Settings

Django-graphql-jwt reads your configuration from a single Django setting named GRAPHQL_JWT:

GRAPHQL_JWT = {
    'JWT_VERIFY_EXPIRATION': True,
    'JWT_EXPIRATION_DELTA': timedelta(minutes=10),
}

Here’s a list of settings available in django-graphql-jwt and their default values:

PyJWT

JWT_ALGORITHM

Algorithm for cryptographic signing

Default: 'HS256'

JWT_AUDIENCE

Identifies the recipients that the JWT is intended for

Default: None

JWT_ISSUER

Identifies the principal that issued the JWT

Default: None

JWT_LEEWAY

Validate an expiration time which is in the past but not very far

Default: timedelta(seconds=0)

JWT_SECRET_KEY

The secret key used to sign the JWT

Default: settings.SECRET_KEY

JWT_VERIFY

Secret key verification

Default: True

JWT_ENCODE_HANDLER

A custom function to encode the token

jwt_encode(payload, context=None)[source]

JWT_DECODE_HANDLER

A custom function to decode the token

jwt_decode(token, context=None)[source]

JWT_PAYLOAD_HANDLER

A custom function to generate the token payload

jwt_payload(user, context=None)[source]

JWT_PAYLOAD_GET_USERNAME_HANDLER

A custom function to obtain the username:

lambda payload: payload.get(get_user_model().USERNAME_FIELD)

Token expiration

JWT_VERIFY_EXPIRATION

Expiration time verification

Default: False

JWT_EXPIRATION_DELTA

Timedelta added to utcnow() to set the expiration time

Default: timedelta(minutes=5)

Refresh token

JWT_ALLOW_REFRESH

Enable token refresh

Default: True

JWT_REFRESH_EXPIRATION_DELTA

Limit on token refresh

Default: timedelta(days=7)

JWT_LONG_RUNNING_REFRESH_TOKEN

Enable long time running refresh token

Default: False

JWT_REFRESH_TOKEN_MODEL

The model to use to represent a refresh token

class RefreshToken(*args, **kwargs)[source]

RefreshToken default model

JWT_REFRESH_TOKEN_N_BYTES

Refresh token number of bytes

Default: 20

JWT_REFRESH_EXPIRED_HANDLER

A custom function to determine if refresh has expired

refresh_has_expired(orig_iat, context=None)[source]

JWT_GET_REFRESH_TOKEN_HANDLER

A custom function to retrieve a long time refresh token instance

get_refresh_token_by_model(refresh_token_model, token, context=None)[source]

Permissions

JWT_ALLOW_ANY_HANDLER

A custom function to determine the non-authentication per-field

allow_any(info, **kwargs)[source]

JWT_ALLOW_ANY_CLASSES

A list or tuple of Graphene classes that do not need authentication

Default: ()

HTTP header

JWT_AUTH_HEADER_NAME

Authorization header name

Default: 'HTTP_AUTHORIZATION'

JWT_AUTH_HEADER_PREFIX

Authorization header prefix

Default: 'JWT'

Per-argument

JWT_ALLOW_ARGUMENT

Allow per-argument authentication system

Default: False

JWT_ARGUMENT_NAME

Argument name for per-argument authentication system

Default: 'token'