问题描述
我正在从事具有以下架构的项目:
I am working on a project with the following architecture:
UI:通过 Node 服务器、Apollo Client for GraphQL 对客户端和服务器端渲染做出反应,
UI: React on client and server-side rendering via a Node server, Apollo Client for GraphQL,
API:Django 通过 Graphene 处理 GraphQL 查询.
API: Django handles GraphQL queries through Graphene.
我使用 Auth0(基于 JWT)进行前端身份验证.我想使用我获得的令牌在 GraphQL 查询 API 端的上下文中对我的用户进行身份验证.
I use Auth0 (JWT based) for my frontend authentication. I would like to use the token I get to authenticate my user in the context of the GraphQL queries API side.
要将令牌传递给我的 API,我使用:
To pass the token to my API, I use:
const idToken = cookie.load('idToken') || null;
networkInterface.use([{
applyMiddleware(req, next) {
if (!req.options.headers) {
req.options.headers = {}; // Create the header object if needed.
}
req.options.headers.authorization = `Bearer ${idToken}`;
next();
}
}]);
然后我需要在 Django 中检索它:我使用 django-jwt-auth 和@Craig Ambrose 提出的代码.
Then I need to retrieve it in Django: I use django-jwt-auth and the code proposed by @Craig Ambrose.
我的授权头被接收并解码(我可以得到有效载荷)但是在验证签名时出现问题:我收到错误解码签名."
My authorization header is received and decoded (I can get the payload) but there is a problem when verifying the signature: I get "Error decoding signature."
这很奇怪,因为我在 jwt.io 上测试时验证了签名.
This is strange since the signature is verified when I test it on jwt.io.
如何在 Django 端进行身份验证?
How can I authenticate on Django side ?
推荐答案
我刚刚使用 django-jwt-auth(未使用 Auth0)完成此操作
I've just done this using django-jwt-auth (not using Auth0)
例如,该包提供了一个 JSONWebTokenAuthMixin,您可以将其与来自 graphene_django 的 GraphQLView 结合.
That package provides a JSONWebTokenAuthMixin that you can combine with the GraphQLView from graphene_django, for example.
from jwt_auth.mixins import JSONWebTokenAuthMixin
class AuthGraphQLView(JSONWebTokenAuthMixin, GraphQLView):
pass
urlpatterns = [
url(r'^graphql', csrf_exempt(AuthGraphQLView.as_view(schema=schema))),
url(r'^graphiql', include('django_graphiql.urls')),
]
这有效,但我发现 graphiql 停止工作,因为它没有发送到令牌.出于开发目的,我想继续使用基于 cookie 的身份验证,因此将其更改为以下内容.
This works, but I found that graphiql stopped working, because it wasn't sending to token. I wanted to keep using cookie based auth for that, for dev purposes, so changed it to the following.
from jwt_auth.mixins import JSONWebTokenAuthMixin
class OptionalJWTMixin(JSONWebTokenAuthMixin):
def dispatch(self, request, *args, **kwargs):
auth = get_authorization_header(request)
if auth:
return super(OptionalJWTMixin, self).dispatch(request, *args, **kwargs)
else:
return super(JSONWebTokenAuthMixin, self).dispatch(request, *args, **kwargs)
class AuthGraphQLView(OptionalJWTMixin, GraphQLView):
pass
urlpatterns = [
url(r'^graphql', csrf_exempt(AuthGraphQLView.as_view(schema=schema))),
url(r'^graphiql', include('django_graphiql.urls')),
]
这篇关于JWT 身份验证:使用 UI 令牌来验证 Graphene/Django (GraphQL) 查询?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!