0.0.6 • Published 10 months ago

@baijanstack/graphql-rp-directive v0.0.6

Weekly downloads
-
License
MIT
Repository
github
Last release
10 months ago

graphql-rp-directive

This is used to do authorization in graphql using directives. You can use permission based directive to implement the authorization using this package as per your requirements.

Usage

  1. Install the dependency.
npm install @baijanstack/graphql-rp-directive
  1. Update your typedefs with the necessary directive.
const typedefs = gql`
  directive @hasPermission(permissions: [String!]) on FIELD_DEFINITION | OBJECT

  # your other typedefs
  # ...
`;
  1. Create your role and permission data.
import { getAuthorizedSchema, TRolePermission } from '@baijanstack/graphql-rp-directive';

const rolePermissionsData: TRolePermission = {
  ADMIN: {
    permissions: ['READ_SECURE_DATA', 'READ_RESTRICTED_FIELD', 'READ_MUTATION_RESPONSE', 'CREATE_FIELD'],
  },
  PUBLIC: {
    permissions: ['READ_MUTATION_RESPONSE'],
  },
};
  1. Create your executable schema with your typedefs and resolvers.
const schema = makeExecutableSchema({
  typeDefs,
  resolvers,
});
  1. Add the permission directives to your schema.
const schemaWithPermissionDirective = getAuthorizedSchema(schema, {
  rolePermissionsData,
});
  1. Pass schemaWithPermissionDirective as schema to your graphql server and return the user object from the context.
const server = new ApolloServer<{
  user: {
    roles: Array<string>;
  };
}>({
  schema: schemaWithPermissionDirective,
  context: {
    user: {
      roles: ['PUBLIC'],
    },
  },
});

  1. By default, all your resolvers request will be denied unless you specify the directive on the field or object.

  2. Apply directives to your typedefs.

const typeDefs = `
directive @hasPermission(permissions: [String!]) on FIELD_DEFINITION | OBJECT

type Query {
  # this api will be denied request because it is missing the directive
  publicFields: PublicField
  restrictedFields: RestrictedField @hasPermission(permissions: ["READ_RESTRICTED_FIELD"])
  secureFields: SecureField @hasPermission(permissions: ["READ_SECURE_DATA"])
}

type PublicField {
  name: String!
}

type RestrictedField {
  name: String!
}

type SecureField @hasPermission(permissions: ["READ_SECURE_DATA"]) {
  name: String!
  email: String!
}

type Mutation {
  createFields(id: Int!): MutationResponse! @hasPermission(permissions: ["CREATE_FIELD"])
}

type MutationResponse @hasPermission(permissions: ["READ_MUTATION_RESPONSE"]) {
  done: Boolean!
}
`;
@graphql-tools/schema@graphql-tools/utilsgraphql
@everything-registry/sub-chunk-110
0.0.6

10 months ago

0.0.5

10 months ago

0.0.4

10 months ago

0.0.3

10 months ago

0.0.2

10 months ago

0.0.1

10 months ago