npm
Sign UpSign In

nexus-plugin-jwt-auth
TypeScript icon, indicating that this package has built-in type declarations

1.4.0 • Public • Published

header

Contents

Installation

npm install nexus-plugin-jwt-auth

Example Usage

Find full examples using both the built in permissions system or by leveragering nexus-plugin-shield:

Setup

// app.ts
 
import { use } from 'nexus'
import { auth } from 'nexus-plugin-jwt-auth'
 
// Enables the JWT Auth plugin without permissions
use(auth({
  appSecret: "<YOUR SECRET>" // optional if using custom verify function
}))

You may now access the token object and it's properties on the Nexus context.

Permissions

Basic permissions can be added too.

// app.ts
 
import { use } from 'nexus'
import { auth } from 'nexus-plugin-jwt-auth'
 
// Define the paths you'd like to protect
const protectedPaths = [
    'Query.me',
    'Query.filterPosts',
    'Query.post',
    'Mutation.createDraft',
    'Mutation.deletePost',
    'Mutation.publish'
]
 
// Enables the JWT Auth plugin with permissions
use(auth({
  appSecret: "<YOUR SECRET>", // optional if using custom verify function
  protectedPaths // optional
}))

Stored Properties

You can also access properties stored in the token.

In this example I sign the token on signup or login then store the userId in the token to be accessed directly in a query or mutation to find the authed user.

// Query.ts
 
import { schema } from 'nexus'
 
schema.queryType({
  definition(t) {
    t.field('me', {
      type: 'User',
      async resolve(_root, _args, ctx) {
        const account = await ctx.db.user.findOne({
          where: {
            id: ctx.token.userId // This is the token object passed through the context
          }
        })
 
        if (!user) {
          throw new Error('No such user exists')
        }
 
        return user
      }
    })
  }
})

Use cookie instead of Authorization header

import { use, server } from "nexus"
import cookieParser from "cookie-parser" // Set esModuleInterop: true in tsconfig.json
 
// Add the cookie-parser middleware to Express
server.express.use(cookieParser())
 
// Enables the JWT Auth plugin with cookies
use(auth({
  // ...
  useCookie: true,
  cookieName: "token"
}))

Don't forget to set credentials: true in your GraphQL client or the cookie will not be sent to the server.

Contributing

Please read CONTRIBUTING.md

License

FOSSA Status

Readme

Keywords

none

Package Sidebar

Install

npm i nexus-plugin-jwt-auth

Weekly Downloads

23

Version

1.4.0

License

MIT

Unpacked Size

12 kB

Total Files

15

Last publish

Collaborators

  • camji55
Try on RunKit
Report malware