Skip to content

Security

jwtlib.security

Security utilities: Password hashing and JWT management.

Summary

This module provides low-level cryptographic helpers for password hashing and JWT token lifecycle management. It serves as the cryptographic engine for the authentication library.

Classes

Functions

create_access_token 

1
create_access_token(data: dict, expires_delta: Optional[timedelta] = None) -> str

Generate a new JWT access token.

Parameters:

Name Type Description Default
data dict

Subject data to include in the token payload.

 required
expires_delta timedelta

Optional expiration override.

 None

Returns:

Name Type Description
str str

An encoded JWT string.

get_jwt_payload 

1
get_jwt_payload(token: str) -> TokenPayload

Decode and validate a JWT, returning a strongly-typed payload.

Parameters:

Name Type Description Default
token str

The JWT string to decode.

 required

Returns:

Name Type Description
TokenPayload TokenPayload

The decoded and typed token payload.

Raises:

Type Description
JWTError

If the token is invalid, expired, or malformed.

hash_password 

1
hash_password(password: str) -> str

Hash a plain-text password using the configured crypt context.

Parameters:

Name Type Description Default
password str

The plain-text password to hash.

 required

Returns:

Name Type Description
str str

The secure hash string.

verify_password 

1
verify_password(plain_password: str, hashed_password: str) -> bool

Verify a plain-text password against a stored hash.

Parameters:

Name Type Description Default
plain_password str

The unhashed password provided by the user.

 required
hashed_password str

The secure hash to verify against.

 required

Returns:

Name Type Description
bool bool

True if the password is valid, False otherwise.