JWT with Flask, use session management?

python

#1

Hi, does using JWT mean I don’t have to also have session management in my flask app?

I’m starting a new project where another dev is writing a frontend in vue and I will write the backend in flask, this a somewhat new for me.

The backend in this case doesn’t have a db, it is essentially just a wrapper for another API. This other API has all the data and does the actual authentication, it just happens to demand IP based authentication so we can’t just call if from js running on the client side.

So I will be receiving requests from vue, making requests to the other api and then returning some good results to the vue layer. If I generate a JWT to store the authentication, can/should I also just store other arbitrary session data there? for example a shopping cart.

Thanks for any help!


#2

Well from what I’ve gathered from other sources. Storing a lot of data in JWT isn’t a common practice. I know you can store claims, but it appears this is best for things like group membership or making claims about other domains.

Luckily I think the frontend dev will be able to handle stuff like the cart in local storage and I won’t have to worry about it. :relieved: