A secure, production-ready token-based authentication backend built with Flask and JWT. This system implements industry-standard security practices for user registration, login validation, and protected API routes.
- π Secure User Registration - Password hashing with bcrypt
- π« Token-Based Authentication - JWT token generation and validation
- π‘οΈ Protected API Routes - Bearer token authorization
- π€ User Login System - Credential validation and session management
- πΎ Database Persistence - SQLite with SQLAlchemy ORM
- π RESTful API - Clean and standardized endpoints
- Python - Core programming language
- Flask - Lightweight REST API framework
- JWT (JSON Web Token) - Stateless token-based authentication
- Flask-JWT / PyJWT - Token encoding and decoding
- bcrypt / Flask-Bcrypt - Password hashing algorithm
- SQLite - Embedded database for user storage
- SQLAlchemy - Object-Relational Mapping (ORM)
| Method | Endpoint | Description | Authentication |
|---|---|---|---|
| POST | /register |
Create new user account | β Public |
| POST | /login |
Authenticate and get JWT token | β Public |
| GET | /profile |
Get user profile information | β Required |
- Python 3.8+
- pip package manager
- Clone the repository
git clone https://github.com/ares-coding/jwt-authentication-flask.git
cd jwt-authentication-flask- Create virtual environment
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate- Install dependencies
pip install -r requirements.txt- Set environment variables
export SECRET_KEY='your-secret-key-here'
export DATABASE_URL='sqlite:///users.db'- Run the application
python app.pyThe API will be available at http://localhost:5000
curl -X POST http://localhost:5000/register \
-H "Content-Type: application/json" \
-d '{
"username": "john_doe",
"email": "john@example.com",
"password": "SecurePass123!"
}'Response:
{
"message": "User registered successfully",
"user_id": 1
}curl -X POST http://localhost:5000/login \
-H "Content-Type: application/json" \
-d '{
"username": "john_doe",
"password": "SecurePass123!"
}'Response:
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"token_type": "Bearer",
"expires_in": 3600
}curl -X GET http://localhost:5000/profile \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."Response:
{
"user_id": 1,
"username": "john_doe",
"email": "john@example.com",
"created_at": "2024-02-16T10:30:00Z"
}- Password Hashing: All passwords are hashed using bcrypt with salt rounds
- JWT Tokens: Stateless authentication with configurable expiration
- Bearer Token Authorization: Industry-standard HTTP authentication
- SQL Injection Protection: SQLAlchemy ORM prevents SQL injection attacks
- Input Validation: Server-side validation for all user inputs
jwt-authentication-flask/
βββ app.py # Main application file
βββ models.py # Database models
βββ auth.py # Authentication logic
βββ config.py # Configuration settings
βββ requirements.txt # Python dependencies
βββ README.md # Project documentation
βββ users.db # SQLite database (generated)
Run the test suite:
python -m pytest tests/Flask==2.3.0
Flask-SQLAlchemy==3.0.0
Flask-Bcrypt==1.0.1
PyJWT==2.8.0
python-dotenv==1.0.0
Contributions are welcome! Please follow these steps:
- Fork the repository
- Create a feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.
Au.dev
- GitHub: @ares-coding
- Flask documentation and community
- JWT.io for JWT standards
- bcrypt library maintainers
β Star this repository if you find it helpful!