django-ariadne-jwt

JSON Web Token for Django Ariadne

These details have not been verified by PyPI

Project links

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Development Status
- 2 - Pre-Alpha
Environment
- Web Environment
Framework
Intended Audience
- Developers
License
- OSI Approved :: MIT License
Operating System
- OS Independent
Programming Language

Project description

Support for JWT based authentication for use with the ariadne graphql library running inside a Django project. It is heavily inspired by django-graph-jwt.

Installation

pip install django-ariadne-jwt

How to use

django-ariadne-jwt aims to be easy to install and use.

First add JSONWebTokenBackend to your AUTHENTICATION_BACKENDS

AUTHENTICATION_BACKENDS = [
  "django_ariadne_jwt.backends.JSONWebTokenBackend",
  # Any other authentication backends...
  "django.contrib.auth.backends.ModelBackend",
]

Then add JSONWebTokenMiddleware to your view

from django_ariadne_jwt.middleware import JSONWebTokenMiddleware

urlpatterns = [
  # Your other paths...
  path(
      "graphql/",
      csrf_exempt(
          GraphQLView.as_view(
              schema=schema, middleware=[JSONWebTokenMiddleware()]
          )
      ),
      name="graphql"
  )
]

Or to your queries:

ariadne.graphql_sync(
    schema,
    {
        "query": """
        query {
            test
        }
        """
    },
    middleware=[JSONWebTokenMiddleware()],
)

And then add the login_decorator to your resolvers before adding the field:

from django_ariadne_jwt.decorators import login_required

@query_type.field("test")
@login_required
def resolve_test(*args):
  ...

This will prevent the field from resolving and ariadne will add an error to the query result.

Finally add the type definitions and resolvers to the executable schema

from django_ariadne_jwt.resolvers import (
  auth_token_definition,
  auth_token_verification_definition,
  resolve_token_auth,
  resolve_refresh_token,
  resolve_verify_token,
)

type_definitions = """
  ...

  type Mutation {
    ...
    tokenAuth(username: String!, password: String!): AuthToken!
    refreshToken(token: String!): AuthToken!
    verifyToken(token: String!): AuthTokenVerification!
    ...
  }
"""

auth_type_definitions = [
  auth_token_definition,
  auth_token_verification_definition,
]

resolvers = [
  ...
]

auth_resolvers = [
  resolve_token_auth,
  resolve_refresh_token,
  resolve_verify_token,
]

schema = ariadne.make_executable_schema(
  [type_definitions] + auth_type_definitions, resolvers + auth_resolvers
)

Once you get an auth token, set the HTTP Authorization header to:

Token <token>

How to contribute

django-ariadne-jwt is at a very early stage. It is currently missing documentation, better testing and a lot of configuration options. Pull requests with any of these are greatly appreciated.