堆栈内存溢出
  简体   繁体   English

Graphql 盾返回未授权允许突变

[英]Graphql shield returns Not Authorised for allowed mutation

 原文  2021-08-31 19:57:18       javascript/ node.js/ express/ graphql/ apollo-server

问题描述

I am trying to implement GraphQL API using apollo-server-express.我正在尝试使用 apollo-server-express 实现 GraphQL API。 I want to manage permissions by graphql-shield middleware but I am having issues with allowing execution of mutations.我想通过 graphql-shield 中间件管理权限,但我在允许执行突变时遇到问题。 My goal is to have JWT based authentication but to allow execution of some queries/mutations to unauthenticated users which is needed for register/login mutations.我的目标是拥有基于 JWT 的身份验证,但允许对未经身份验证的用户执行一些查询/突变,这是注册/登录突变所需的。 There for I am using default allow rule.因为我正在使用默认的allow规则。 But when I try to run login mutation, I receive Not Authorised!但是当我尝试运行登录突变时,我收到未授权! error.错误。 I have no clue why is that.我不知道为什么会这样。 The rule works fine with queries.该规则适用于查询。

Thank you for the answer.谢谢你的回答。

Server服务器

import express from "express";
import cors from "cors";
import { ApolloServer, makeExecutableSchema } from "apollo-server-express";
import config from "./config";
import mockResolver from "./resolvers/mockResolver";
import typeDefs from "./graphql/typeDefs";
import { applyMiddleware } from "graphql-middleware";
import permissions from "./graphql/permissions";

const app = express();
app.use(cors());

const server = new ApolloServer({
  schema: applyMiddleware(
    makeExecutableSchema({ typeDefs, resolvers: mockResolver }),
    permissions
  ),
  playground: true,
  introspection: true,
});

server.applyMiddleware({ app, path: "/graphql" });
app.listen(config.PORT, () =>
  console.log("Server listening at http://localhost:%s", config.PORT)
);

TypeDefs类型定义

import { gql } from "apollo-server";

const typeDefs = gql`
  type User {
    id: Int!
    email: String!
    password: String!
  }

  type LoginResponse {
    id: String
    email: String
    token: String
  }

  type Query {
    user(id: Int!): User
    users: [User]
  }

  type Mutation {
    login(email: String!, password: String!): LoginResponse
  }
`;

Permissions权限

import { shield, allow } from "graphql-shield";

const permissions = shield({
  Query: {
    users: allow,
  },
  Mutation: {
    login: allow,
  },
});

export default permissions;

1 个解决方案

解决方案1
 0  2021-10-30 21:29:55

const permissions = shield({
  Query: {
    users: allow,
  },
  Mutation: {
    login: allow,
  },
});

to

const permissions = shield({
  Query: {
    users: allow,
  },
  Mutation: {
    login: allow,
  },
},
{
  debug: true
});

and trace to error messages.并跟踪错误消息。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 GraphQL突变仅返回一个结果 - GraphQL mutation returns only one result Graphql创建1个突变的2个条目 - Graphql Creating 2 entries with 1 mutation GraphQl突变错误结果 - GraphQl mutation wrong result GraphQL 另一个突变的结果 - GraphQL result for another mutation GraphQL / graphcool-关系突变 - GraphQL/graphcool - Mutation for relation graphql 突变中无法识别的参数 - Unrecognized arguments in graphql mutation Graphql嵌套变异 - Graphql nested Mutation Graphql 通用突变 - Graphql generic mutation Apollo GraphQL 嵌套变异 - Apollo GraphQL Nested Mutation GraphQL验证错误突变 - GraphQL Validation Error on mutation
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM