JWT身份验证:使用UI令牌对Graphene/Django(GraphQL)查询进行身份验证? [英] JWT Authentication: Use UI token to authenticate Graphene/Django (GraphQL) queries?

问题描述

我正在研究具有以下体系结构的项目:

I am working on a project with the following architecture:

• UI:通过节点服务器(用于GraphQL的Apollo客户端)对客户端和服务器端呈现做出反应，

• UI: React on client and server-side rendering via a Node server, Apollo Client for GraphQL,

API:Django通过Graphene处理GraphQL查询.

API: Django handles GraphQL queries through Graphene.

我使用Auth0(基于JWT)进行前端身份验证.我想使用在GraphQL查询API端的上下文中对用户进行身份验证的令牌.

I use Auth0 (JWT based) for my frontend authentication. I would like to use the token I get to authenticate my user in the context of the GraphQL queries API side.

[Edit2]

要将令牌传递给我的API，我使用:

To pass the token to my API, I use:

const idToken = cookie.load('idToken') || null;
networkInterface.use([{
  applyMiddleware(req, next) {
    if (!req.options.headers) {
      req.options.headers = {};  // Create the header object if needed.
    }
    req.options.headers.authorization = `Bearer ${idToken}`;
    next();
  }
}]);

然后我需要在Django中检索它:我使用django-jwt-auth和@Craig Ambrose提出的代码.

Then I need to retrieve it in Django: I use django-jwt-auth and the code proposed by @Craig Ambrose.

我的授权标头已接收并解码(我可以获取有效负载)，但是在验证签名时出现问题:我收到解码签名时出错".

My authorization header is received and decoded (I can get the payload) but there is a problem when verifying the signature: I get "Error decoding signature."

这很奇怪，因为当我在jwt.io上对其进行测试时，签名便已得到验证.

This is strange since the signature is verified when I test it on jwt.io.

如何在Django端进行身份验证?

How can I authenticate on Django side ?

推荐答案

我刚刚使用django-jwt-auth(未使用Auth0)完成了此操作

I've just done this using django-jwt-auth (not using Auth0)

该程序包提供了一个JSONWebTokenAuthMixin，例如，您可以将其与来自graphene_django的GraphQLView结合使用.

That package provides a JSONWebTokenAuthMixin that you can combine with the GraphQLView from graphene_django, for example.

from jwt_auth.mixins import JSONWebTokenAuthMixin

class AuthGraphQLView(JSONWebTokenAuthMixin, GraphQLView):
    pass

urlpatterns = [
    url(r'^graphql', csrf_exempt(AuthGraphQLView.as_view(schema=schema))),
    url(r'^graphiql', include('django_graphiql.urls')),
]

这可行，但是我发现graphiql停止工作了，因为它没有发送给令牌.为此，出于开发目的，我想继续使用基于cookie的身份验证，因此将其更改为以下内容.

This works, but I found that graphiql stopped working, because it wasn't sending to token. I wanted to keep using cookie based auth for that, for dev purposes, so changed it to the following.

from jwt_auth.mixins import JSONWebTokenAuthMixin

class OptionalJWTMixin(JSONWebTokenAuthMixin):
    def dispatch(self, request, *args, **kwargs):
        auth = get_authorization_header(request)
        if auth:
            return super(OptionalJWTMixin, self).dispatch(request, *args, **kwargs)
        else:
            return super(JSONWebTokenAuthMixin, self).dispatch(request, *args, **kwargs)


class AuthGraphQLView(OptionalJWTMixin, GraphQLView):
    pass

urlpatterns = [
    url(r'^graphql', csrf_exempt(AuthGraphQLView.as_view(schema=schema))),
    url(r'^graphiql', include('django_graphiql.urls')),
]

这篇关于JWT身份验证:使用UI令牌对Graphene/Django(GraphQL)查询进行身份验证?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！