This repository has been archived by the owner on May 26, 2022. It is now read-only.
Support for federated services #10
Comments
|
I'm not entirely sure that the changes I've proposed directly fix the issues that you've mentioned, but is should remove the required verification of tokens. If there's any other changes needed to make that work I'd love to hear them. |
|
That is a big improvement, might use that in the future. For now we've forked the module so that our services don't have to use JWTs at all. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I would like to use this library, especially is it is included in neo4j-graphql-js by default, but we use a federated architecture with one gateway handling the authentication and then making subqueries to the individual services. So while it would still be nice to let the individual services decide which fields need auth, it's unnecessary to have each service validate the JWT, since they're only accessible through the gateway. What I'm saying is, it'd be nice to be able to turn JWTs off and just add the required context variables to the request as plain objects, and trust the that the gateway has already verified the authenticity of the claims.
The text was updated successfully, but these errors were encountered: