{"id":28382984,"url":"https://github.com/achiranadeeshan/flask-jwt-auth-lab","last_synced_at":"2026-01-29T10:04:34.931Z","repository":{"id":296231062,"uuid":"992683288","full_name":"AchiraNadeeshan/flask-jwt-auth-lab","owner":"AchiraNadeeshan","description":"A simple Flask application demonstrating user authentication using JWT (JSON Web Tokens). Built as a lab assignment for the Application Security module.","archived":false,"fork":false,"pushed_at":"2025-06-07T01:44:02.000Z","size":8,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-06-25T07:42:19.843Z","etag":null,"topics":["authentication","flask","html5","jinja2","jsonwebtoken","login-system","pyjwt","python3","sqlite"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/AchiraNadeeshan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-05-29T14:48:16.000Z","updated_at":"2025-06-07T01:51:18.000Z","dependencies_parsed_at":"2025-05-29T17:10:07.270Z","dependency_job_id":null,"html_url":"https://github.com/AchiraNadeeshan/flask-jwt-auth-lab","commit_stats":null,"previous_names":["achiranadeeshan/flask-jwt-auth-lab"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/AchiraNadeeshan/flask-jwt-auth-lab","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AchiraNadeeshan%2Fflask-jwt-auth-lab","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AchiraNadeeshan%2Fflask-jwt-auth-lab/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AchiraNadeeshan%2Fflask-jwt-auth-lab/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AchiraNadeeshan%2Fflask-jwt-auth-lab/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/AchiraNadeeshan","download_url":"https://codeload.github.com/AchiraNadeeshan/flask-jwt-auth-lab/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AchiraNadeeshan%2Fflask-jwt-auth-lab/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28875446,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-29T09:47:23.353Z","status":"ssl_error","status_checked_at":"2026-01-29T09:47:19.357Z","response_time":59,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","flask","html5","jinja2","jsonwebtoken","login-system","pyjwt","python3","sqlite"],"created_at":"2025-05-30T05:11:32.881Z","updated_at":"2026-01-29T10:04:34.899Z","avatar_url":"https://github.com/AchiraNadeeshan.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Flask JWT Auth Lab\n\nA simple Flask application demonstrating user authentication using JWT (JSON Web Tokens). Built as a lab assignment for the **Application Security** module.\n\n## ๐Ÿงช Lab Overview\n\nThis lab project implements a basic authentication system using:\n\n- **Flask** for the web application framework\n- **SQLite** as a lightweight database\n- **PyJWT** for encoding and decoding JWT tokens\n- **HTML templates** with `Jinja2` for the frontend\n\nThe goal is to allow user registration, login, and access to a protected page using token-based authentication.\n\n\n\n## ๐Ÿ“ Project Structure\n\n```\nauth_lab/\nโ”œโ”€โ”€ app.py # Main Flask application\nโ”œโ”€โ”€ users.db # SQLite database (auto-generated)\nโ”œโ”€โ”€ templates/ # HTML templates for routes\nโ”‚ โ”œโ”€โ”€ home.html\nโ”‚ โ”œโ”€โ”€ register.html\nโ”‚ โ”œโ”€โ”€ login.html\nโ”‚ โ””โ”€โ”€ protected.html\nโ””โ”€โ”€ venv/ # (Optional) Python virtual environment\n```\n\n\n\n## ๐Ÿš€ Getting Started\n\n### 1. Clone the Repository\n\n```bash\ngit clone https://github.com/\u003cyour-username\u003e/flask-jwt-auth-lab.git\ncd flask-jwt-auth-lab\n```\n\n### 2. Create and Activate a Virtual Environment\n\n```bash\n# Create virtual environment\npython -m venv venv\n\n# Activate (Linux/Mac)\nsource venv/bin/activate\n\n# Activate (Windows)\nvenv\\Scripts\\activate\n```\n\n### 3. Install Dependencies\n\n```bash\npip install Flask PyJWT\n```\n\n\n\n## ๐Ÿ› ๏ธ Features \u0026 Tasks Completed\n\n### โœ… Task 1: Flask App \u0026 JWT Auth\n\n- Setup Flask server with flash messaging\n- Initialized `users.db` with a `users` table\n- Created JWT token generation and route protection logic\n- Implemented user registration, login, and protected page access\n\n### โœ… Task 2: HTML Templates\n\n- `home.html`: Welcome screen with navigation\n- `register.html`: User registration with validation and flash messages\n- `login.html`: Login form with JWT cookie setting\n- `protected.html`: Access-only page showing the username\n\n### โœ… Task 3: Testing the Application\n\n- Access the app at: `http://127.0.0.1:3000`\n- Register and log in with user credentials\n- Check behavior for successful and failed logins\n- Inspect behavior when token is missing, expired, or invalid\n\n### โœ… Task 4: Experimental Scenarios\n\n- Handle duplicate registrations\n- Verify flash messages for login and registration errors\n- Test token expiration after 30 minutes\n- Try access without cookies or using incognito mode\n- Confirm database persistence\n\n\n\n## ๐Ÿงช Running the App\n\nMake sure your virtual environment is activated and then:\n\n```bash\npython app.py\n```\n\nIf port `3000` is busy, edit `app.py` to use port `3001`.\n\n\n\n## ๐Ÿ” JWT Behavior\n\n- Tokens are set as **HTTP-only cookies**\n- Expiration: 30 minutes from login\n- Protected routes use a `@token_required` decorator\n- Invalid or expired tokens redirect to login\n\n\n\n## ๐Ÿ—ƒ๏ธ Database Notes\n\n- The database is created automatically if it doesn't exist.\n- Stores: `username` (primary key), `password` (hashed via SHA256)\n- File: `users.db`\n\n\n\n## โœ… Commit Convention\n\nThis project follows **Conventional Commits** for version control. \nExample commit messages:\n\n```\nfeat: implement user registration route\nfix: handle duplicate username error during signup\nchore: add requirements.txt for package dependencies\n```\n\n\n\n## ๐Ÿ“„ License\n\nThis project is for educational purposes only as part of the Application Security course.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fachiranadeeshan%2Fflask-jwt-auth-lab","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fachiranadeeshan%2Fflask-jwt-auth-lab","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fachiranadeeshan%2Fflask-jwt-auth-lab/lists"}