本文介绍了JWT 身份验证:使用 UI 令牌来验证 Graphene/Django (GraphQL) 查询?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在从事具有以下架构的项目:

I am working on a project with the following architecture:

  • UI:通过 Node 服务器、Apollo Client for GraphQL 对客户端和服务器端渲染做出反应,

  • UI: React on client and server-side rendering via a Node server, Apollo Client for GraphQL,

API:Django 通过 Graphene 处理 GraphQL 查询.

API: Django handles GraphQL queries through Graphene.

我使用 Auth0(基于 JWT)进行前端身份验证.我想使用我获得的令牌在 GraphQL 查询 API 端的上下文中对我的用户进行身份验证.

I use Auth0 (JWT based) for my frontend authentication. I would like to use the token I get to authenticate my user in the context of the GraphQL queries API side.

要将令牌传递给我的 API,我使用:

To pass the token to my API, I use:

const idToken = cookie.load('idToken') || null;
networkInterface.use([{
  applyMiddleware(req, next) {
    if (!req.options.headers) {
      req.options.headers = {};  // Create the header object if needed.
    }
    req.options.headers.authorization = `Bearer ${idToken}`;
    next();
  }
}]);

然后我需要在 Django 中检索它:我使用 django-jwt-auth 和@Craig Ambrose 提出的代码.

Then I need to retrieve it in Django: I use django-jwt-auth and the code proposed by @Craig Ambrose.

我的授权头被接收并解码(我可以得到有效载荷)但是在验证签名时出现问题:我收到错误解码签名."

My authorization header is received and decoded (I can get the payload) but there is a problem when verifying the signature: I get "Error decoding signature."

这很奇怪,因为我在 jwt.io 上测试时验证了签名.

This is strange since the signature is verified when I test it on jwt.io.

如何在 Django 端进行身份验证?

How can I authenticate on Django side ?

推荐答案

我刚刚使用 django-jwt-auth(未使用 Auth0)完成此操作

I've just done this using django-jwt-auth (not using Auth0)

例如,该包提供了一个 JSONWebTokenAuthMixin,您可以将其与来自 graphene_django 的 GraphQLView 结合.

That package provides a JSONWebTokenAuthMixin that you can combine with the GraphQLView from graphene_django, for example.

from jwt_auth.mixins import JSONWebTokenAuthMixin

class AuthGraphQLView(JSONWebTokenAuthMixin, GraphQLView):
    pass

urlpatterns = [
    url(r'^graphql', csrf_exempt(AuthGraphQLView.as_view(schema=schema))),
    url(r'^graphiql', include('django_graphiql.urls')),
]

这有效,但我发现 graphiql 停止工作,因为它没有发送到令牌.出于开发目的,我想继续使用基于 cookie 的身份验证,因此将其更改为以下内容.

This works, but I found that graphiql stopped working, because it wasn't sending to token. I wanted to keep using cookie based auth for that, for dev purposes, so changed it to the following.

from jwt_auth.mixins import JSONWebTokenAuthMixin

class OptionalJWTMixin(JSONWebTokenAuthMixin):
    def dispatch(self, request, *args, **kwargs):
        auth = get_authorization_header(request)
        if auth:
            return super(OptionalJWTMixin, self).dispatch(request, *args, **kwargs)
        else:
            return super(JSONWebTokenAuthMixin, self).dispatch(request, *args, **kwargs)


class AuthGraphQLView(OptionalJWTMixin, GraphQLView):
    pass

urlpatterns = [
    url(r'^graphql', csrf_exempt(AuthGraphQLView.as_view(schema=schema))),
    url(r'^graphiql', include('django_graphiql.urls')),
]

这篇关于JWT 身份验证:使用 UI 令牌来验证 Graphene/Django (GraphQL) 查询?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-20 08:18
查看更多