Comments (4)
Hi @TitanFighter,
The authentication header is not used to verify and refresh tokens, credentials are not required.
from django-graphql-jwt.
On the other hand I think it's a good idea to refresh a token using the authentication header, but in this case I would prefer a token as a required field and defined within the GraphQL/schema.
from django-graphql-jwt.
Hi @mongkok
The authentication header is not used to verify and refresh tokens, credentials are not required.
Yes, I know, but what I am thinking about is the next case: when a user is already authenticated, we already use authentication header and additionally from time to time we anyway refresh it, so in this case we can refresh token based on the header. It was just a proposition :)
Regarding token verification... I implemented it in the wrong way... Now I see that at first it should be verified and after this it should be add to the header.
from django-graphql-jwt.
Is a good proposal @TitanFighter, but for this package I would prefer a required token within GraphQL schema.
from django.utils.translation import ugettext as _
import graphene
from graphene.types.generic import GenericScalar
from graphql_jwt.exceptions import JSONWebTokenError
from graphql_jwt.utils import get_authorization_header, get_payload
class Verify(graphene.Mutation):
payload = GenericScalar()
class Arguments:
token = graphene.String()
@classmethod
def mutate(cls, root, info, token=None, **kwargs):
if token is None:
token = get_authorization_header(info.context)
if token is None:
JSONWebTokenError(_('Token is required'))
return cls(payload=get_payload(token, info.context))
from django-graphql-jwt.
Related Issues (20)
- Is it possible to turn the token field names configurable by settings?
- Understanding jwt_payload util method
- modulenotfounderror: no module named 'graphql_jwt'
- How to delete a Token from the server-side (mutation). when a user gives a logout the token will be destroyed from server-side by using mutation? is it possible? If so. please explain. HOT 2
- How can I create/set JWT Token in Django view and then redirect to Frontend? HOT 1
- fails if root object types not named Query and Mutation HOT 3
- Cant Delete Cookies With Same Settings with tokenAuth Mutation
- Implement a log out HOT 1
- TypeError: Signal.__init__() got an unexpected keyword argument 'providing_args' HOT 1
- Selective application of JWT expiration check for specific operations
- import error from strawberry_django.utlis
- Tests fails in year 2038
- Graphene 3 support? HOT 2
- TypeError: JSONWebTokenMiddleware.__init__() takes 1 positional argument but 2 were given
- from django.utils.translation import ugettext as _
- Add custom key-value pair in JWT payload.
- cannot import name 'ugettext' from 'django.utils.translation' HOT 4
- Add fingerprint to token and cookies to prevent sidejacking
- Case sensitive Username
- TypeError: Signal.__init__() got an unexpected keyword argument 'providing_args' HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from django-graphql-jwt.