-
Notifications
You must be signed in to change notification settings - Fork 52
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to use Express Middleware for Authentication/Authorization. #186
Comments
Upon closer inspection, i have figured this out. However the README should be updated as the const schema = getSchema([User], { hooks: {
singular: {
pre: (next, root, args, request)=> {
console.log(root.request.user); // => { email: 'user@example.com' }
console.log(request); // => undefined
next();
},
post: (next, value)=> {
//...
next();
}
}
}}); Perhaps the shifted signature of graphql@0.6.2 has something to do with it. Here's the signature at 0.6.2: graphql(schema, requestString, rootValue, contextValue, variableValues, operationName) { And here's what graffiti passes: return graphql(schema, query, { request }, context, parsedVariables)... at L41 |
@cellis for
actually
And |
@tothandras I'm not sure PR for read me is enough, something really wrong there const hooks = {
viewer: {
pre: (next, args, foo, context, options) => {
console.log(options.rootValue.request.user);
next()
},
post: (next, value) => {
next()
}
},
singular: {
pre: (next, root, args, request, options) => {
console.log(options.rootValue.request.user);
next();
},
post: (next, value, args, context) => {
next();
}
},
plural: {
pre: (next, root, args, request, options) => {
console.log(options.rootValue.request.user);
next();
},
post: (next, value, args, context) => {
next();
}
},
mutation: {
pre: (next, args, context, options) => {
console.log(options.rootValue.request.user);
next();
},
post: (next, value, args, context) => {
next();
}
}
}
module.exports = hooks Somehow nested viewer change an order of arguments, and here's a problem plural: {
pre: (next, root, args, request, options) => {
// Normal plural query will return `root.request.user` properly
// But mutation with viewer plural will return `{_type: "Viewer", id: "viewer"}`
// and `root.request` will be `undefined`
console.log(root.request.user);
// Working both query, mutation
console.log(options.rootValue.request.user);
next();
} Took me a day to figure this out 🤕 |
Hi, I'm wondering how to do authorization with Express Middleware. I know the docs suggest using the
hooks
provided, but I'm unsure how to proceed with e.g. a passport-js enabled api. How, for example, do I pass thereq.user
to the context, as suggested In this article. TLDR; i'm looking for how to do something like this:Because
graffiti-express
/graffiti-mongoose
abstracts over the graphql library and provides itself as middleware, I'm not sure how to insert thereq.user
.I've read the README, but understanding how the
hooks
work is also somewhat difficult to an uninitiated user. What are the meanings ofsingular
,viewer
,plural
, andmutation
and why do we need to provide each of them? How could I use therequest
argument in conjuction withpassport.authenticate
to authenticate the user?Any help appreciated!
The text was updated successfully, but these errors were encountered: