Skip to content
This repository has been archived by the owner on Oct 29, 2018. It is now read-only.

SillyFreak/django-graphene-jwt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits

graphene_jwt

graphene_jwt

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

MANIFEST.in

MANIFEST.in

 
 

README.rst

README.rst

 
 

setup.py

setup.py

 
 

Repository files navigation

Graphene JWT Auth

JSON Web Token Authentication support for Django + Graphene

This package provides JWT authentication via GraphQL using Graphene, similarly to how django-rest-framework-jwt exposes JWT via REST.

django-graphene-jwt uses djangorestframework-jwt under the hood; it simply adapts the request and response handling to suit Graphene. That means that djangorestframework-jwt's settings are used.

Some caveats and known issues:

  • The JWTGraphQLView class is pretty ad-hoc; using the REST_FRAMEWORK.DEFAULT_AUTHENTICATION_CLASSES setting would probably be better. Also, there is no equivalent of DEFAULT_PERMISSION_CLASSES. Checking permissions is currently the resolvers' and mutation methods' responsibility.
  • There is no test suite and there has not been a formal code review! This is security code, and while the attack surface is small, it has to be pointed out. If you think about using this library, read the code; it's only 170 lines in total, in schema.py and views.py.

If you want production-grade Graphene JWT support, think about contributing!

Installation

django-graphene-jwt is not on pypi yet. For installation, use:

pip install git+https://github.com/SillyFreak/django-graphene-jwt

Usage

Like with any Graphene application, make sure you have the following settings applied:

INSTALLED_APPS = (
    # ...
    'graphene_django',
)

GRAPHENE = {
    'SCHEMA': 'app.schema.schema' # Where your Graphene schema lives
}

Add a URL for the GraphQL API, and use the JWTGraphQLView class to have the JWT authentication header parsed:

from django.conf.urls import url
from graphene_jwt.views import JWTGraphQLView

urlpatterns = [
    # ...
    url(r'^graphql/', JWTGraphQLView.as_view(graphiql=True)),
]

In you schema, make sure you inherit the graphene_jwt queries and mutations:

import graphene
import graphene_jwt.schema

class Query(graphene_jwt.schema.Query, graphene.ObjectType):
    pass

class Mutation(graphene_jwt.schema.Mutation, graphene.ObjectType):
    pass

schema = graphene.Schema(query=Query, mutation=Mutation)

To explore the schema, go to http://localhost:8000/graphql/ and open the documentation explorer. Here is a quick overview:

# verifies a token and returns that same token along with the user
query JWTVerify($token: String!) {
  jwtVerify(token: $token) {
    token
    user {
      id
      username
      email
      firstName
      lastName
      # ...
    }
  }
}

# authenticates a user and returns a token along with the user
mutation JWTLogin($username: String!, $password: String!) {
  jwtLogin(username: $username, password: $password) {
    token
    user {
      # ...
    }
  }
}

# refreshes a valid token and returns a new token along with the user
mutation JWTRefresh($token: String!) {
  jwtLogin(token: $token) {
    token
    user {
      # ...
    }
  }
}

About

Discontinued - prefer for example https://github.com/flavors/django-graphql-jwt/

Resources

Readme

License

AGPL-3.0 license
Activity

Stars

2 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages