JSON Web Token for GraphQL
Project description
JSON Web Token Authentication for Django GraphQL
Dependencies
Python ≥ 3.4
Django ≥ 1.11
Installation
Install last stable version from Pypi.
pip install django-graphql-jwt
Include the JWT middleware in your MIDDLEWARE settings:
MIDDLEWARE = [
...
'django.contrib.auth.middleware.AuthenticationMiddleware',
'graphql_jwt.middleware.JWTMiddleware',
...
]
Include the JWT backend in your AUTHENTICATION_BACKENDS settings:
AUTHENTICATION_BACKENDS = [
'graphql_jwt.backends.JWTBackend',
'django.contrib.auth.backends.ModelBackend',
]
User Node
Let’s start by creating a simple UserNode.
from django.contrib.auth import get_user_model
import graphene
from graphene_django import DjangoObjectType
from graphql_jwt.utils import jwt_encode, jwt_payload
class UserNode(DjangoObjectType):
token = graphene.String()
class Meta:
model = get_user_model()
def resolve_token(self, info, **kwargs):
if info.context.user != self:
return None
payload = jwt_payload(self)
return jwt_encode(payload)
Login mutation
Create the LogIn mutation on your schema to authenticate the user.
from django.contrib.auth import authenticate, login
import graphene
class LogIn(graphene.Mutation):
user = graphene.Field(UserNode)
class Arguments:
username = graphene.String()
password = graphene.String()
@classmethod
def mutate(cls, root, info, username, password):
user = authenticate(username=username, password=password)
if user is None:
raise Exception('Please enter a correct username and password')
if not user.is_active:
raise Exception('It seems your account has been disabled')
login(info.context, user)
return cls(user=user)
Verify and refresh token
Add mutations to your GraphQL schema.
import graphene
import graphql_jwt
class Mutations(graphene.ObjectType):
verify_token = graphql_jwt.Verify.Field()
refresh_token = graphql_jwt.Refresh.Field()
schema = graphene.Schema(mutations=Mutations)
verifyToken to confirm that the JWT is valid.
mutation {
verifyToken(token: "...") {
payload
}
}
refreshToken to obtain a brand new token with renewed expiration time for non-expired tokens.
mutation {
refreshToken(token: "...") {
data
}
}
Environment variables
Algorithm for cryptographic signing Default: HS256
Identifies the recipients that the JWT is intended for Default: None
JWT_AUTH_HEADER_PREFIX
Authorization prefix Default: JWT
Identifies the principal that issued the JWT Default: None
Validate an expiration time which is in the past but not very far Default: seconds=0
JWT_SECRET_KEY
The secret key used to sign the JWT Default: settings.SECRET_KEY
Secret key verification Default: True
Expiration time verification Default: False
JWT_EXPIRATION_DELTA
Timedelta added to utcnow() to set the expiration time Default: minutes=5
JWT_ALLOW_REFRESH
Enable token refresh Default: True
JWT_REFRESH_EXPIRATION_DELTA
Limit on token refresh Default: days=7
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for django_graphql_jwt-0.1.1-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | cf43edfd330c5c0aa6a4c44d47e3c99137d8518e964afb4a587bbd87accc0e17 |
|
MD5 | cebf0940b66aa950c66b251670138570 |
|
BLAKE2b-256 | c6573866d634d356c57542c42af76f015afd6c0a2e4e5219e5fcf59aadaf67fc |