如何使用正确的身份验证方式进行Apollo graphql服务器体系结构？

如何解决如何使用正确的身份验证方式进行Apollo graphql服务器体系结构？

试图通过身份验证实现Apollo GraphQL服务器，并坚持正确地进行操作。

我想按here所述在数据模型中实现授权，所以我的config's context函数如下：

context: ({ req }) => {
 // get the user token from the headers
 const token = req.headers.authentication || '';
  
 // try to retrieve a user with the token
 const user = getUser(token);

 // optionally block the user
 // we could also check user roles/permissions here
 if (!user) throw new AuthenticationError('you must be logged in to query this schema');  

 // add the user to the context
 return {
   user,models: {
     User: generateUserModel({ user }),...
   }
 };
},

我的用户模型如下：

export const generateUserModel = ({ user }) => ({
 getAll: () => { /* fetching/transform logic for all users */ },getById: (id) => { /* fetching/transform logic for a single user */ },getByGroupId: (id) => { /* fetching/transform logic for a group of users */ },});

现在在配置对象中，我定义dataSources如下：

const config = {
    context,dataSources: () => ({
        UsersAPI: new UsersAPI({ UserModel })
    })

}

严格按照阿波罗手册进行。

主要问题是如何正确传递dataSources进行建模？还是如果我以上述方式使用模型，就可以完全放弃dataSources？每个模型都应该自己访问它吗？

更新在阅读了一些API之后，我发现DataSource也可以访问上下文。从体系结构的角度来看，将所有身份验证逻辑如下移至DataSource类是正确的决定吗？

export class UsersAPI extends DataSource {
    private UserModel: any;
    private context: any;
    private LoggedInUser: User;

    constructor({ UserModel }) {
        super();
        this.UserModel = UserModel;
    }

    /**
     * This is a function that gets called by ApolloServer when being setup.
     * This function gets called with the datasource config including things
     * like caches and context. We'll assign this.context to the request context
     * here,so we can know about the user making requests
     */
    initialize(config) {
        console.log('user object');
        this.loggedInUser = config.context.user;
        this.context = config.context;
    }

    
    async getUsers(): Promise<any> {
        if (!this.loggedInUsers) {
            throw new AuthenticationError('Must be Logged In');
        }
        const query = {};
        const users = await this.UserModel.find(query).lean();
        return users;
    }
}

版权声明：本文内容由互联网用户自发贡献，该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容， 请发送邮件至 dio@foxmail.com 举报，一经查实，本站将立刻删除。