Django GraphQL Auth
Django registration and authentication with GraphQL.
Demo
About
Abstract all the basic logic of handling user accounts out of your app, so you don't need to think about it and can get up and running faster.
No lock-in. When you are ready to implement your own code or this package is not up to your expectations , it's easy to extend or switch to your implementation.
Documentation
Documentation is available at read the docs.
Features
- [x] Awesome docs :tada:
- [x] Fully compatible with Relay
- [x] Works with default or custom user model
- [x] JWT authentication (with Django GraphQL JWT)
- [x] User query with filters (with Django Filter and Graphene Django)
- [x] User registration with email verification
- [x] Add secondary email, with email verification too
- [x] Resend activation email
- [x] Retrieve/Update user
- [x] Archive user
- [x] Permanently delete user or make it inactive
- [x] Turn archived user active again on login
- [x] Track user status (archived, verified, secondary email)
- [x] Password change
- [x] Password reset through email
- [x] Revoke user refresh tokens on account archive/delete/password change/reset
- [x] All mutations return
success
anderrors
- [x] Default email templates (you will customize though)
- [x] Customizable, no lock-in
Full Schema
import graphene
from graphql_auth.schema import UserQuery, MeQuery
from graphql_auth import mutations
class AuthMutation(graphene.ObjectType):
register = mutations.Register.Field()
verify_account = mutations.VerifyAccount.Field()
resend_activation_email = mutations.ResendActivationEmail.Field()
send_password_reset_email = mutations.SendPasswordResetEmail.Field()
password_reset = mutations.PasswordReset.Field()
password_set = mutations.PasswordSet.Field() # For passwordless registration
password_change = mutations.PasswordChange.Field()
update_account = mutations.UpdateAccount.Field()
archive_account = mutations.ArchiveAccount.Field()
delete_account = mutations.DeleteAccount.Field()
send_secondary_email_activation = mutations.SendSecondaryEmailActivation.Field()
verify_secondary_email = mutations.VerifySecondaryEmail.Field()
swap_emails = mutations.SwapEmails.Field()
remove_secondary_email = mutations.RemoveSecondaryEmail.Field()
# django-graphql-jwt inheritances
token_auth = mutations.ObtainJSONWebToken.Field()
verify_token = mutations.VerifyToken.Field()
refresh_token = mutations.RefreshToken.Field()
revoke_token = mutations.RevokeToken.Field()
class Query(UserQuery, MeQuery, graphene.ObjectType):
pass
class Mutation(AuthMutation, graphene.ObjectType):
pass
schema = graphene.Schema(query=Query, mutation=Mutation)
Relay
Import mutations from the relay
module:
from graphql_auth import relay
class AuthMutation(graphene.ObjectType):
register = relay.Register.Field()
# ...
Example
Handling user accounts becomes super easy.
mutation {
register(
email: "[email protected]",
username: "new_user",
password1: "123456super",
password2: "123456super",
) {
success,
errors,
token,
refreshToken
}
}
Check the status of the new user:
u = UserModel.objects.last()
u.status.verified
# False
During the registration, an email with a verification link was sent.
mutation {
verifyAccount(
token:"<TOKEN ON EMAIL LINK>",
) {
success,
errors
}
}
Now user is verified.
u.status.verified
# True
Check the installation guide or jump to the quickstart. Or if you prefer, browse the api.
Contributing
See CONTRIBUTING.md