与阿波罗服务器一起使用时如何处理“ graphql-redis-subscriptions”身份验证的任何想法

debugcn 发表于 Dev

痛点

我正在使用https://github.com/davidyaha/graphql-redis-subscriptions中的'graphql-redis-subscriptions' 。给出了一些有关如何设置订阅的示例，它们实际上是有效的，但是我面临的问题是如何进行身份验证并仅允许登录的客户端用户监听订阅。我正在使用Apollo服务器来提供graphql api，如下所示：

const server = new ApolloServer({
            schema,
            dataSources,
            context: async ({ req, connection }) => {
                if (connection) {
                    return {
                        ...connection.context
                    };
                }

                const token = req.headers[API_TOKEN];

                return {
                    premiumAuth: token
                };
            },
        });
        server.listen(5000);

幻灯片放映

context选项中的Authenticatedapollo-server用于HTTP协议请求身份验证。这意味着它将保护/graphql端点免遭未经身份验证的访问。例如

  const contextFunction: ContextFunction<IContextFunctionParams, IConnectors<IMemoryDB>> = (
    context: IContextFunctionParams,
  ): Context<IAppContext> => {
    const { req, connection } = context;
    if (connection) {
      return connection.context;
    } else {
      const token: string = validateToken(req);
      const userConnector = new UserConnector<IMemoryDB>(memoryDB);
      let user: IUser | undefined;
      try {
        const userType: UserType = UserType[token];
        user = userConnector.findUserByUserType(userType);
      } catch (error) {
        throw error;
      }
      return {
        requestingUser: user,
        locationConnector: new LocationConnector<IMemoryDB>(memoryDB),
        userConnector,
        templateConnector: new TemplateConnector<IMemoryDB>(
          memoryDB,
          pubsub,
          // postgresPubSub,
        ),
      };
    }
  };

对于WebSocket协议连接，graphql预订依赖于此。您需要在subscriptions.onConnect方法内部进行身份验证，例如

const server = new ApolloServer({
    typeDefs,
    resolvers,
    context: contextFunction,
    introspection: true,
    subscriptions: {
      onConnect: (
        connectionParams: IWebSocketConnectionParams,
        webSocket: WebSocket,
        connectionContext: ConnectionContext,
      ) => {
        console.log('websocket connect');
        console.log('connectionParams: ', connectionParams);
        if (connectionParams.token) {
          const token: string = validateToken(connectionParams.token);
          const userConnector = new UserConnector<IMemoryDB>(memoryDB);
          let user: IUser | undefined;
          try {
            const userType: UserType = UserType[token];
            user = userConnector.findUserByUserType(userType);
          } catch (error) {
            throw error;
          }

          const context: ISubscriptionContext = {
            // pubsub: postgresPubSub,
            pubsub,
            subscribeUser: user,
            userConnector,
            locationConnector: new LocationConnector<IMemoryDB>(memoryDB),
          };

          return context;
        }

        throw new Error('Missing auth token!');
      },
      onDisconnect: (webSocket: WebSocket, connectionContext: ConnectionContext) => {
        console.log('websocket disconnect');
      },
    },
  });

源代码：https : //github.com/mrdulin/apollo-graphql-tutorial/tree/master/src/subscriptions

本文收集自互联网，转载请注明来源。

如有侵权，请联系[email protected] 删除。