-
Notifications
You must be signed in to change notification settings - Fork 2
Backend: User Management
The API including requests and responses is well documented in the Django-GraphQL-Auth documentation. There is also a video tutorial along with code on GitHub
Some request require authentication by sending a valid token in the header with the request.
header = {"Content-Type": "application/json", "Authorization": f"JWT {TOKEN}"}
For testing purposes, requests without authentication can be sent through localhost:8000/graphql. Requests with authentication require a valid token in the header, so they need to be sent through external software like Postman or scripts e.g. Python API tests.
Required info from user:
- username
- Password
- Repeat password
mutation {
register (
email: "test@pledge4future.org",
username: "lisalou",
password1: "lisa445566!",
password2: "lisa445566!"
) {
success
errors
}
}
{
"data": {
"register": {
"success": true,
"errors": null
}
}
}
After the user has been registered an activation email is sent to the email given by the user.
If sending the email fails, set EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' in ./backend/src/wepledge/settings.py so the email text will be printed in the command line.
<h3>localhost:8000</h3>
<p>Hello lisalou!</p>
<p>Please activate your account on the link:</p>
<p>http://localhost:8000/activate/eyJlbWFpbCI6Imxpc2Fsb3VAdW5pLWhkLmRlIiwiYWN0aW9uIjoiYWN0aXZhdGlvbiJ9:1mCmEp:eBGetW65MtzO5f9LJAIhFKHjhTcwEeS1Ys2sxUgMWIQ</p>
The token in the activation url is needed to verify the account.
mutation {
verifyAccount (
token: "eyJlbWFpbCI6Imxpc2Fsb3VAdW5pLWhkLmRlIiwiYWN0aW9uIjoiYWN0aXZhdGlvbiJ9:1mCmEp:eBGetW65MtzO5f9LJAIhFKHjhTcwEeS1Ys2sxUgMWIQ"
) {
success
errors
}
}
{
"data": {
"verifyAccount": {
"success": true,
"errors": null
}
}
}
Required info from user:
- password
mutation {
tokenAuth (
email: "test@pledge4future.org"
password: "lisa445566!"
) {
success
errors
token
refreshToken
user {
username
firstName
email
isRepresentative
}
}
}
{
"data": {
"tokenAuth": {
"success": true,
"errors": null,
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbWFpbCI6Imxpc2Fsb3VAdW5pLWhkLmRlIiwiZXhwIjoxNjI4NDQzNjc2LCJvcmlnSWF0IjoxNjI4NDQzMzc2fQ.SyQFNdccgxPnmMPtTmTKcOsNrhSlcdPVKOkyc-jjcm0",
"refreshToken": "6a548eb3aacc5886dd366d9e419ee4aad08aa9fc",
"user": {
"username": "lisalou",
"firstName": "",
"email": "lisalou@uni-hd.de",
"isRepresentative": false
}
}
}
}
User account needs to be verified firist.
Requres authentication by sending token in header
See documentation for more details.
Header
header = {"Content-Type": "application/json", "Authorization": f"JWT {TOKEN}"}
Request
mutation {
updateAccount (
firstName: "Louise"
) {
success
errors
}
}
{
"data": {
"updateAccount": {
"success": true,
"errors": null
}
}
}
See documentation for more details.
Requres authentication by sending token in header
Header
header = {"Content-Type": "application/json", "Authorization": f"JWT {TOKEN}"}
Request
mutation {
passwordReset(
token: "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbWFpbCI6Imxpc2Fsb3VAdW5pLWhkLmRlIiwiZXhwIjoxNjI4NDQzNjc2LCJvcmlnSWF0IjoxNjI4NDQzMzc2fQ.SyQFNdccgxPnmMPtTmTKcOsNrhSlcdPVKOkyc-jjcm0",
newPassword1: "supersecretpassword",
newPassword2: "supersecretpassword"
) {
success,
errors
}
}
{
"data": {
"passwordReset": {
"success": true,
"errors": null
}
}
}
See documentation for more details.
mutation {
resendActivationEmail(
email:"test@pledge4future.org",
) {
success,
errors
}
}
{
"data": {
"register": {
"success": true,
"errors": null
}
}
}
Send password reset email. For non verified users, send an activation email instead. Accepts both primary and secondary email. If there is no user with the requested email, a successful response is returned.
See documentation for more details.
mutation {
sendPasswordResetEmail(
email: "test@pledge4future.org"
) {
success,
errors
}
}
{
"data": {
"register": {
"success": true,
"errors": null
}
}
}
Change account password when user knows the old password. A new token and refresh token are sent. User must be verified.
See documentation for more details.
mutation {
passwordChange(
oldPassword: "supersecretpassword",
newPassword1: "123456super",
newPassword2: "123456super"
) {
success,
errors,
token,
refreshToken
}
}
{
"data": {
"passwordChange": {
"success": true,
"errors": null,
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6ImpvZWpvZSIsImV4cCI6MTU4MDE0MjE0MCwib3JpZ0lhdCI6MTU4MDE0MTg0MH0.BGUSGKUUd7IuHnWKy8V6MU3slJ-DHsyAdAjGrGb_9fw",
"refreshToken": "67eb63ba9d279876d3e9ae4d39c311e845e728fc"
}
}
}
Get current user info including info on working group, institution or research field (remove the attribtues which are not needed)
query {
me {
username
email
firstName
lastName
isRepresentative
verified
workingGroup {
id
name
nEmployees
institution {
name
city
state
country
}
field {
field
subfield
}
}
}
}
query {
users {
edges {
node {
username
email
}
}
}
}
GraphQL User Registration and Authentication with JWT Backend (Video Tutorial)
GraphQL User Registration and Authentication with JWT Backend (GitHub Repo)