Search code examples
pythonflaskswagger-2.0flask-restx

Flask-Restx & Swagger Authorizations Sending Incorrect Token in Header

I have a Flask REST API that is using Flask-Restx, and JWT token authentication and is working making calls out of postman. However, when I am trying to use swagger, the token being sent is not the one I am inputting through the interface. My code looks like the following:

blueprint = Blueprint('api_bp', __name__, url_prefix='/api/1')

authorizations = {
    'api_key' : {
        'type' : 'apiKey',
        'in' : 'header',
        'name' : 'x-access-token'
    }
}

api = Api(blueprint,
          authorizations=authorizations,
          title='My Title',
          version='1.0',
          security='api_key'
         )
from timesheets.views.api_bp import api as ns1

np = api.namespace('index', description='Index API')

def token_required(f): 
@wraps(f)
    def decorated(*args, **kwargs):
...

@np.route('/users')
class Users(Resource):
    @api.doc(security='api_key')
    @token_required
    def get(self, current_user):
        ...
        return jsonify({'user' : output})

Then on the swagger page, I can enter my auth token: enter image description here

and I can see that the correct x-access-token is placed in the curl call when I "Try it out."

enter image description here

But if I look into my request headers, every time I get the same x-access-token that is sent to my server:

enter image description here

So, where is this token being generated from? And how do I ensure I am only using the token I am passing through the interface?

Solution

  • After reviewing that it was the same key being returned, I found in the code that the value inputted was being overwritten by test data I had previously introduced