stackoom
  简体   繁体   中英

how to customize django jwt graphql authentication

 原文  2020-03-14 19:14:47       django/ graphql/ jwt

Question

Hi I'm trying to customize

jwt graphql Django default authentication

I need to achieve log in with username or email

normal Django we customized authentication backend.

mutation{
  tokenAuth(username:"myemail@email.com"
  password:"pass")
  {
    token
  }
}

Authenticate with username

mutation{
  tokenAuth(username:"myname"
  password:"pass")
  {
    token
  }
}

the normal username is working fine.

how I can authenticate the user by username or email in jwt graphql

I tried this link

https://django-graphql-jwt.domake.io/en/latest/customizing.html

I don't get any idea about that...

Does anyone have any idea about that??

2 answers

solution1
 0  2020-07-06 18:10:38

You have to make the changes on the Model level not in JWT, JWT will follow, because JWT is only a presentation of what is going on behind the scenes.

Look at the link under here, maybe it will help you! :)

Multiple USERNAME_FIELD in django user model

solution2
 0  2020-10-15 09:44:40

Disclaimer - mama's answer should work. Halfway through writting an answer I realised I'm wrong, but I still wanna show you what I wanted to suggest. It shows what JWT TokenAuth mutation does and a way to tap into that completely.

  1. change the inbuild Django authentication like mama's answer suggests
  2. rewrite graphql_jwt.decorators.token_auth to look at both fields, not just one
  3. write your own class for the TokenMutation that uses this decorator on it's mutate function

Something like so (untested):

def two_field_token_auth(f):
    @wraps(f)
    @setup_jwt_cookie
    @csrf_rotation
    @refresh_expiration
    def wrapper(cls, root, info, password, **kwargs):
        context = info.context
        context._jwt_token_auth = True
        username = kwargs.get('username')
        email = kwargs.get('email')

        user = your_auth_method(
            request=context,
            username=username,
            email=email,
            password=password,
        )
        if user is None:
            raise exceptions.JSONWebTokenError(
                _('Please enter valid credentials'),
            )

        if hasattr(context, 'user'):
            context.user = user

        result = f(cls, root, info, **kwargs)
        signals.token_issued.send(sender=cls, request=context, user=user)
        return maybe_thenable((context, user, result), on_token_auth_resolve)
    return wrapper

class TwoFieldJWTMutation(JSONWebTokenMutation):
    @classmethod
    @two_field_token_auth
    def mutate(cls, root, info, **kwargs):
        return cls.resolve(root, info, **kwargs)

All the necessary imports you can find here and here

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Authentication and Authorization with Django GraphQL JWT and Graphene Relay customize the get_payload function in django-graphql-jwt JWT Authentication: Use UI token to authenticate Graphene/Django (GraphQL) queries? How to customize errors with django-graphql-auth? Django GraphQL API with JWT authentication implementation still allows for unauthenticated requests from Postman get data. How do I fix this? How to change default 'username' in django-graphql-jwt How to combine mutations to create or login user in django-graphql-jwt? Customize django drf JWT response Authentication using JWT in Django Django Channels JWT Authentication
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM