Docs for better jwt user identity with complex objects (refs #11)

vimalloc · vimalloc · commit 6f85731c9881 · 2016-10-21T13:53:12.000-06:00
diff --git a/docs/tokens_from_complex_object.rst b/docs/tokens_from_complex_object.rst
@@ -17,10 +17,10 @@ this user has. This isn't a huge deal, but obviously it could be more efficient.
 This extension provides the ability to pass any object to the **create_access_token**
 method, which will then be passed to the **user_claims_loader** method. This lets
 us access the database only once. However, as we still need the identity to be
-a JSON serializable object unique to this user, we need
-to take an addition step and use the optional **identity_lookup** kwarg in the
-**create_access_token** method. This lets us tell the system how to get the identity from
-an object.
+a JSON serializable object unique to this user. We have a second jwt decorator
+we can use for this, **user_identity_loader**. This lets you create a function
+which takes any object passed in to the **create_access_token** and return
+a json serializable identity from that object.
 
 Here is an example of this in action
 
diff --git a/examples/tokens_from_complex_objects.py b/examples/tokens_from_complex_objects.py
@@ -25,6 +25,14 @@ def add_claims_to_access_token(user):
     return {'roles': user.roles}
 
 
+# This method will also get whatever object is passed into the
+# create_access_token method, and let us define what the identity
+# should be for this object
+@jwt.user_identity_loader
+def user_identity_lookup(user):
+    return user.username
+
+
 @app.route('/login', methods=['POST'])
 def login():
     username = request.json.get('username', None)
@@ -38,17 +46,10 @@ def login():
     # We can now pass this complex object directly to the
     # create_access_token method. This will allow us to access
     # the properties of this object in the user_claims_loader
-    # function. Because this object is not json serializable itself,
-    # we also need to provide a way to get some which is json
-    # serializable and represents the identity of this token from
-    # the complex object. We pass a function to  the optional
-    # identity_lookup kwarg, which tells the create_access_token
+    # function, and get the identity of this object from the
+    # user_identity_loader function.
     # function how to get the identity from this object
-    access_token = create_access_token(
-        identity=user,
-        identity_lookup=lambda u: u.username
-    )
-
+    access_token = create_access_token(identity=user)
     ret = {'access_token': access_token}
     return jsonify(ret), 200
 
