add howt to access & extract token in readme

IndominusByte · IndominusByte · commit a52ff397d05d · 2020-08-13T23:49:59.000+08:00
diff --git a/README.md b/README.md
@@ -72,6 +72,75 @@ INFO:     Waiting for application startup.
 INFO:     Application startup complete.
 INFO:     Uvicorn running on http://0.0.0.0:5000 (Press CTRL+C to quit)
 ```
+### Access it
+To access a jwt_required protected url, all we have to do is send in the JWT with the request. By default, this is done with an authorization header that looks like:
+```bash
+Authorization: Bearer <access_token>
+```
+We can see this in action using CURL:
+```console
+$ curl http://localhost:5000/protected
+
+{"detail":"Missing Authorization Header"}
+
+$ curl -H "Content-Type: application/json" -X POST \
+  -d '{"username":"test","password":"test"}' http://localhost:5000/login
+ 
+"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1OTczMzMxMzMsIm5iZiI6MTU5NzMzMzEzMywianRpIjoiNDczY2ExM2ItOWI1My00NDczLWJjZTctMWZiOWMzNTlmZmI0IiwiZXhwIjoxNTk3MzM0MDMzLCJpZGVudGl0eSI6InRlc3QiLCJ0eXBlIjoiYWNjZXNzIiwiZnJlc2giOmZhbHNlfQ.42CusQo6nsLxOk6bBUP1vnVX-REx4ZYBYYIjYChWf0c"
+
+$ export TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1OTczMzMxMzMsIm5iZiI6MTU5NzMzMzEzMywianRpIjoiNDczY2ExM2ItOWI1My00NDczLWJjZTctMWZiOWMzNTlmZmI0IiwiZXhwIjoxNTk3MzM0MDMzLCJpZGVudGl0eSI6InRlc3QiLCJ0eXBlIjoiYWNjZXNzIiwiZnJlc2giOmZhbHNlfQ.42CusQo6nsLxOk6bBUP1vnVX-REx4ZYBYYIjYChWf0c
+
+$ curl -H "Authorization: Bearer $TOKEN" http://localhost:5000/protected
+
+{"logged_in_as":"test"}
+```
+## Extract Token
+Access all URL to see what the result
+```python
+from pydantic import BaseModel, Field
+from fastapi import FastAPI, Depends, HTTPException
+from fastapi_jwt_auth import AuthJWT
+
+app = FastAPI()
+
+class User(BaseModel):
+    username: str = Field(...,min_length=1)
+    password: str = Field(...,min_length=1)
+
+@app.post('/login',status_code=200)
+def login(user: User):
+    if user.username != 'test' or user.password != 'test':
+        raise HTTPException(status_code=401,detail='Bad username or password')
+
+    access_token = AuthJWT.create_access_token(identity=user.username)
+    return access_token
+
+# Returns the JTI (unique identifier) of an encoded JWT
+@app.get('/get-jti',status_code=200)
+def get_jti():
+    access_token = AuthJWT.create_access_token(identity='test')
+    return AuthJWT.get_jti(encoded_token=access_token)
+
+# this will return the identity of the JWT that is accessing this endpoint.
+# If no JWT is present, `None` is returned instead.
+@app.get('/get-jwt-identity',status_code=200)
+def get_jwt_identity(Authorize: AuthJWT = Depends()):
+    Authorize.jwt_optional()
+
+    current_user = Authorize.get_jwt_identity()
+    return {"logged_in_as": current_user}
+
+# this will return the python dictionary which has all
+# of the claims of the JWT that is accessing the endpoint.
+# If no JWT is currently present, return None instead
+@app.get('/get-raw-jwt',status_code=200)
+def get_raw_jwt(Authorize: AuthJWT = Depends()):
+    Authorize.jwt_optional()
+
+    token = Authorize.get_raw_jwt()
+    return {"token": token}
+```
+
 ## Configuration Options
 - `AUTHJWT_ACCESS_TOKEN_EXPIRES`<br/>
 How long an access token should live before it expires. If you not define in env variable
