Last active
April 15, 2018 18:29
-
-
Save pedroraft/5c6e0e5e3b32bc02727ae2bc64ce9896 to your computer and use it in GitHub Desktop.
medium tutorial graphql auth, passing the token to resolvers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const jwt = require('jsonwebtoken') | |
//... | |
const makeContext = (req) => { | |
if (!req.event || !req.event.headers || !req.event.headers.Authorization) { | |
return {} // no auth yet | |
} | |
const token = req.event.headers.Authorization; | |
const decoded = jwt.verify( | |
token.replace('Bearer ', ''), | |
'secret' | |
); | |
return {jwt: {...decoded}} | |
// Now the token roles will be avaliable in context.jwt.roles | |
} | |
const server = new GraphQLServer({ | |
typeDefs, | |
resolvers, | |
context: req => ({ ...makeContext(req) | |
}) | |
}) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment