graphql-auth-directives-unsigned
This is a fork of graphql-auth-directives which does not parse of verify any JWTs. Everything is plain text objects. The authenticity of the claims should be verified before reaching this library! If you don't have a specific need of separating the verification of authenticity from the authorization check, you should use graphql-auth-directives instead!
Add authentication to your GraphQL API with schema directives.
Schema directives for authorization
- [ ]
@isAuthenticated
- [ ]
@hasRole
- [ ]
@hasScope
Quick start
npm install --save graphql-auth-directives-unsigned
Then import the schema directives you'd like to use and attach them during your GraphQL schema construction. For example using neo4j-graphql.js' makeAugmentedSchema
:
import { IsAuthenticatedDirective, HasRoleDirective, HasScopeDirective } from "graphql-auth-directives";
const augmentedSchema = makeAugmentedSchema({
typeDefs,
schemaDirectives: {
isAuthenticated: IsAuthenticatedDirective,
hasRole: HasRoleDirective,
hasScope: HasScopeDirective
}
});
The @hasRole
, @hasScope
, and @isAuthenticated
directives will now be available for use in your GraphQL schema:
type Query {
userById(userId: ID!): User @hasScope(scopes: ["User:Read"])
itemById(itemId: ID!): Item @hasScope(scopes: ["Item:Read"])
}
Be sure to inject the relevant variables into the GraphQL resolver context. For example, with Apollo Server:
const server = new ApolloServer({
schema,
context: ({ req }) => {
const user = req.headers.user && JSON.parse(req.headers.user);
return { user };
}
});