Quick note: The Django already comes with the whole Users concept, you will extend it to accept tokens.
After creating the
users app, define its model – the layer between Django and the database.
To reflect this changes on the database, create a migration and run it.
Unfortunately, there’s an issue here: since you initialized Django with its own
User model, you need to flush the database.
To create a user data must be sent to the server through a mutation.
In this mutation the server will receive a
CreateLink – the mutation returned field by field, now, you are returning a full
User, where the client can ask the fields it wants.
Execute the following code on the GraphiQL interface:
On the response, you already can see the new user. Hurray!
Before authenticating, let’s create a query for listing all users:
To test it, send a query to the server:
In modern web applications – when clients and servers are different applications – authentication generally happens with tokens. The client gets a token during the authentication process and send it on all subsequent requests. One of the most used methods is JWT.
Unfortunately, neither Django or Graphene comes with the token approach builtin, so you are going to use sessions to accomplish the same task. Sessions are little pieces of information the server can store and retrieve from the client.
But keep in mind this method may not be recommend for production systems! Take a loot at JWT if you need to go this way!