Closed riddhiftw closed 2 years ago
Why two separate express instances?
Thing is I am using /graphql
for web endpoint which use middleware and authentication with session, while mobile application is being authenticated with JWT Token
only. What should be possibilities other than this?
There's no particular reason you can't support JWT and sessions on the same endpoint - what issue are you facing when you try and do this?
Issue is that when I am attaching JWT middleware, I am getting unauthorized, if I don't add JWT headers, while in API case session cookies won't be there. So I am bit confused as how to merge these two.
You're probably looking for the credentialsRequired: false
option to the JWT middleware. https://github.com/auth0/express-jwt#error-handling
Ah, it was that simple, Thanks @benjie for the help.
Summary
While trying to setup
/api
for API only auth, not able to get websocket working for/graphql
.Additional context
I set up
/api
as separateexpress
instance and managedplugins
includingpassport
for that, I am keeping web withsession
authentication andJWT
for api authentication.While I get
graphql
endpoint for/graphql
and/api/graphql
but websocket is only being enabled with one of the endpoint. Not getting idea as what I should do for this?I would like to hear other ways as well if its possible to implement both type of authentications without doing something so silly that I did.