Open Dev-Dipesh opened 5 years ago
Hey @Dev-Dipesh
Prisma server link http://localhost:4466 from Docker is accessible without setting any header. How can I secure that?
For a production environment, you probably need to use a VPC (e.g, whitelisting your GraphQL API to your container).
But even if accessed directly, http://localhost:4466/app/dev should not return any schema as there's no Authorization header.
2. When Graphql Shield is disabled I can query documents on http://localhost:1337 by setting the Authorization header, obtained by using the command prisma token. The problem appears when I enable Graphql Shield. After this for any and all requests I'm getting: "message": "Not Authorised!"
even for the resolvers that are marked as allow.
Do you have a repository reproduction for this one?
You actually don't need to use the prisma token
when querying directly the application, have you tried to use a token from the login function instead?
I have deployed the Prisma server locally in Docker with managementApiSecret and also defined it in prisma.yml. Now, there are two issues I'm facing.
Prisma server link
http://localhost:4466
from Docker is accessible without setting any header. How can I secure that?When Graphql Shield is disabled I can query documents on
http://localhost:1337
by setting the Authorization header, obtained by using the commandprisma token
. The problem appears when I enable Graphql Shield. After this for any and all requests I'm getting:even for the resolvers that are marked as allow.
docker-compose.yml
prisma.yml
.env
permissions/index.ts
Thanks for your help 🙏