Verify_session doesn’t work with jwts. It’s meant only for session management verification from the frontend
For JWT Verifciation, use any standard JWT verification lib
b
bert2002
10/16/2022, 2:49 PM
Does that mean I can not make one endpoint available for both authentication methods? (either one?)
r
rp
10/16/2022, 2:50 PM
You can. You make make your own middleware which tries both the verification methods
verify_session takes a config which allows it to return none in case a sesion doesn’t exist. So if it returns none, try for normal JWT auth. And if that fails too, reject the request