On Thursday 11 February 2016 02:45 AM, Paul Everitt wrote:
On Feb 10, 2016, at 4:05 PM, Jonathan Vanasco <[email protected]
<mailto:[email protected]>> wrote:
On Wednesday, February 10, 2016 at 10:27:33 AM UTC-5, Krishnakant wrote:
Can I have the data be a dictionary inside the payload itself?
I don't want tu use the sub or inside payload.
No. If you look at the source, `payload` is a specifically
structured managed dictionary that contains bookkeeping information.
https://github.com/wichert/pyramid_jwt/blob/master/src/pyramid_jwt/policy.py#L34-L43
IMO that payload shouldn’t contain very much. You’re going to get a
token which is going to be stored for some duration. Any information
that goes in there (e.g. first and last name) should be something that
isn’t going to change, for example, correcting a typo in the last
name. Or, you might change your mind about the payload structure and
you then have to do something to invalidate all the existing tokens
and force a re-login.
When I do JWT in Pyramid and Angular, I would do the authentication
request, get the response containing the token, and tie that to a JS
“promise” which immediately fetched the profile information separately.
Hi paul,
Basically I hav a userid and orgcode which never changes.
It is retrived from the database after proper login.
So I expected that it will directly be a public part of the payload.
Do you think such information should be in the sub directory?
Happy hacking.
Krishnakant.
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/pylons-discuss.
For more options, visit https://groups.google.com/d/optout.
