I would a custom field to have access to auth variables, such that we don’t need to check for authorization at the front-end layer.
For the following schema
type User {
id: ID!
displayName: String!
post: [Post] @hasInverse(field: owner)
}
type Post {
id: ID!
title: String!
content: String!
isEditable: Boolean # this should return whether the current user is the same as owner
owner: User!
}
Is there a way to let isEditable resolve to true when the current user is the owner of the post and resolve to false otherwise?
I have checked @lambda but I don’t see how I can access the data of the current user
Since the use of atob is deprecated (see here to see why), I am using Buffer instead to decode the JWT payload. Unfortunately, it seems that Dgraph Lambda does not support Buffer out of the box and thus you would have to deploy locally using webpack to include Buffer within the bundle. Here’s a snippet which works for me to decode the payload:
Install Buffer
yarn add buffer
Parsing token and returning the payload
Get the token from the authHeader param with const token = authHeader.value.