npm install nexus-plugin-jwt-authFind full examples using both the built in permissions system or by leveragering nexus-plugin-shield:
- Basic Permissions - examples/basic-permissions
- Shield - examples/shield
// app.ts
import { use } from 'nexus'
import { auth } from 'nexus-plugin-jwt-auth'
// Enables the JWT Auth plugin without permissions
use(auth({
appSecret: "<YOUR SECRET>" // optional if using custom verify function
}))You may now access the token object and it's properties on the Nexus context.
Basic permissions can be added too.
// app.ts
import { use } from 'nexus'
import { auth } from 'nexus-plugin-jwt-auth'
// Define the paths you'd like to protect
const protectedPaths = [
'Query.me',
'Query.filterPosts',
'Query.post',
'Mutation.createDraft',
'Mutation.deletePost',
'Mutation.publish'
]
// Enables the JWT Auth plugin with permissions
use(auth({
appSecret: "<YOUR SECRET>", // optional if using custom verify function
protectedPaths // optional
}))You can also access properties stored in the token.
In this example I sign the token on signup or login then store the userId in the token to be accessed directly in a query or mutation to find the authed user.
// Query.ts
import { schema } from 'nexus'
schema.queryType({
definition(t) {
t.field('me', {
type: 'User',
async resolve(_root, _args, ctx) {
const user = await ctx.db.user.findOne({
where: {
id: ctx.token.userId // This is the token object passed through the context
}
})
if (!user) {
throw new Error('No such user exists')
}
return user
}
})
}
})import { use, server } from "nexus"
import cookieParser from "cookie-parser" // Set esModuleInterop: true in tsconfig.json
// Add the cookie-parser middleware to Express
server.express.use(cookieParser())
// Enables the JWT Auth plugin with cookies
use(auth({
// ...
useCookie: true,
cookieName: "token"
}))Don't forget to set credentials: true in your GraphQL client or the cookie will not be sent to the server.
Please read CONTRIBUTING.md
