42 lines
1.1 KiB
Python
42 lines
1.1 KiB
Python
# pip install PyJWT
|
|
|
|
# create a token
|
|
import jwt
|
|
from jwt.exceptions import ExpiredSignatureError, InvalidTokenError
|
|
import datetime
|
|
|
|
# Secret key used to sign the JWT
|
|
secret_key = 'your-secret-key'
|
|
|
|
header = {
|
|
"alg": "HS256",
|
|
"typ": "JWT"
|
|
}
|
|
|
|
# the user info andits claims and expiry time
|
|
payload = {
|
|
"sub": "1234567890", # Subject (user ID)
|
|
"name": "User Userson", # Custom claim
|
|
"admin": True, # Custom claim
|
|
"iat": datetime.datetime.utcnow(),# Issued at
|
|
"exp": datetime.datetime.utcnow() + datetime.timedelta(hours=1) # Expiry
|
|
}
|
|
|
|
# encode it
|
|
encoded_jwt = jwt.encode(payload, secret_key, algorithm="HS256", headers=header)
|
|
|
|
print("Encoded JWT:", encoded_jwt)
|
|
|
|
# validate a token
|
|
try:
|
|
decoded = jwt.decode(encoded_jwt, secret_key, algorithms=["HS256"])
|
|
print("✅ Token is valid.")
|
|
print("Decoded claims:")
|
|
for key, value in decoded.items():
|
|
print(f" {key}: {value}")
|
|
except ExpiredSignatureError:
|
|
print("❌ Token has expired.")
|
|
except InvalidTokenError as e:
|
|
print(f"❌ Invalid token: {e}")
|
|
|