BISA AI - AI For Everyone

Authentication JWT Using Python Flask

Ragil Hidayat

Sosial Media

0 orang menyukai ini
Suka

Summary

In the current digital era, there have been many cases of data theft carried out by irresponsible people. Because of this, we need to protect our data, we can implement data security methods, one of which is the JWT (JSON Web Token) security method. JWT is a system security method that is easy to implement, apart from that JWT also has the advantages of being easy to use, light and guaranteed security. The use of JWT offers efficiency in user session management, allowing the server to validate access without having to store session information on the server. This project aims to implement a reliable and secure authentication system using JWT (JSON Web Token), as well as providing structured access to data such as user accounts and products using python flask.

Description

background

In the current digital era, the need for systems that can manage user data efficiently and safely is increasing. Systems such as user registration, login, account management, and product management are important elements in various web-based and mobile applications. Whether it is an e-commerce platform, educational application, or community-based service, the ability to provide an integrated and secure user experience is one of the main indicators of the application's success.

problems

Nowadays, there are many cases of data theft by irresponsible people or parties, therefore the system needs a security system that only allows permitted people or parties to view the data. Therefore, we must protect our data from irresponsible people or parties

Objective

• Improve Data Access Security Implement JWT (JSON Web Token) based authentication to ensure only verified users can access data, thereby minimizing the risk of access by irresponsible parties.

• Provides a Reliable Authentication System Building a secure login and registration system to prevent exploitation of user data, such as identity theft or unauthorized use of accounts.

• Protect Sensitive Data Uses encryption mechanisms to maintain the confidentiality of data sent between clients and servers, so that data such as account or product information remains protected during the transmission process.

• Implement an Access Permission Mechanism Provide access restrictions based on user rights or roles (role-based access control), so that only parties who have certain permissions can access or manage certain data.

Process flow

Register

Login

Login by entering the registered name and password, and if the login is successful you will get a JWT token. JWT tokens are only valid for 1 hour.

Account

Verify your account by entering the JWT token obtained during the login process. If verification is successful, the account will appear. If verification fails, it could be because the wrong token was entered or the token can no longer be used because 1 hour has passed.

Products

Enter JWT token to view products. Products can only be seen if you have logged in and received a JWT token. If the function is successful it will display a list of products.

tools

python flask
Postman
MYSQL

work steps

1. Create table users in database

Create a user table to store the name and password for the registration function

2. Create table products in database

Create table products to store item names and item prices.

3. fill in the product table

I filled the product table with 3 items

4. flask python code

In this source code, I will only explain a few important parts. Among them :

In the section to be able to connect to MySQL, you must enter the host, user password, and database that corresponds to MySQL where we created the table.

The secret key is used to create and validate JWT tokens.

Importance of Secret Key:

• Security: A secret key ensures that only the application that owns the key can create or validate a token. If the secret key is leaked, unauthorized parties can create fake tokens.

• Integrity: With a secret key, the application can ensure that the token has not been changed by the user

This register function is to create a new user by entering a name and password. And then the name and password will be stored in the user table.

The login function is used to get a JWT token by entering the registered name and password. If successful, a JWT token will be issued. JWT tokens can only be used for 1 hour.

The account function is to check whether the requested account exists or not by entering the JWT token, if successful then the account name will be displayed.

The products function is to view items by entering the JWT token obtained during the login process. If you haven't logged in, products will not be displayed.

5. Test with postman

Register

enter name and password

Login

Enter the registered name and password. and if successful it will produce JWT tokens

Account

enter JWT token. and if successful it will generate an account name

Products

before login and entering the JWT token, products function failed to perform

after login and entering the JWT token, The products function is successful and displays a list of products

Thank you

Informasi Course Terkait

Kategori: Cyber Security
Course: Seleksi MSIB BISA AI Academy Batch 7

Kelas GRATIS

Master Class

Master Class on Job Training

Learning Path

Kelas OFFLINE

Kelas Corporate

Prakerja

Webinar

Udemy

Kampus Merdeka

Learncation

Portofolio Peserta

Sertifikasi International

Sertifikasi Nasional

Kuliah RPL

Politeknik BISA AI

Pendidikan Profesional

Educloud

Siakad by Bisa AI

IT Solution

Konsultan Pendidikan

Kolaborasi Seminar

Kolaborasi pelatihan

Gallery

Tentang Kami

Testimonial Peserta

Corporate Social Responsibility

Hubungi Kami

Dokter Mekanik

E-learning

Bisa Design

Flungo

Tampil

Bakerspice Academy

TripTracker

Gramatikal

Authentication JWT Using Python Flask

Sosial Media

Summary

Description

Informasi Course Terkait

Bisa AI Academy