You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi there,
Is is possible to pass authentication via &graph.Resolver{} instead of through context? Having Auth in middleware/context tightly couples it to the implementation (and requires all tests, etc to be blessed with the right context) As well, it would be nice to be able to use the graphql error presenter for eveything including auth, instead of bailing out early in middleware
To do this, I think I need to generate the schema per request, but I'm not sure of the performance penalty here
The text was updated successfully, but these errors were encountered:
I am also interested in this question. Especially since it would also make it easier to manage different GraphQL queries which require different user permissions.
Because GraphQL is transport agnostic we can't assume there will even be an HTTP request, so we need to expose these authentication details to our graph using a middleware.
I suppose, but the question is whether it's even possible for some users. Suppose you're sending an authorization token through a cookie, how will you be able to access it in the root resolver? Since GraphQL is supposed to support both websocket and "normal" HTTP requests, it'll definitely complicate the resolver API to add this functionality.
Of course, there are definitely pros; I wonder what the maintainers think.
Hi there,
Is is possible to pass authentication via
&graph.Resolver{}
instead of through context? Having Auth in middleware/context tightly couples it to the implementation (and requires all tests, etc to be blessed with the right context) As well, it would be nice to be able to use the graphql error presenter for eveything including auth, instead of bailing out early in middlewareTo do this, I think I need to generate the schema per request, but I'm not sure of the performance penalty here
The text was updated successfully, but these errors were encountered: