I'm encountering an issue with Flask JWT Extended's @jwt_required decorator in my Flask application. The strange behavior is that it works perfectly fine on my local machine, but when deployed to my VPS, it behaves inconsistently.
Here's a snippet of the code where I'm encountering the issue:
my app.py content
app.config['FLASK_JWT_SECRET_KEY'] = secrets.token_hex(12)
app.config['JWT_ACCESS_TOKEN_EXPIRES'] = timedelta(days=365*2)
jwt = JWTManager(app)
cors = CORS(app, resources={r"api/v1/*": {"origins": "*"}})
app.register_blueprint(app_views)
@jwt.additional_claims_loader
def add_claims_to_access_token(identity):
user_info = {'role': 'admin'}
return user_info
@jwt.user_lookup_loader
def user_lookup_callback(_jwt_header, jwt_data):
identity = jwt_data["sub"]
user = storage.find_by(User, **{"email": identity})
return user
@jwt.expired_token_loader
def expired_token_callback(jwt_header, jwt_payload):
return jsonify({"msg": "Token has expired"}), 401
@jwt.invalid_token_loader
def invalid_token_callback(error_string):
return jsonify({"msg": "Invalid token", "status": 401}), 401
here endpoint
@app_views.route('/clients', methods=['GET'], strict_slashes=False)
#@jwt_required
@cross_origin()
def get_physiq_clients():
try:
verify_jwt_in_request()
except JWTExtendedException as e:
return handle_jwt_error(e)
customer: CustormPort = CustomerAdapter()
kwarg = {"is_deleted": False, "customer_type_id":"c144bd80-fddd-4372-9836-833fa8f9d0c6"}
customer_object = customer.find_all_client_data(Customer, **kwarg)
page_obj = Paginator(customer_object)
page = request.args.get('page', default=1, type=int)
per_page = request.args.get('per_page', default=100, type=int)
result = page_obj.get_hyper(page, per_page)
return make_response(jsonify(result), 200)
gunicorn and nginx config
[Unit]
Description=Gunicorn instance to serve HTATS
After=network.target
[Service]
User=tats
Group=www-data
WorkingDirectory=/home/tats/HTATS
Environment="PATH=/home/tats/HTATS/venv/bin"
ExecStart=/home/tats/HTATS/venv/bin/gunicorn --workers 3 --bind unix:HTATS.sock -m 007 wsgi:app
[Install]
WantedBy=multi-user.target
nginx
server {
server_name centrelepelerin.tats-int.com www.centrelepelerin.tats-int.com;
root /var/www/centrelepelerin.tats-int.com/build;
index index.html;
location / {
try_files $uri /index.html;
}
location /api/v1 {
include proxy_params;
proxy_pass http://unix:/home/tats/HTATS/HTATS.sock;
}
The issue arises when accessing the /clients endpoint. Even though the token is valid, it intermittently returns an "Invalid token" error. Sometimes, refreshing the endpoint resolves the issue, but it's inconsistent.
I've ensured that the token generation and verification process are correct, as it works flawlessly in my local environment. Could this be related to any specific configurations on my VPS or something else I might be overlooking?
Any insights or suggestions on how to troubleshoot and resolve this issue would be greatly appreciated. Thank you! i use contabo vps with ubuntu 22.04