Closed YuriyKrasilnikov closed 2 years ago
Hey @YuriyKrasilnikov!
Thanks so much for the PR, I really appreciate it :D I'm definitely a fan of adding support for authentication to this package (see the discussion in #14).
I do have a couple of questions about this approach that I'd love your thoughts on:
graphql_jwt
if they've got another auth system set up.Would love to get this merged once we chat about those things. Thanks again!
Hey @YuriyKrasilnikov!
Thanks so much for the PR, I really appreciate it :D I'm definitely a fan of adding support for authentication to this package (see the discussion in #14).
I do have a couple of questions about this approach that I'd love your thoughts on:
- Is there a way to make this compatible with Channels' built-in Django Authentication middleware instead of modifying the consumer directly? This seems like it might be a cleaner approach to take, and we would be able to rely on some Django built-in functionality to do the heavy lifting.
- If 1. isn't a possible, could you migrate this logic into a Custom Authentication Middleware for Channels? This way it's opt-in for users and doesn't require them to use
graphql_jwt
if they've got another auth system set up.Would love to get this merged once we chat about those things. Thanks again!
It's premature to commit, but a sketch with autorization through django:
def receive_connection_init(self, request):
self.user = self.scope['user']
def receive_start(self, request):
payload = request["payload"]
self.scope["method"] = self.scope["type"]
context = AsgiRequest(self.scope, BytesIO(b""))
context.user = self.user
context.id = request.get("id")
schema = graphene_settings.SCHEMA
Replaced AttrDict class to AsgiRequest Added auth from JWT Fixed work with graphql_jwt.decorators for subscription in schema