From 281ad689e9f597327fc2943522175ea72d36a28f Mon Sep 17 00:00:00 2001 From: Emma Date: Sun, 13 Jun 2021 10:42:54 +0100 Subject: [PATCH] Update authentication.mdx Words such as "simple" and "easy" are at best irrelevant and at worst distracting -- especially when the lived experience is in fact not at all easy. --- docs/source/networking/authentication.mdx | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/source/networking/authentication.mdx b/docs/source/networking/authentication.mdx index 26187547532..00df3136fbf 100644 --- a/docs/source/networking/authentication.mdx +++ b/docs/source/networking/authentication.mdx @@ -8,7 +8,7 @@ Apollo Client uses the ultra flexible [Apollo Link](https://www.apollographql.co ## Cookie -If your app is browser based and you are using cookies for login and session management with a backend, it's very easy to tell your network interface to send the cookie along with every request. You just need to pass the credentials option. e.g. `credentials: 'same-origin'` as shown below, if your backend server is the same domain or else `credentials: 'include'` if your backend is a different domain. +If your app is browser based and you are using cookies for login and session management with a backend, tell your network interface to send the cookie along with every request. Pass the credentials option e.g. `credentials: 'same-origin'` if your backend server is the same domain, as shown below, or else `credentials: 'include'` if your backend is a different domain. ```js const link = createHttpLink({ @@ -22,7 +22,7 @@ const client = new ApolloClient({ }); ``` -This option is simply passed through to the [`fetch` implementation](https://github.com/github/fetch) used by the HttpLink when sending the query. +This option is passed through to the [`fetch` implementation](https://github.com/github/fetch) used by the HttpLink when sending the query. Note: the backend must also allow credentials from the requested origin. e.g. if using the popular 'cors' package from npm in node.js, the following settings would work in tandem with the above apollo client settings: @@ -37,7 +37,7 @@ app.use(cors(corsOptions)); ## Header -Another common way to identify yourself when using HTTP is to send along an authorization header. It's easy to add an `authorization` header to every HTTP request by chaining together Apollo Links. In this example, we'll pull the login token from `localStorage` every time a request is sent: +Another common way to identify yourself when using HTTP is to send along an authorization header. Add an `authorization` header to every HTTP request by chaining together Apollo Links. In this example, we'll pull the login token from `localStorage` every time a request is sent: ```js import { ApolloClient, createHttpLink, InMemoryCache } from '@apollo/client'; @@ -71,7 +71,7 @@ The server can use that header to authenticate the user and attach it to the Gra Since Apollo caches all of your query results, it's important to get rid of them when the login state changes. -The easiest way to ensure that the UI and store state reflects the current user's permissions is to call `client.resetStore()` after your login or logout process has completed. This will cause the store to be cleared and all active queries to be refetched. If you just want the store to be cleared and don't want to refetch active queries, use `client.clearStore()` instead. Another option is to reload the page, which will have a similar effect. +The most straightforward way to ensure that the UI and store state reflects the current user's permissions is to call `client.resetStore()` after your login or logout process has completed. This will cause the store to be cleared and all active queries to be refetched. If you just want the store to be cleared and don't want to refetch active queries, use `client.clearStore()` instead. Another option is to reload the page, which will have a similar effect. ```jsx const PROFILE_QUERY = gql`