36👍
✅
You’re missing an ‘s’, the parameter is called "algorithms" in the decode function:
payload = jwt.decode(token, 'secret', algorithms=['HS256'])
and you’re also passing an array of possible values.
When you call encode, the parameter is "algorithm" and only takes a single value.
The reason is that during encoding (i.e signing), you have to use explicitly one algorithm, because a token can only be signed using one algorithm. But during decoding (verifying), you tell the function which algorithms you accept.
👤jps
3👍
I had to pass
verify=False, options={‘verify_signature’: False} in order to get it working.
- How do Django forms sanitize text input to prevent SQL injection, XSS, etc?
- How many concurrent connections can django-channels handle?
- No module named rest_auth
- How to get the submitted value of a form in a Django class-based view?
1👍
Another solution is to downgrade the PyJWT version to 1.7.1, so you wouldn’t need to pass the "algorithms" argument.
Like this:
jwt.decode(encoded, verify=False)
- Tracking changes to Django Model instances
- Django Testing – Hard code URLs or Not
- Uwsgi: unrecognized option '–module=MyProject.wsgi:application'
- Generating single access token with Django OAuth2 Toolkit
- How do you update a Django Form Meta class fields dynamically from the form constructor?
Source:stackexchange.com