fix about and add title in configuration options

IndominusByte · IndominusByte · commit 035394d04865 · 2020-10-27T02:02:16.000+08:00
diff --git a/README.md b/README.md
@@ -10,11 +10,11 @@
 ---
 
 ## Features
-FastAPI extension that provides JWT Auth support (secure, easy to use and lightweight), if you were familiar with flask-jwt-extended this extension suitable for you because this extension inspired by flask-jwt-extended.
+FastAPI extension that provides JWT Auth support (secure, easy to use and lightweight), if you were familiar with flask-jwt-extended this extension suitable for you because this extension inspired by flask-jwt-extended 😀
 
-- Access token and refresh token
-- Token freshness
-- Token revoking
+- Access tokens and refresh tokens
+- Freshness Tokens
+- Revoking Tokens
 - Support for adding custom claims to JSON Web Tokens
 - Support RSA encryption
 - Storing tokens in cookies and CSRF protection
diff --git a/docs/configuration/cookies.md b/docs/configuration/cookies.md
@@ -0,0 +1,23 @@
+`authjwt_access_cookie_key`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_refresh_cookie_key`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_access_cookie_path`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_refresh_cookie_path`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_cookie_max_age`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_cookie_domain`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_cookie_secure`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_cookie_samesite`
+:   is simply dummy text of the printing and typesetting industry
diff --git a/docs/configuration/csrf.md b/docs/configuration/csrf.md
@@ -0,0 +1,23 @@
+`authjwt_cookie_csrf_protect`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_access_csrf_cookie_key`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_refresh_csrf_cookie_key`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_access_csrf_cookie_path`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_refresh_csrf_cookie_path`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_access_csrf_header_name`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_refresh_csrf_header_name`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_csrf_methods`
+:   is simply dummy text of the printing and typesetting industry
diff --git a/docs/configuration/denylist.md b/docs/configuration/denylist.md
@@ -0,0 +1,5 @@
+`authjwt_denylist_enabled`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_denylist_token_checks`
+:   is simply dummy text of the printing and typesetting industry
diff --git a/docs/configuration/general.md b/docs/configuration/general.md
@@ -0,0 +1,35 @@
+`authjwt_token_location`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_secret_key`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_public_key`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_private_key`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_algorithm`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_decode_algorithms`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_decode_leeway`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_encode_issuer`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_decode_issuer`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_decode_audience`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_access_token_expires`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_refresh_token_expires`
+:   is simply dummy text of the printing and typesetting industry
diff --git a/docs/configuration/headers.md b/docs/configuration/headers.md
@@ -0,0 +1,5 @@
+`authjwt_header_name`
+:   is simply dummy text of the printing and typesetting industry
+
+`authjwt_header_type`
+:   is simply dummy text of the printing and typesetting industry
diff --git a/docs/usage/basic.md b/docs/usage/basic.md
@@ -15,13 +15,13 @@ INFO:     Application startup complete.
 INFO:     Uvicorn running on http://0.0.0.0:8000 (Press CTRL+C to quit)
 ```
 
-To access a jwt_required protected url, all we have to do is send in the JWT with the request. By default, this is done with an authorization header that looks like:
+To access a **jwt_required** protected url, all we have to do is send in the JWT with the request. By default, this is done with an authorization header that looks like:
 
 ```
 Authorization: Bearer <access_token>
 ```
 
-We can see this in action using <b>curl</b>:
+We can see this in action using **curl**:
 
 ```bash
 $ curl http://localhost:8000/user
diff --git a/docs/usage/freshness.md b/docs/usage/freshness.md
@@ -1,6 +1,6 @@
-The fresh token pattern is built into this extension. this pattern is very simple, you can choose to mark some access tokens as fresh and other as a non-fresh token, and use the <b>fresh_jwt_required()</b> function to only allow fresh tokens to access the certain endpoint.
+The fresh tokens pattern is built into this extension. This pattern is very simple, you can choose to mark some access tokens as fresh and other as a non-fresh tokens, and use the **fresh_jwt_required()** function to only allow fresh tokens to access the certain endpoint.
 
-This is useful for allowing the fresh token to do some critical things (such as update information user) in real case you can see in the GitHub system when user wants to delete a repository in a certain time you need login if token not fresh again. Utilizing Fresh tokens in conjunction with refresh tokens can lead to a more secure site, without creating a bad user experience by making users constantly re-authenticate.
+This is useful for allowing the fresh tokens to do some critical things (such as update information user) in real case you can see in the GitHub system when user wants to delete a repository in a certain time you need login if tokens not fresh again. Utilizing Fresh tokens in conjunction with refresh tokens can lead to a more secure site, without creating a bad user experience by making users constantly re-authenticate.
 
 Here is an example of how you could utilize refresh tokens with the fresh token pattern:
 
diff --git a/docs/usage/optional.md b/docs/usage/optional.md
@@ -1,4 +1,4 @@
-In some cases you want to use one endpoint for both, protected and unprotected. in this situation you can use function <b>jwt_optional()</b>. this will allow the endpoint to be accessed regardless of if a JWT is sent in the request or not. if a JWT get tampering or expired an error will be returned instead of calling the endpoint.
+In some cases you want to use one endpoint for both, protected and unprotected. In this situation you can use function **jwt_optional()**. This will allow the endpoint to be accessed regardless of if a JWT is sent in the request or not. If a JWT get tampering or expired an error will be returned instead of calling the endpoint.
 
 ```python hl_lines="37-40"
 {!../examples/optional.py!}
diff --git a/docs/usage/refresh.md b/docs/usage/refresh.md
@@ -1,6 +1,6 @@
-These are long-lived tokens which can be used to create new access tokens once an old access token has expired. refresh tokens cannot access an endpoint that is protected with <b>jwt_required()</b>, <b>jwt_optional()</b>, and <b>fresh_jwt_required()</b> and access tokens cannot access an endpoint that is protected with <b>jwt_refresh_token_required()</b>.
+These are long-lived tokens which can be used to create a new access tokens once an old access token has expired. Refresh tokens cannot access an endpoint that is protected with **jwt_required()**, **jwt_optional()**, and **fresh_jwt_required()** and access tokens cannot access an endpoint that is protected with **jwt_refresh_token_required()**.
 
-Utilizing refresh tokens we can help reduce the damage that can be done if an access token is stolen. however, if an attacker gets a refresh token they can keep generating new access tokens and accessing protected endpoints as though he was that user. we can help combat this by using the fresh token pattern, discussed in the next section.
+Utilizing refresh tokens we can help reduce the damage that can be done if an access tokens is stolen. However, if an attacker gets a refresh tokens they can keep generating new access tokens and accessing protected endpoints as though he was that user. We can help combat this by using the fresh tokens pattern, discussed in the next section.
 
 Here is an example of using access and refresh tokens:
 
diff --git a/docs/usage/revoking.md b/docs/usage/revoking.md
@@ -1,18 +1,18 @@
-This will allow you to revoke a specific token so that it can no longer access your endpoints.you will have to choose what token you want to check against the denylist. Denylist works by providing a callback function to this extension, using the <b>token_in_denylist_loader()</b>. This method will be called whenever the specified token <i>(access and/or refresh)</i> is used to access a protected endpoint. If the callback function says that the token is revoked, we will not allow the requester to continue, otherwise we will allow the requester to access the endpoint as normal.
+This will allow you to revoke a specific tokens so that it can no longer access your endpoints. You will have to choose what tokens you want to check against the denylist. Denylist works by providing a callback function to this extension, using the **token_in_denylist_loader()**. This method will be called whenever the specified tokens *(access and/or refresh)* is used to access a protected endpoint. If the callback function says that the tokens is revoked, we will not allow the requester to continue, otherwise we will allow the requester to access the endpoint as normal.
 
-Here is a basic example use token revoking:
+Here is a basic example use tokens revoking:
 
 ```python
 {!../examples/denylist.py!}
 ```
 
-In production, you will likely want to use either a database or in-memory store (such as Redis) to store your tokens. memory stores are great if you are wanting to revoke a token when the users log out and you can define timeout to your token in Redis, after the timeout has expired, the token will automatically be deleted.
+In production, you will likely want to use either a database or in-memory store (such as Redis) to store your tokens. Memory stores are great if you are wanting to revoke a tokens when the users log out and you can define timeout to your tokens in Redis, after the timeout has expired, the tokens will automatically be deleted.
 
 !!! note
     Before that make sure redis already installed on your local machine,
     you can use docker using this command `docker run -d -p 6379:6379 redis`
 
-Here example use Redis for revoking a token:
+Here example use Redis for revoking a tokens:
 
 ```python
 {!../examples/denylist_redis.py!}
diff --git a/mkdocs.yml b/mkdocs.yml
@@ -15,6 +15,7 @@ markdown_extensions:
       permalink: true
   - pymdownx.highlight:
       linenums_style: pymdownx.inline
+  - def_list
   - admonition
   - codehilite
   - pymdownx.superfences
@@ -26,8 +27,8 @@ nav:
     - Basic Usage: usage/basic.md
     - Partially Protecting: usage/optional.md
     - Refresh Tokens: usage/refresh.md
-    - Token Freshness: usage/freshness.md
-    - Token Revoking: usage/revoking.md
+    - Freshness Tokens: usage/freshness.md
+    - Revoking Tokens: usage/revoking.md
   - Configuration Options:
     - General Options: configuration/general.md
     - Headers Options: configuration/headers.md

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-In some cases you want to use one endpoint for both, protected and unprotected. in this situation you can use function <b>jwt_optional()</b>. this will allow the endpoint to be accessed regardless of if a JWT is sent in the request or not. if a JWT get tampering or expired an error will be returned instead of calling the endpoint.`
	`1`	`+In some cases you want to use one endpoint for both, protected and unprotected. In this situation you can use function jwt_optional(). This will allow the endpoint to be accessed regardless of if a JWT is sent in the request or not. If a JWT get tampering or expired an error will be returned instead of calling the endpoint.`
`2`	`2`
`3`	`3`	```python hl_lines="37-40"
`4`	`4`	`{!../examples/optional.py!}`