Graphql-authDirective is a GraphQL-Directive for authenticating specific fields and types on your schema and also checking if the user has a valid scope.
The directive expects a auth
-property on the graphql-context (in most cases the express-request). It should contain a isAuthenticated
Boolean and an array of strings with OAuth scopes on the scope property of the auth object.
{
auth: {
isAuthenticated: true, // or false
scope: ['user:properties:language:*', 'payments:*'],
}
}
If you want to create a middleware which authenticates your user before the graphql schema, make sure to pass the request as a graphql-context to the resolvers. Look at the ApolloServer configuration below to verify your configuration.
Currently this package is only tested with ApolloServer, and will only work with ApolloServer, since it uses apollo-specific errors to alert when the user is not authenticated.
To use it with ApolloServer 2.0 install it, import it and set it as a schema directive in the Server-Configuration:
npm i @wasc/graphql-authDirective
import authenticateDirective from '@wasc/graphql-authDirective';
const { authDirectiveTypeDefs, authDirectiveTransformer } =
authenticateDirective('authenticated');
const schema = makeExecutableSchema({
typeDefs: [authDirectiveTypeDefs, typeDefs]
resolvers,
/**
* This one is important, if you are using a middleware to check the users token
* and set the auth object (described above), make sure to include the request
* as the graphql-context
*/
context: ({ req }) => req,
});
const authenticatedSchema = authDirectiveTransformer(schema);
you can now specify the authentication of specific fields and Types
type Query {
language: String! @authenticated(scope: ["user:properties:language:read"])
}
This was made by Wasc