Blacklist backends¶
Reference for the abstract blacklist base class and the two concrete backends shipped with Restflow. See the Blacklist section of the JWT guide for selection and configuration notes.
BlacklistBackend ¶
Abstract base for JWT blacklist storage. Subclasses implement blacklist and is_blacklisted (sync) plus ablacklist, ais_blacklisted, and add (async), selected via the JWT BLACKLIST_BACKEND setting.
blacklist ¶
Records the JTI as blacklisted until the given expiry timestamp.
is_blacklisted
async
¶
Returns True if the JTI is currently in the blacklist.
ablacklist
async
¶
Records the JTI as blacklisted until the given expiry timestamp.
ais_blacklisted
async
¶
Returns True if the JTI is currently in the blacklist.
CacheBlacklistBackend ¶
Bases: BlacklistBackend
Cache backed JWT blacklist using the configured Django cache. Entries are keyed by the token JTI and expire automatically when the token would have.
blacklist ¶
Stores the JTI in the cache with a TTL equal to the token's remaining lifetime.
is_blacklisted
async
¶
Returns True if the JTI is present in the cache.
ablacklist
async
¶
Stores the JTI in the cache with a TTL equal to the token's remaining lifetime.
ais_blacklisted
async
¶
Returns True if the JTI is present in the cache.
ModelBlacklistBackend ¶
Bases: BlacklistBackend
Django model backed JWT blacklist. Persists revoked JTIs in BlacklistedToken rows. Requires 'restflow.authentication' in INSTALLED_APPS.
blacklist ¶
Inserts a BlacklistedToken row for the given JTI if one does not already exist.
is_blacklisted
async
¶
Returns True if a BlacklistedToken row exists for the given JTI.
ablacklist
async
¶
Inserts a BlacklistedToken row for the given JTI if one does not already exist.
ais_blacklisted
async
¶
Returns True if a BlacklistedToken row exists for the given JTI.