(user.id))
             return {"access_token": access_token, "refresh_token": refresh_token}
 
         abort(401, message="Invalid credentials.")

docs/docs/12_task_queues_emails/06_sending_html_emails/start/resources/user.py

@@ -61,8 +61,8 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
-            refresh_token = create_refresh_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
+            refresh_token = create_refresh_token(identity=str(user.id))
             return {"access_token": access_token, "refresh_token": refresh_token}
 
         abort(401, message="Invalid credentials.")

docs/docs/12_task_queues_emails/07_deploy_background_worker_render/end/resources/user.py

@@ -61,8 +61,8 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
-            refresh_token = create_refresh_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
+            refresh_token = create_refresh_token(identity=str(user.id))
             return {"access_token": access_token, "refresh_token": refresh_token}
 
         abort(401, message="Invalid credentials.")

docs/docs/12_task_queues_emails/07_deploy_background_worker_render/start/resources/user.py

@@ -61,8 +61,8 @@ def post(self, user_data):
         ).first()
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
-            refresh_token = create_refresh_token(identity=user.id)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
+            refresh_token = create_refresh_token(identity=str(user.id))
             return {"access_token": access_token, "refresh_token": refresh_token}
 
         abort(401, message="Invalid credentials.")

project/using-flask-restful/resources/user.py

@@ -42,7 +42,7 @@ def post(self):
         user = UserModel.find_by_username(data["username"])
 
         if user and pbkdf2_sha256.verify(data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
             refresh_token = create_refresh_token(user.id)
             return {"access_token": access_token, "refresh_token": refresh_token}, 200
 

project/using-flask-restx/resources/user.py

@@ -52,7 +52,7 @@ def post(self):
         user = UserModel.find_by_username(user_data["username"])
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
             refresh_token = create_refresh_token(user.id)
             return {"access_token": access_token, "refresh_token": refresh_token}, 200
 

project/using-flask-smorest/resources/user.py

@@ -40,7 +40,7 @@ def post(self, user_data):
         user = UserModel.find_by_username(user_data["username"])
 
         if user and pbkdf2_sha256.verify(user_data["password"], user.password):
-            access_token = create_access_token(identity=user.id, fresh=True)
+            access_token = create_access_token(identity=str(user.id), fresh=True)
             refresh_token = create_refresh_token(user.id)
             return {"access_token": access_token, "refresh_token": refresh_token}, 200