search

urbanplatform / django-keycloak-auth

Middleware to allow authorization using Keycloak and Django for django-rest-framework (DRF). This package should only be used in projects starting from scratch, since it overrides the users' management.
MIT License
32 stars 14 forks source link

Superfluous GraphQL middleware #5

Closed moritz89 closed 2 years ago

moritz89 commented 2 years ago

The Graphene middleware (KeycloakGrapheneMiddleware) does not have any additional functionality over the standard middleware (KeycloakMiddleware). Both of them only add the user object to the request through the request's token. The only difference is that the Graphene middleware checks this for each field in the GraphQL query even though performing this once when the query is received is adequate.

The main reason for this issue is to remove it to avoid confusing future users of the library and simplifying the remaining middleware.

moritz89 commented 2 years ago

An idea would be to mark the functions of the class as deprecated and only remove it after releasing v2