graphql-python
diff --git a/‎.gitignore
Lines changed: 13 additions & 0 deletions b/‎.gitignore
Lines changed: 13 additions & 0 deletions
diff --git a/‎docs/authorization.rst
Lines changed: 40 additions & 1 deletion b/‎docs/authorization.rst
Lines changed: 40 additions & 1 deletion
diff --git a/‎docs/conf.py
Lines changed: 1 addition & 1 deletion b/‎docs/conf.py
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/index.rst
Lines changed: 2 additions & 1 deletion b/‎docs/index.rst
Lines changed: 2 additions & 1 deletion
@@ -65,3 +65,16 @@ target/
 # Databases
 *.sqlite3
 .vscode
+
+# swap
+[._]*.s[a-v][a-z]
+[._]*.sw[a-p]
+[._]s[a-v][a-z]
+[._]sw[a-p]
+# session
+Session.vim
+# temporary
+.netrwhist
+*~
+# auto-generated tag files
+tags
@@ -1,7 +1,7 @@
 Authorization in Django
 =======================
 
-There are two main ways you may want to limit access to data when
+There are several ways you may want to limit access to data when
 working with Graphene and Django: limiting which fields are accessible
 via GraphQL and limiting which objects a user can access.
 
@@ -34,6 +34,20 @@ This is easy, simply use the ``only_fields`` meta attribute.
             only_fields = ('title', 'content')
             interfaces = (relay.Node, )
 
+conversely you can use ``exclude_fields`` meta atrribute.
+
+.. code:: python
+
+    from graphene import relay
+    from graphene_django.types import DjangoObjectType
+    from .models import Post
+
+    class PostNode(DjangoObjectType):
+        class Meta:
+            model = Post
+            exclude_fields = ('published', 'owner')
+            interfaces = (relay.Node, )
+
 Queryset Filtering On Lists
 ---------------------------
 
@@ -108,3 +122,28 @@ method to your ``DjangoObjectType``.
             if post.published or context.user == post.owner:
                 return post
             return None
+
+Adding login required
+---------------------
+
+If you want to use the standard Django LoginRequiredMixin_ you can create your own view, which includes the ``LoginRequiredMixin`` and subclasses the ``GraphQLView``:
+
+.. code:: python
+
+    from django.contrib.auth.mixins import LoginRequiredMixin
+    from graphene_django.views import GraphQLView
+
+
+    class PrivateGraphQLView(LoginRequiredMixin, GraphQLView):
+        pass
+
+After this, you can use the new ``PrivateGraphQLView`` in ``urls.py``:
+
+.. code:: python
+
+    urlpatterns = [
+      # some other urls
+      url(r'^graphql', PrivateGraphQLView.as_view(graphiql=True, schema=schema)),
+    ]
+
+.. _LoginRequiredMixin: https://docs.djangoproject.com/en/1.10/topics/auth/default/#the-loginrequired-mixin
@@ -63,7 +63,7 @@
 
 # General information about the project.
 project = u'Graphene Django'
-copyright = u'Graphene 2016'
+copyright = u'Graphene 2017'
 author = u'Syrus Akbary'
 
 # The version info for the project you're documenting, acts as replacement for
 
@@ -6,7 +6,8 @@ Contents:
 .. toctree::
    :maxdepth: 0
 
-   tutorial
+   tutorial-plain
+   tutorial-relay
    filtering
    authorization
    debug