'Django Graphql Auth not logged in user

I'm using Django Graphql Auth in my api but when I want to get the current logged in user always get the Anonymous.

# settings.py

MIDDLEWARE = [
    # ...
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    # ...
]

AUTH_USER_MODEL = 'base.User'

AUTHENTICATION_BACKENDS = [
    # 'graphql_jwt.backends.JSONWebTokenBackend',
    'graphql_auth.backends.GraphQLAuthBackend',
    'django.contrib.auth.backends.ModelBackend',
]
GRAPHENE = {
    'SCHEMA_INDENT': 4,
    'SCHEMA': 'byt.schema.schema',
    'MIDDLEWARE': [
        'graphql_jwt.middleware.JSONWebTokenMiddleware',
        'graphene_django_extras.ExtraGraphQLDirectiveMiddleware'
    ]
}

GRAPHQL_AUTH = {
    'LOGIN_ALLOWED_FIELDS': ['email', 'username'],
    # ...
}
GRAPHQL_JWT = {
    'JWT_VERIFY_EXPIRATION': True,
    'JWT_LONG_RUNNING_REFRESH_TOKEN': True,
    'ALLOW_LOGIN_NOT_VERIFIED': True,
    'JWT_ALLOW_ARGUMENT': True,
    "JWT_ALLOW_ANY_CLASSES": [
        "graphql_auth.mutations.Register",
        "graphql_auth.mutations.VerifyAccount",
        "graphql_auth.mutations.ResendActivationEmail",
        "graphql_auth.mutations.SendPasswordResetEmail",
        "graphql_auth.mutations.PasswordReset",
        "graphql_auth.mutations.ObtainJSONWebToken",
        "graphql_auth.mutations.VerifyToken",
        "graphql_auth.mutations.RefreshToken",
        "graphql_auth.mutations.RevokeToken",
        "graphql_auth.mutations.VerifySecondaryEmail",
    ],
}
EMAIL_BACKEND = 'sendgrid_backend.SendgridBackend'

# custom user model 

class User(AbstractUser):
    ROLES = (
        ('ADMIN', 'ADMIN'),
        ('USER', 'USER'),
        ('BUSINESS', 'BUSINESS'),
        ('TALENT', 'TALENT')
    )
    first_name = models.CharField(max_length=254, default="John")
    last_name = models.CharField(max_length=254, default="Doe")
    email = models.EmailField(
        blank=False, max_length=254, verbose_name="email address")
    role = models.CharField(max_length=8, choices=ROLES, default="USER")

    USERNAME_FIELD = "username"  # e.g: "username", "email"
    EMAIL_FIELD = "email"  # e.g: "email", "primary_email"

    def __str__(self):
        return self.username


# schema user
import graphene
from graphene_django import DjangoObjectType
from graphql_auth import mutations
from graphql_auth.schema import UserQuery, MeQuery


class AuthMutation(graphene.ObjectType):
    register = mutations.Register.Field()
    verify_account = mutations.VerifyAccount.Field()
    resend_activation_email = mutations.ResendActivationEmail.Field()
    send_password_reset_email = mutations.SendPasswordResetEmail.Field()
    password_reset = mutations.PasswordReset.Field()
    password_change = mutations.PasswordChange.Field()
    archive_account = mutations.ArchiveAccount.Field()
    delete_account = mutations.DeleteAccount.Field()
    update_account = mutations.UpdateAccount.Field()
    send_secondary_email_activation = mutations.SendSecondaryEmailActivation.Field()
    verify_secondary_email = mutations.VerifySecondaryEmail.Field()
    swap_emails = mutations.SwapEmails.Field()

    # django-graphql-jwt inheritances
    token_auth = mutations.ObtainJSONWebToken.Field()
    verify_token = mutations.VerifyToken.Field()
    refresh_token = mutations.RefreshToken.Field()
    revoke_token = mutations.RevokeToken.Field()


class Query(UserQuery, MeQuery, graphene.ObjectType):
    pass


class Mutation(AuthMutation, graphene.ObjectType):
    pass

The mutation tokenAuth returns a valid token but when I try to execute the 'me' query with that token in header the query returns null because info.context.user is the Anonymous.

What am I missing?

pythonpython-3.xdjangographqldjango-graphql-jwt


Solution 1:[1]

How are you passing the bearer token? graphql_auth is using 'JWT' instead of 'Bearer' as token prefix.

Solution 2:[2]

What you are missing is JWT does not log in a user it only authenticate. ie, it only verifies that the username and password are valid.

So you cannot run the me query because of info.context.user, if you remove it will run.

To return a logged-in user, first have to log them in using:

    from django.contrib.auth import authenticate, login

    class UserType(DjangoObjectType):
        class Meta:
            model = YourUserModel

    class Query(ObjectType):
        ...
        me = graphene.Field(UserType)

        def resolve_me(self, info, **kwargs):
            username = kwargs.get('username')
            password = kwargs.get('password')
            user = authenticate(username=username, password=password)
            login(user)
            if user.is_anonymous:
                raise Exception('Authentication Failure!')
            return YourUserModel.objects.get(pk=info.context.user)

NOTE: check the DOC

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Jerven Clark
Solution 2

Related Questions

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

pip issue installing almost any library

pip issue installing almost any library

pip issue installing almost any library

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

A simple SMTP server (in Python)

How to specify which pytorch to import, if I have two different versions installed?

How to specify which pytorch to import, if I have two different versions installed?

A simple SMTP server (in Python)

Python: get all months in range?

Python: get all months in range?

Python: get all months in range?

How to specify which pytorch to import, if I have two different versions installed?