Auth variables access on custom resolver

jdgamble555 · April 27, 2021, 12:18pm

In a custom lambda, you can access the authHeader directly, although I think they eventually plan to support @auth fields:

How do I protect certain fields with Slash GraphQL

function myHandler({parents, authHeader}) {
  const headerName = authHeader.key;
  const headerValue = authHeader.value;
  const [algo, claimsBase64, signature] = headerValue.split(".")
  const claims = JSON.parse(atob(claimsBase64));
}

And you can repass the header to another graphql request like so:

Enforce one field based on another - kebab-case example

 const secretResults = await graphql(
   `query myQueryName ($ids: [ID!]) { queryMyType(filter: { id: $ids }) { id controlledEdge { myField } }> }`,
   { ids },
   {
     key: 'X-My-App-Auth'
     value: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwczovL215LmFwcC5pby9qd3QvY2xhaW1zIjp7IlVTRVIiOiJmb28ifSwiZXhwIjoxODAwMDAwMDAwLCJzdWIiOiJ0ZXN0IiwibmFtZSI6IkpvaG4gRG9lIDIiLCJpYXQiOjE1MTYyMzkwMjJ9.wI3857KzwjtZAtOjng6MnzKVhFSqS1vt1SjxUMZF4jc'
   }
 );

J

Topic		Replies	Views
Use JWT in Slash Lambda Field Dgraph Cloud / Slash GraphQL kind:feature , lambda	6	1090	July 30, 2021
How to handle Authorization with @custom queries GraphQL	7	1243	November 10, 2020
[Bug] @auth on interface does not respect or-rules GraphQL status:accepted , kind:bug , ticket:created	4	650	February 8, 2021
Lambda Field Resolvers: Add fields from complex childs GraphQL kind:enhancement , lambda	0	585	May 7, 2021
WIP: Auth rules custom DQL query Dev graphql , rfc	7	1306	August 4, 2021

Auth variables access on custom resolver

Related Topics