docs: recommend auth in onConnect [skip ci]

ilijaNL · May 2, 2022 · 45d1649 · 45d1649
1 parent 84e61da
commit 45d1649
Showing 1 changed file with 2 additions and 11 deletions.
diff --git a/README.md b/README.md
@@ -1018,17 +1018,13 @@ function handleAuth(request: http.IncomingMessage) {
 const gqlServer = makeServer<Extra>({
   schema,
   onConnect: async (ctx) => {
-    // do your auth on every connect
+    // do your auth on every connect (recommended)
     await handleAuth(ctx.extra.request);
   },
   onSubscribe: async (ctx) => {
     // or maybe on every subscribe
     await handleAuth(ctx.extra.request);
   },
-  onNext: async (ctx) => {
-    // haha why not on every result emission?
-    await handleAuth(ctx.extra.request);
-  },
 });
 
 // create websocket server
@@ -1713,7 +1709,7 @@ useServer(
   {
     schema,
     onConnect: async (ctx) => {
-      // do your auth check on every connect
+      // do your auth check on every connect (recommended)
       if (!(await isTokenValid(ctx.connectionParams?.token)))
         // returning false from the onConnect callback will close with `4403: Forbidden`;
         // therefore, being synonymous to ctx.extra.socket.close(4403, 'Forbidden');
@@ -1724,11 +1720,6 @@ useServer(
       if (!(await isTokenValid(ctx.connectionParams?.token)))
         return ctx.extra.socket.close(CloseCode.Forbidden, 'Forbidden');
     },
-    onNext: async (ctx) => {
-      // why not on every result emission? lol
-      if (!(await isTokenValid(ctx.connectionParams?.token)))
-        return ctx.extra.socket.close(CloseCode.Forbidden, 'Forbidden');
-    },
   },
   wsServer,
 );