[英]Any idea on how to handle 'graphql-redis-subscriptions' authentication when used together with apollo-server
I am using 'graphql-redis-subscriptions' from https://github.com/davidyaha/graphql-redis-subscriptions .我正在使用https://github.com/davidyaha/graphql-redis-subscriptions 中的“graphql-redis-subscriptions”。 Several examples are given on how to setup subscriptions and they actually work but the problem I am facing is how can I authenticate and allow the subscription to be only listened by the logged in client user.
给出了几个关于如何设置订阅的示例,它们实际上可以工作,但我面临的问题是如何进行身份验证并允许订阅仅由登录的客户端用户收听。 I am using Apollo-server for serving graphql apis as following:
我使用 Apollo-server 为 graphql apis 提供如下服务:
const server = new ApolloServer({
schema,
dataSources,
context: async ({ req, connection }) => {
if (connection) {
return {
...connection.context
};
}
const token = req.headers[API_TOKEN];
return {
premiumAuth: token
};
},
});
server.listen(5000);
Authenticated in the context
option of apollo-server
is for an HTTP protocol request authentication. apollo-server
的context
选项中的 Authenticated 用于 HTTP 协议请求身份验证。 Which means it will protect the /graphql
endpoint from unauthenticated access.这意味着它将保护
/graphql
端点免受未经/graphql
验证的访问。 Eg例如
const contextFunction: ContextFunction<IContextFunctionParams, IConnectors<IMemoryDB>> = (
context: IContextFunctionParams,
): Context<IAppContext> => {
const { req, connection } = context;
if (connection) {
return connection.context;
} else {
const token: string = validateToken(req);
const userConnector = new UserConnector<IMemoryDB>(memoryDB);
let user: IUser | undefined;
try {
const userType: UserType = UserType[token];
user = userConnector.findUserByUserType(userType);
} catch (error) {
throw error;
}
return {
requestingUser: user,
locationConnector: new LocationConnector<IMemoryDB>(memoryDB),
userConnector,
templateConnector: new TemplateConnector<IMemoryDB>(
memoryDB,
pubsub,
// postgresPubSub,
),
};
}
};
For WebSocket protocol connection, which the graphql subscription depends on.对于WebSocket协议连接,graphql 订阅依赖于此。 You need to authenticate inside the
subscriptions.onConnect
method, eg您需要在
subscriptions.onConnect
方法中进行身份验证,例如
const server = new ApolloServer({
typeDefs,
resolvers,
context: contextFunction,
introspection: true,
subscriptions: {
onConnect: (
connectionParams: IWebSocketConnectionParams,
webSocket: WebSocket,
connectionContext: ConnectionContext,
) => {
console.log('websocket connect');
console.log('connectionParams: ', connectionParams);
if (connectionParams.token) {
const token: string = validateToken(connectionParams.token);
const userConnector = new UserConnector<IMemoryDB>(memoryDB);
let user: IUser | undefined;
try {
const userType: UserType = UserType[token];
user = userConnector.findUserByUserType(userType);
} catch (error) {
throw error;
}
const context: ISubscriptionContext = {
// pubsub: postgresPubSub,
pubsub,
subscribeUser: user,
userConnector,
locationConnector: new LocationConnector<IMemoryDB>(memoryDB),
};
return context;
}
throw new Error('Missing auth token!');
},
onDisconnect: (webSocket: WebSocket, connectionContext: ConnectionContext) => {
console.log('websocket disconnect');
},
},
});
source code: https://github.com/mrdulin/apollo-graphql-tutorial/tree/master/src/subscriptions源代码: https : //github.com/mrdulin/apollo-graphql-tutorial/tree/master/src/subscriptions
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.