Django GraphQL Social Auth

Python Social Auth support for Django GraphQL

🚀 Production-Ready social authentication for GraphQL APIs with comprehensive error handling, logging, and security features.

Features

• 🔐 Session & JWT Authentication - Support for both session-based and JWT token authentication
• 🛡️ Enhanced Security - Built-in rate limiting, input validation, and comprehensive error handling
• 📊 Production Monitoring - Detailed logging and error tracking for production environments
• 🔧 Easy Integration - Simple GraphQL mutations with extensive documentation
• 🌐 Multiple Providers - Support for Google, Facebook, GitHub, Twitter, LinkedIn, Apple, and more
• 📚 Comprehensive Docs - Complete setup guides and troubleshooting documentation

Dependencies

• Python ≥ 3.8
• Django ≥ 3.2
• graphene-django ≥ 3.0.0
• social-auth-app-django ≥ 5.0.0

Installation

Install from PyPI:

pip install django-graphene-social-auth

Quick Start

1. Add to Django settings:

INSTALLED_APPS = [
    # ... your apps
    'social_django',
    'graphene_django',
    # ... your apps
]

AUTHENTICATION_BACKENDS = [
    'social_core.backends.google.GoogleOAuth2',
    'social_core.backends.facebook.FacebookOAuth2',
    # ... other backends
    'django.contrib.auth.backends.ModelBackend',
]

# Configure your social providers
SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = 'your-google-client-id'
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = 'your-google-client-secret'

2. Run migrations:

python manage.py migrate

3. Add to your GraphQL schema:

import graphene
import graphql_social_auth

class Mutations(graphene.ObjectType):
    # For session-based authentication
    social_auth = graphql_social_auth.SocialAuth.Field()

    # For JWT authentication (requires django-graphql-jwt)
    # social_auth = graphql_social_auth.SocialAuthJWT.Field()

Usage Examples

GraphQL Mutation (Session Authentication):

mutation SocialAuth($provider: String!, $accessToken: String!) {
  socialAuth(provider: $provider, accessToken: $accessToken) {
    success
    errors
    social {
      uid
      extraData
    }
    user {
      id
      username
      email
    }
  }
}

GraphQL Mutation (JWT Authentication):

mutation SocialAuthJWT($provider: String!, $accessToken: String!) {
  socialAuth(provider: $provider, accessToken: $accessToken) {
    success
    errors
    token
    refreshToken
    social {
      uid
    }
  }
}

Variables:

{
  "provider": "google-oauth2",
  "accessToken": "your-oauth-access-token"
}

Supported Providers

• Google - google-oauth2
• Facebook - facebook
• GitHub - github
• Twitter - twitter
• LinkedIn - linkedin-oauth2
• Apple - apple-id
• Discord - discord
• Microsoft - microsoft-graph

For complete provider setup instructions, see the Authentication backend list.

Production Setup

For production deployment with security best practices, monitoring, and troubleshooting guides, see:

• 📖 Production Setup Guide
• 🔧 Troubleshooting Guide
• ⚙️ Example Settings

Error Handling

The package provides comprehensive error handling with specific error types:

# Example error response
{
  "data": {
    "socialAuth": {
      "success": false,
      "errors": ["Provider 'invalid-provider' not found or not configured"],
      "social": null,
      "user": null
    }
  }
}

Common error types:

• PROVIDER_NOT_FOUND - Invalid or unconfigured provider
• INVALID_TOKEN - Expired or invalid access token
• AUTH_FAILED - Authentication process failed
• RATE_LIMIT_EXCEEDED - Too many requests
• USER_CREATION_FAILED - User creation error

JWT Authentication

For JSON Web Token (JWT) authentication, install the JWT extension:

pip install 'django-graphene-social-auth[jwt]'

Configure JWT in your settings (see example_settings.py for complete configuration):

import datetime

GRAPHQL_JWT = {
    'JWT_EXPIRATION_DELTA': datetime.timedelta(minutes=60),
    'JWT_REFRESH_EXPIRATION_DELTA': datetime.timedelta(days=7),
    'JWT_LONG_RUNNING_REFRESH_TOKEN': True,
}

Use SocialAuthJWT instead of SocialAuth:

import graphene
import graphql_social_auth

class Mutations(graphene.ObjectType):
    social_auth = graphql_social_auth.SocialAuthJWT.Field()

Relay Support

Complete support for Relay:

import graphene
import graphql_social_auth

class Mutations(graphene.ObjectType):
    social_auth = graphql_social_auth.relay.SocialAuth.Field()

Relay mutations accept input arguments:

mutation SocialAuth($input: SocialAuthInput!) {
  socialAuth(input: $input) {
    social {
      uid
    }
  }
}

Customization

Customize the SocialAuth behavior by subclassing SocialAuthMutation:

import graphene
import graphql_social_auth
from myapp.types import UserType

class CustomSocialAuth(graphql_social_auth.SocialAuthMutation):
    user = graphene.Field(UserType)

    @classmethod
    def resolve(cls, root, info, social, **kwargs):
        # Custom logic here
        return cls(
            social=social,
            user=social.user,
            success=True,
            errors=[]
        )

Contributing

We welcome contributions! Please see our GitHub repository for:

• 🐛 Issue tracking
• 💡 Feature requests
• 📝 Pull requests

License

This project is licensed under the MIT License - see the LICENSE file for details.

Acknowledgments

This package is a maintained fork of the original django-graphql-social-auth by @flavors.

Special thanks to @omab for Python Social Auth.