Django GraphQL Auth

Django registration and authentication with GraphQL.

Demo

Demo Video

About

Abstract all the basic logic of handling user accounts out of your app, so you don't need to think about it and can get up and running faster.

No lock-in. When you are ready to implement your own code or this package is not up to your expectations , it's easy to extend or switch to your implementation.

Documentation

Documentation is available at read the docs.

Features

[x] Awesome docs :tada:
[x] Fully compatible with Relay
[x] Works with default or custom user model
[x] JWT authentication (with Django GraphQL JWT)
[x] User query with filters (with Django Filter and Graphene Django)
[x] User registration with email verification
[x] Add secondary email, with email verification too
[x] Resend activation email
[x] Retrieve/Update user
[x] Archive user
[x] Permanently delete user or make it inactive
[x] Turn archived user active again on login
[x] Track user status (archived, verified, secondary email)
[x] Password change
[x] Password reset through email
[x] Revoke user refresh tokens on account archive/delete/password change/reset
[x] All mutations return success and errors
[x] Default email templates (you will customize though)
[x] Customizable, no lock-in

Full Schema


import graphene

from graphql_auth.schema import UserQuery, MeQuery
from graphql_auth import mutations

class AuthMutation(graphene.ObjectType):
    register = mutations.Register.Field()
    verify_account = mutations.VerifyAccount.Field()
    resend_activation_email = mutations.ResendActivationEmail.Field()
    send_password_reset_email = mutations.SendPasswordResetEmail.Field()
    password_reset = mutations.PasswordReset.Field()
    password_set = mutations.PasswordSet.Field() # For passwordless registration
    password_change = mutations.PasswordChange.Field()
    update_account = mutations.UpdateAccount.Field()
    archive_account = mutations.ArchiveAccount.Field()
    delete_account = mutations.DeleteAccount.Field()
    send_secondary_email_activation =  mutations.SendSecondaryEmailActivation.Field()
    verify_secondary_email = mutations.VerifySecondaryEmail.Field()
    swap_emails = mutations.SwapEmails.Field()
    remove_secondary_email = mutations.RemoveSecondaryEmail.Field()

    # django-graphql-jwt inheritances
    token_auth = mutations.ObtainJSONWebToken.Field()
    verify_token = mutations.VerifyToken.Field()
    refresh_token = mutations.RefreshToken.Field()
    revoke_token = mutations.RevokeToken.Field()

class Query(UserQuery, MeQuery, graphene.ObjectType):
    pass

class Mutation(AuthMutation, graphene.ObjectType):
    pass

schema = graphene.Schema(query=Query, mutation=Mutation)

Relay

Import mutations from the relay module:


from graphql_auth import relay

class AuthMutation(graphene.ObjectType):
   register = relay.Register.Field()
   # ...

Example

Handling user accounts becomes super easy.

mutation {
  register(
    email: "new_user@email.com",
    username: "new_user",
    password1: "123456super",
    password2: "123456super",
  ) {
    success,
    errors,
    token,
    refreshToken
  }
}

Check the status of the new user:

u = UserModel.objects.last()
u.status.verified
# False

During the registration, an email with a verification link was sent.

mutation {
  verifyAccount(
    token:"<TOKEN ON EMAIL LINK>",
  ) {
    success,
    errors
  }
}

Now user is verified.

u.status.verified
# True

Check the installation guide or jump to the quickstart. Or if you prefer, browse the api.

Contributing

See CONTRIBUTING.md

PedroBern / django-graphql-auth

readme