Using MutateOperationContext Extension for authentication #1830
Replies: 9 comments
-
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
Beta Was this translation helpful? Give feedback.
-
Anyone having feedback on this? |
Beta Was this translation helpful? Give feedback.
-
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
Beta Was this translation helpful? Give feedback.
-
I am currently in a similar situation. I want to do the authentication in the middleware and ignore auth for specific queries/mutations (login for example). Your approach would be a great help. Or are there other ways to do this? |
Beta Was this translation helpful? Give feedback.
-
@micharaze The approach above is working, and I did not have any drawback yet about it. |
Beta Was this translation helpful? Give feedback.
-
@andygrunwald Operation.Name holds the alias name of the query which can be anything sent by client. |
Beta Was this translation helpful? Give feedback.
-
@ankitgaur573 This makes sense. Thanks for the information. Do you have any recommendations on what to use instead? |
Beta Was this translation helpful? Give feedback.
-
@andygrunwald I was hoping that a solution like yours can make one-stop solution for masking all the resolver functions but there is alias issue. Then i tried getting the operation name from selectionSet root name but then I was hit by another issue which is, the clients can send multiple queries in query combined, then you get multiple selectionSets in array. |
Beta Was this translation helpful? Give feedback.
-
This is more a question / ask if you would be interested in a doc Pull Request.
Furthermore, I would like to know if you think this is a valuable way to go or if I misuse a system feature.
Setup
What is needed?
In my use-case, I need particular query types protected via a user login.
I was following https://gqlgen.com/recipes/authentication/.
This solution works but might lead to a lot of code, once you have a lot of queries and mutation.
Alternative solution: MutateOperationContext Extension
Server creation:
Authentication extension:
What do you think?
Is this a possible way to go?
or do I misuse a feature?
And would you be interested in a documentation PR?
Please let me know what you think (all, also the community)
Beta Was this translation helpful? Give feedback.
All reactions