In [ ]:
# Imports
import jwt
from datetime import datetime, timedelta
In [ ]:
# Settings
token_ttl = timedelta(days=1)
secret = 'This is a totally insecure secret.'
In [ ]:
# Payload
thing_id = 1234
payload = {
'actions': [
'get',
'complete',
],
'sub': thing_id,
'iat': datetime.utcnow(),
'exp': datetime.utcnow() + token_ttl,
'iss': 'CLEPY',
}
payload
In [ ]:
# Encode
token = jwt.encode(payload, secret)
token
In [ ]:
# Decode
jwt.decode(token, key=secret)
In [ ]:
# Don't Verify
options = {
'verify_signature': False,
}
jwt.decode(token, options=options)
In [ ]:
# Shorter TTL
short_ttl = timedelta(seconds=10)
payload2 = {
'actions': [
'get',
'complete',
],
'sub': thing_id,
'iat': datetime.utcnow(),
'exp': datetime.utcnow() + short_ttl,
'iss': 'CLEPY',
}
token2 = jwt.encode(payload2, secret)
token2
In [ ]:
# Try after 10s
jwt.decode(token2, key=secret)
In [ ]:
# Ignore sig and exp
options = {
'verify_signature': False,
'verify_exp': False,
}
jwt.decode(token2, options=options)
In [ ]:
# Verify issuer
jwt.decode(token, key=secret, issuer='CLEPY')