Tag: authorization
-
Weird behaviour of Apollo client in Nextjs13
0 I’m currently working on a side project (a simple habit tracker) that involves using cookie-based authentication and websockets. I’ve been referring to Apollo’s documentation and have tried using useSuspenseQuery, but I’m encountering an issue that I can’t quite figure out. I’ve followed the documentation’s guidelines, but my queries always return unauthorized responses. This seems…
-
How to create custom Authorization Attribute for GraphQL Endpoints to allow users base on their “permission” claim in access token
0 I’m currently working on a .NET Core project that utilizes both regular API endpoints and GraphQL endpoints using HotChocolate. I implemented the authentication for both endpoints and it working. [Authorize] // this attribute from using Microsoft.AspNetCore.Authorization; [HttpPost("GetCountryHolidays")] public async Task<IList<GetCountryDetails>> GetHolidays(GetHolidaysCommand command) { return await _mediator.Send(command); } Graphql endpoint [Authorize] // this attribute from…
-
NestJS – How can dataloaders be used in combination with GraphQL Shield?
0 I recently found that because I have asynchronous calls being made in some of my shield rules, it’s causing my dataloader batch functions to be called multiple times, when they should only be called once, which leaves me with the N+1 problem. I believe this is due to how the dataloader library requires that…
-
Misunderstanding about microservices authentication and authorization
0 I have three graphql microservices gateway (@mercurius/gateway) user-service travels service. My thoughts for implementation. When a client (react-native app) send a request to register a user, the api gateway allows it to hit user-service without authentication. Once at the user-service, the user is created and token is issued and send back to the client.…
-
How to correctly restrict access to nested content in Neo4J-GraphQL?
0 I’d like to implement a basic Post system, such as described in the documentation. A Post is related to a user, I’d like a Post to be only created/updated/deleted by its author. type Post { title: String! content: String! author: User! @relationship(type: "AUTHORED", direction: IN) } type User @authorization(validate: [{ when: [BEFORE], where: {…
