Book Image

Python API Development Fundamentals

By : Jack Chan, Ray Chung, Jack Huang
Book Image

Python API Development Fundamentals

By: Jack Chan, Ray Chung, Jack Huang

Overview of this book

Python is a flexible language that can be used for much more than just script development. By knowing the Python RESTful APIs work, you can build a powerful backend for web applications and mobile applications using Python. You'll take your first steps by building a simple API and learning how the frontend web interface can communicate with the backend. You'll also learn how to serialize and deserialize objects using the marshmallow library. Then, you'll learn how to authenticate and authorize users using Flask-JWT. You'll also learn how to enhance your APIs by adding useful features, such as email, image upload, searching, and pagination. You'll wrap up the whole book by deploying your APIs to the cloud. By the end of this book, you'll have the confidence and skill to leverage the power of RESTful APIs and Python to build efficient web applications.
Table of Contents (12 chapters)

Refresh Tokens

For the sake of security, we often set an expiration time for our tokens (flask-jwt-extended defaults that to 15 minutes). Because a token will expire, we need a function to refresh it without users putting in their credentials again.

Flask-JWT-Extended provides refresh-token-related functions. A refresh token is a long-lived token that can be used to generate new access tokens. Please don't mix up refresh tokens and access tokens. A refresh token can only be used to obtain a new access token; it cannot be used as an access token to access restricted endpoints. For example, endpoints that have the jwt_required() or jwt_optional() decorators need an access token.

Here's a brief explanation of the refresh-token-related functions in Flask-JWT-Extended:

  • create_access_token: This function creates a new access token.
  • create_refresh_token: This function creates a refresh token.
  • jwt_refresh_token_required: This is a decorator specifying that the...