I am storing JWT tokens used in authentication for a web service in a SQL Server database. I've declared the column that holds the tokens as type nvarchar(max) and am passing them into the database as simple strings. When I insert the token, SQL Server adds b'...' to it. For example, say I add the token ABC123, then it stores b'ABC123'.
This is causing problems down the line as when I compare the token stored in the database to the token being passed through the api, the comparison fails due to the additional characters (the database seems to have literally added a lower case b and two single quotes to the stored string).
I know I can just strip the b and quotes off my string once I pull it from the database, but I'd like to know why SQL Server is doing this and how I can prevent it from doing it.
Anyway, any insight would be much appreciated.
EDIT: is it possible pyodbc is doing this? Here is my code to insert:
cnxn = pyodbc.connect("<connection string>")
crsr = cnxn.cursor()
crsr.execute("insert into jwt values (?,?)", [userId, str(auth_token)])
Perhaps it is confused between Python 3 and Python 2 strings? (I'm using Python 3.6.) In that case, how would I fix it?
Turns out it was python's "str" conversion. jwt.encode returns a byte array which str then turns into b'...'. The solution was to decode the bytes explicitly instead of using str. So my new insert method is:
crsr.execute("insert into jwt values (?,?)", [userId, auth_token.decode("utf-8")])
Really a simple solution but one that is very obscure. Hopefully my efforts with this help someone else!