Skip to content

denisix/node-express-graphql-auth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
package.json
package.json
 
 
server.js
server.js
 
 

Repository files navigation

node-express-graphql-auth

example of basic auth for graphql queries

this just an example of how we can user GraphQL with user authentication to create new posts / to show user posts To pass the session to the root argument for the solvers, we pass object with the session variable to rootValue:

 .use('/graphql', bodyParser.json(), graphqlHTTP(req => ({
    
    // some code here..
    
    rootValue: { session: req.session },
    
})))

Usage:

 npm i
 npm start

and then open http://localhost:3000/graphql in your browser

GraphQL Queries:

Let's create user, using createUser mutatation request:

mutation {
  createUser(login:"SomeUser", pw:"myPass") {
    _id
    login
    pw
  }
}

Result:

{
  "data": {
    "createUser": {
      "_id": "5d036f8fe9ad5b24efab7eaf",
      "login": "SomeUser",
      "pw": "myPass"
    }
  }
}

and login using the same credentials:

  loginUser(login:"SomeUser", pw:"myPass") {
    _id
    login
    pw
  }
}

Result:

{
  "data": {
    "loginUser": {
      "_id": "5d036f8fe9ad5b24efab7eaf",
      "login": "SomeUser",
      "pw": "myPass"
    }
  }
}

as an authorized user lets createPost:

mutation {
  createPost(title:"First post", content:"this is my first post, just for test!") {
    _id
    title
    content
  }
}

Result:

{
  "data": {
    "createPost": {
      "_id": "5d0378e9e9ad5b24efab7eb0",
      "title": "First post",
      "content": "this is my first post, just for test!"
    }
  }
}

lets query that post directly by _id:

query {
  post(_id:"5d0378e9e9ad5b24efab7eb0") {
    _id
    userId
    title
    content
    comments {
      _id
      postId
      content
    }
  }
}

Result:

{
  "data": {
    "post": {
      "_id": "5d0378e9e9ad5b24efab7eb0",
      "userId": "5d036f8fe9ad5b24efab7eaf",
      "title": "First post",
      "content": "this is my first post, just for test!",
      "comments": []
    }
  }
}

As you can see the userID field was set to your user._id

now lets create comment to the post

mutation {
  createComment(postId:"5d0378e9e9ad5b24efab7eb0", content:"this is my first comment!") {
    _id
    postId
    content
  }
}
{
  "data": {
    "createComment": {
      "_id": "5d0383640172c0552fbd515e",
      "postId": "5d0378e9e9ad5b24efab7eb0",
      "content": "this is my first comment!"
    }
  }
}

query for the posts & comments:

{
  "data": {
    "posts": [
      {
        "_id": "5d0378e9e9ad5b24efab7eb0",
        "userId": "5d036f8fe9ad5b24efab7eaf",
        "title": "First post",
        "content": "this is my first post, just for test!",
        "comments": [
          {
            "_id": "5d0383640172c0552fbd515e",
            "postId": "5d0378e9e9ad5b24efab7eb0",
            "content": "this is my first comment!"
          }
        ]
      }
    ]
  }
}

now, in case user want to logout:

mutation {
  logoutUser(_id:"5d036f8fe9ad5b24efab7eaf")
}

Result:

{
  "data": {
    "logoutUser": true
  }
}

and now try to query, it will give you empty result:

query {
  posts {
    _id
    userId
    title
    content
  }
}

Result:

{
  "data": {
    "posts": null
  }
}

About

example of basic auth for graphql queries

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages