Strawberry-graphql port of the graphene-django-jwt package

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for AsiPanda from gravatar.com AsiPanda

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT License (MIT)

Author: Vojtěch Dohnal

Requires: Python >=3.7, <4.0

Classifiers

Project description

Strawberry Django JWT

PyPI - Downloads

GitHub commit activity GitHub last commit

Codecov Codacy grade

JSON Web Token authentication for Strawberry Django GraphQL

Disclaimer

This project is a forked version of Django GraphQL JWT that substitutes Graphene GraphQL backend for Strawberry

Installation

  1. Install last stable version from Pypi:

    pip install strawberry-django-jwt

  2. Add AuthenticationMiddleware middleware to your MIDDLEWARE settings:

    MIDDLEWARE = [
    ...,
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    ...,
]

  3. Add following django apps to INSTALLED_APPS:

    INSTALLED_APPS = [
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    ...,
]

    If using refresh tokens, also add strawberry_django_jwt.refresh_token

    INSTALLED_APPS = [
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    ...,
    'strawberry_django_jwt.refresh_token',
    ...,
]

  4. Add JSONWebTokenMiddleware or AsyncJSONWebTokenMiddleware middleware to your STRAWBERRY schema definition:

    from strawberry_django_jwt.middleware import JSONWebTokenMiddleware, AsyncJSONWebTokenMiddleware
from strawberry import Schema

# !! IMPORTANT !!
# Pick only one, async middleware is needed when using AsyncGraphQLSchema
schema = Schema(..., extensions=[
   JSONWebTokenMiddleware,
   AsyncJSONWebTokenMiddleware,
])

  5. Add JSONWebTokenBackend backend to your AUTHENTICATION_BACKENDS:

    AUTHENTICATION_BACKENDS = [
    'strawberry_django_jwt.backends.JSONWebTokenBackend',
    'django.contrib.auth.backends.ModelBackend',
]

  6. Add strawberry-django-jwt mutations to the root schema:

  • for sync:
import strawberry
import strawberry_django_jwt.mutations as jwt_mutations

@strawberry.type
class Mutation:
    token_auth = jwt_mutations.ObtainJSONWebToken.obtain
    verify_token = jwt_mutations.Verify.verify
    refresh_token = jwt_mutations.Refresh.refresh
    delete_token_cookie = jwt_mutations.DeleteJSONWebTokenCookie.delete_cookie

schema = strawberry.Schema(mutation=Mutation, query=...)
  • for async:
import strawberry
import strawberry_django_jwt.mutations as jwt_mutations

@strawberry.type
class Mutation:
    token_auth = jwt_mutations.ObtainJSONWebTokenAsync.obtain
    verify_token = jwt_mutations.VerifyAsync.verify
    refresh_token = jwt_mutations.RefreshAsync.refresh
    delete_token_cookie = jwt_mutations.DeleteJSONWebTokenCookieAsync.delete_cookie

schema = strawberry.Schema(mutation=Mutation, query=...)

  1. [OPTIONAL] Set up the custom Strawberry views

    These views set the status code of failed authentication attempts to 401 instead of the default 200.

    from django.urls import re_path
from strawberry_django_jwt.decorators import jwt_cookie
from strawberry_django_jwt.views import StatusHandlingGraphQLView as GQLView
from ... import schema

urlpatterns += \
[
    re_path(r'^graphql/?$', jwt_cookie(GQLView.as_view(schema=schema))),
]

    or, for async views:

    from django.urls import re_path
from strawberry_django_jwt.decorators import jwt_cookie
from strawberry_django_jwt.views import AsyncStatusHandlingGraphQLView as AGQLView
from ... import schema

urlpatterns += \
[
    re_path(r'^graphql/?$', jwt_cookie(AGQLView.as_view(schema=schema))),
]

Known Issues

  • JWT_ALLOW_ANY_CLASSES

    • Only supports return-type based filtering at the moment, because strawberry does not use class-based field definitions (so all superclasses are dropped)

    • It might be possible to create a workaround by using either a class decorator or by creating a custom graphql scheme that somehow preserves class hierarchy of types

Example Application

To start the example application, install poetry dev dependencies (poetry install will suffice) and run poetry run uvicorn tests.example_app.asgi:application

Quickstart Documentation

===============Work in Progress===============

Relay support has been temporarily removed due to lack of experience with Relay

Most of the features are conceptually the same as those provided by Django GraphQL JWT

Authenticating Fields

Fields can be set to auth-only using the login_required decorator in combination with strawberry.field or via login_field

import strawberry
from strawberry.types import Info
from strawberry_django_jwt.decorators import login_required
from strawberry_django_jwt.decorators import login_field


@strawberry.type
class Query:
    @login_field
    def hello(self, info: Info) -> str:
        return "World"

    @strawberry.field
    @login_required
    def foo(self, info: Info) -> str:
        return "Bar"

    @strawberry.field
    @login_required
    def foo2(self) -> str:
        return "Bar2"

The info argument is optional. If not provided, the login_required decorator decorates the resolver function with a custom function with info.

All required function arguments that are not present in the definition (atm. only info) will be added by the login_required decorator to the self dictionary as kwargs.

Model Mutations

You can add the login_required decorator to them as well

import strawberry
from strawberry_django_jwt.decorators import login_required
from strawberry.django import mutations


@strawberry.type
class Mutation:
    foo_create: FooType = login_required(mutations.create(FooInput))
    foo_delete: FooType = login_required(mutations.update(FooPartialInput))
    foo_update: FooType = login_required(mutations.delete())

Async Views

Should be fully supported :)

import strawberry
from strawberry_django_jwt.decorators import login_field


@strawberry.type
class Query:
    @login_field
    async def foo(self) -> str:
        return "bar"

Other

The introspection query authentication can be controlled by setting JWT_AUTHENTICATE_INTROSPECTION

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for AsiPanda from gravatar.com AsiPanda

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT License (MIT)

Author: Vojtěch Dohnal

Requires: Python >=3.7, <4.0

Classifiers

Release history Release notifications | RSS feed

This version

0.2.3

0.2.2

0.2.2.dev1658868753 pre-release

0.2.2.dev1658771823 pre-release

0.2.2.dev1658651018 pre-release

0.2.2.dev1658650188 pre-release

0.2.1

0.2.1.dev1657400780 pre-release

0.2.1.dev1651643920 pre-release

0.2.1.dev1651643915 pre-release

0.2.1.dev1651643910 pre-release

0.2.1.dev1651615618 pre-release

0.2.1.dev1651613987 pre-release

0.2.1.dev1645617707 pre-release

0.2.1.dev1645617694 pre-release

0.2.1.dev1645608317 pre-release

0.2.1.dev1645607498 pre-release

0.2.1.dev1645537550 pre-release

0.2.1.dev1645534192 pre-release

0.2.1.dev1645534178 pre-release

0.2.1.dev1645530641 pre-release

0.2.1.dev1645529349 pre-release

0.2.1.dev1645529233 pre-release

0.2.1.dev1645529133 pre-release

0.2.1.dev1645529131 pre-release

0.2.1.dev1645529117 pre-release

0.2.1.dev1645529111 pre-release

0.2.0

0.1.11.dev1642152573 pre-release

0.1.11.dev1642152562 pre-release

0.1.11.dev1642113051 pre-release

0.1.11.dev1641996574 pre-release

0.1.11.dev1641994783 pre-release

0.1.11.dev1641994776 pre-release

0.1.11.dev1641993974 pre-release

0.1.11.dev1641993852 pre-release

0.1.11.dev1641993838 pre-release

0.1.11.dev1641993383 pre-release

0.1.11.dev1639482862 pre-release

0.1.10

0.1.10.dev1639476172 pre-release

0.1.10.dev1639475339 pre-release

0.1.9

0.1.9.dev1638989485 pre-release

0.1.9.dev1638989390 pre-release

0.1.9.dev1638989373 pre-release

0.1.9.dev1638989359 pre-release

0.1.9.dev1638989347 pre-release

0.1.9.dev1638358799 pre-release

0.1.9.dev1638008367 pre-release

0.1.8

0.1.8.dev1638006414 pre-release

0.1.8.dev1637951766 pre-release

0.1.8.dev1637951755 pre-release

0.1.8.dev1637944724 pre-release

0.1.8.dev1637935778 pre-release

0.1.8.dev1637931257 pre-release

0.1.8.dev1637931238 pre-release

0.1.8.dev1637237772 pre-release

0.1.8.dev1637237756 pre-release

0.1.8.dev1637237751 pre-release

0.1.8.dev1636723039 pre-release

0.1.8.dev1636723032 pre-release

0.1.8.dev1635843707 pre-release

0.1.7

0.1.7.dev1635582694 pre-release

0.1.7.dev1635582396 pre-release

0.1.7.dev1635451915 pre-release

0.1.7.dev1635197662 pre-release

0.1.7.dev1635197655 pre-release

0.1.7.dev1634982097 pre-release

0.1.7.dev1634981929 pre-release

0.1.7.dev1634981855 pre-release

0.1.6

0.1.6.dev1634562329 pre-release

0.1.6.dev1634065812 pre-release

0.1.6.dev1634065805 pre-release

0.1.6.dev1634065731 pre-release

0.1.6.dev1633712890 pre-release

0.1.6.dev1633712873 pre-release

0.1.6.dev1633422747 pre-release

0.1.5

0.1.5.0.dev1633421300 pre-release

0.1.5.dev1633295050 pre-release

0.1.5.dev1633294561 pre-release

0.1.5.dev1633293342 pre-release

0.1.5.dev1633292756 pre-release

0.1.4.1

0.1.3

0.1.3a1 pre-release

0.1.3.dev1630176803 pre-release

0.1.3.dev1630175409 pre-release

0.1.3.dev1630042450 pre-release

0.1.2

0.1.2a1 pre-release

0.1.2.dev1630002176 pre-release

0.1.2.dev1630001215 pre-release

0.1.2.dev1630001045 pre-release

0.1.2.dev1630001025 pre-release

0.1.2.dev1630000921 pre-release

0.1.2.dev1628574730 pre-release

0.1.2.dev1628574699 pre-release

0.1.2.dev1628573532 pre-release

0.1.2.dev1628573456 pre-release

0.1.2.dev1628573444 pre-release

0.1.2.dev1628570660 pre-release

0.1.2.dev1628549440 pre-release

0.1.2.dev1628548213 pre-release

0.1.2.dev1627229366 pre-release

0.1.2.dev1626617560 pre-release

0.1.1

0.1.1a3 pre-release

0.1.1a2 pre-release

0.1.1a1 pre-release

0.1.1.dev1626616254 pre-release

0.1.1.dev1625257442 pre-release

0.1.1.dev1625159783 pre-release

0.1.1.dev1625157459 pre-release

0.1.1.dev1625031982 pre-release

0.1.1.dev1624997170 pre-release

0.1.1.dev1624629459 pre-release

0.1.1.dev1624359346 pre-release

0.1.1.dev1624316051 pre-release

0.1.1.dev1624312627 pre-release

0.1.1.dev1624299562 pre-release

0.1.0 yanked

Reason this release was yanked:

Should have been a pre-release

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

strawberry-django-jwt-0.2.3.tar.gz (30.4 kB view hashes)

Uploaded Source

Built Distribution

strawberry_django_jwt-0.2.3-py3-none-any.whl (50.4 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page