Authentication - Githubissues

dotansimha / graphql-yoga

🧘 Rewrite of a fully-featured GraphQL Server with focus on easy setup, performance & great developer experience. The core of Yoga implements WHATWG Fetch API and can run/deploy on any JS environment.

https://the-guild.dev/graphql/yoga-server

MIT License

8.21k stars 569 forks source link

Authentication #122

Closed sys13 closed 5 years ago

sys13 commented 6 years ago

Would be cool to have an example that shows how to set up auth with passport, maybe with JWT. Even cooler if it was in the framework.

bkniffler commented 6 years ago

Resolving https://github.com/graphcool/graphql-yoga/issues/123 might help with your issue. Though I don't think this will be implemented in the core of graphql-yoga, since authentication is kind of a broad subject and there are many ways to implement authentication. Anyways, an example with JWT would be neat.

kbrandwijk commented 6 years ago

There will be a separate, JWT based GraphQL middleware library, that you can easily use with yoga. WIP.

bkniffler commented 6 years ago

But will it work with lambda? ;) Thats the key point to using promiseable context, would be universally applicable to express and lambda.

jhalborg commented 6 years ago

@kbrandwijk - Any link to the WIP to see what's in the making? :-)

And +1 for Lambda use, @bkniffler

0xDaksh commented 6 years ago

Ways to Authenticate

Express Session.
Manually Using Cookies.
JWT Directly.
JWT in Cookies.

0xDaksh commented 6 years ago

@sys13 I'll try to make a framework for it or atleast a few boilerplates later this week.

0xDaksh commented 6 years ago

Express-Session Example: https://github.com/graphcool/graphql-yoga/pull/256

schickling commented 6 years ago

@sys13 has #256 answered your question or are you still looking for other authentication workflows?

geminiyellow commented 6 years ago

is there example for how to use passport-oauth2 + graphql-yoga ? i dont know why, but i cannot get passport session's isAuthenticated in graphql post request.

codepunkt commented 6 years ago

i'd be interested in exchanging best practices to token-only stateless auth without sessions or cookies. what would be most interesting is doing this on top of passport and combining both username/password signup and signin aswell as identity provider signin.

mwilc0x commented 6 years ago

I'm working on a passport example (doing third party oauth through a service like spotify). I''m working out how to get the auth token through context now. If anyone has figured this out with passport please chime in!

shreyansh-zazz commented 6 years ago

Any update on how to implement Auth using JWT?

mwilc0x commented 6 years ago

@shreyansh-zazz I did a writeup on how I solved for an app I am working on.

phuongthuan commented 5 years ago

@geminiyellow same problem.

stale[bot] commented 5 years ago

Due to inactivity of this issue we have marked it stale. It will be closed if no further activity occurs.

stale[bot] commented 5 years ago

Due to inactivity of this issue we have marked it stale. It will be closed if no further activity occurs.

stale[bot] commented 5 years ago

Hey :wave:, It seems like this issue has been inactive for some time. In need for maintaining clear overview of the issues concerning the latest version of graphql-yoga we'll close it. Feel free to reopen it at any time if you believe we should futher discuss its content. :slightly_smiling_face: