Auth variables access on custom resolver

I would a custom field to have access to auth variables, such that we don’t need to check for authorization at the front-end layer.

For the following schema

type User {
  id: ID!
  displayName: String!
  post: [Post] @hasInverse(field: owner)
}
type Post {
  id: ID!
  title: String!
  content: String!
  isEditable: Boolean # this should return whether the current user is the same as owner
  owner: User!
}

Is there a way to let isEditable resolve to true when the current user is the owner of the post and resolve to false otherwise?

I have checked @lambda but I don’t see how I can access the data of the current user

In a custom lambda, you can access the authHeader directly, although I think they eventually plan to support @auth fields:

And you can repass the header to another graphql request like so:

J

1 Like