Django GraphQL registration and authentication compatible with the latest versions of Django, Django GraphQL JWT
This project was based on the forked repository from Django GraphQL Auth - created by Pedro Bern (thanks so much for a great job).
The reason I decided to create this project is that the original doesn't support the newer versions of django, graphene-django and django-graphql-jwt. Futhermore, it appears that the original one will not be further developed in the near future.
Documentation is available at read the docs.
- Docs
- Fully compatible with Relay
- Works with default or custom user model
- JWT authentication (with Django GraphQL JWT)
- User query with filters (with Django Filter and Graphene Django)
- User registration with email verification
- Add secondary email, with email verification too
- Resend activation email
- Retrieve/Update user
- Archive user
- Permanently delete user or make it inactive
- Turn archived user active again on login
- Track user status (archived, verified, secondary email)
- Password change
- Password reset through email
- Revoke user refresh tokens on account archive/delete/password change/reset
- All mutations return
successanderrors - Default email templates (you will customize though)
- Customizable, no lock-in
import graphene
from graphql_auth.schema import UserQuery, MeQuery
from graphql_auth import mutations
class AuthMutation(graphene.ObjectType):
register = mutations.Register.Field()
verify_account = mutations.VerifyAccount.Field()
resend_activation_email = mutations.ResendActivationEmail.Field()
send_password_reset_email = mutations.SendPasswordResetEmail.Field()
password_reset = mutations.PasswordReset.Field()
password_set = mutations.PasswordSet.Field() # For passwordless registration
password_change = mutations.PasswordChange.Field()
update_account = mutations.UpdateAccount.Field()
archive_account = mutations.ArchiveAccount.Field()
delete_account = mutations.DeleteAccount.Field()
send_secondary_email_activation = mutations.SendSecondaryEmailActivation.Field()
verify_secondary_email = mutations.VerifySecondaryEmail.Field()
swap_emails = mutations.SwapEmails.Field()
remove_secondary_email = mutations.RemoveSecondaryEmail.Field()
# django-graphql-jwt inheritances
token_auth = mutations.ObtainJSONWebToken.Field()
verify_token = mutations.VerifyToken.Field()
refresh_token = mutations.RefreshToken.Field()
revoke_token = mutations.RevokeToken.Field()
class Query(UserQuery, MeQuery, graphene.ObjectType):
pass
class Mutation(AuthMutation, graphene.ObjectType):
pass
schema = graphene.Schema(query=Query, mutation=Mutation)Import mutations from the relay module:
from graphql_auth import relay
class AuthMutation(graphene.ObjectType):
register = relay.Register.Field()
# ...Handling user accounts becomes super easy.
mutation {
register(
email: "new_user@email.com",
username: "new_user",
password1: "123456super",
password2: "123456super",
) {
success,
token, # optional, depending on settings of GRAPHQL_AUTH['ALLOW_LOGIN_NOT_VERIFIED']
refreshToken # optional, depending on settings of GRAPHQL_JWT['JWT_LONG_RUNNING_REFRESH_TOKEN']
}
}Check the status of the new user:
u = UserModel.objects.last()
u.status.verified
# FalseDuring the registration, an email with a verification link was sent.
mutation {
verifyAccount(
token:"<TOKEN ON EMAIL LINK>",
) {
success
}
}Now user is verified.
u.status.verified
# TrueCheck the installation guide. Or if you prefer, browse the api.