0

I am trying to do preprocessing to scope my apollo-server (graphql) resolver results based off the user's authentication (which is expressed in a token in my header). I am not sure of the best way to do this, and this is what I have so far:

// Graphql Options
const GraphqlOptions = {
                          schema: executableSchema,
                          debugging: true,
              ---->       pre: [{ method: preMongoose, assign: 'm1'}],
                          context: {
                              user: Mongoose.model('User'),
                              SomethingElse: Mongoose.model('SomethingElse')
                          }
                      };

In my preMongoose file

'use strict';

const preMongoose = (request, reply) => {

  // code to modify mongoose model's pre to only return results based off
  // request's auth token

};

module.exports = preMongoose;
4

1 回答 1

0

好的,我找到了解决方案。它们使您能够在 server.register 的选项中拦截请求。这就是我的做法:

{
      register: graphqlHapi,
      options: {
      path: '/graphql',
      graphqlOptions: (request) => {

        return new Promise((resolve, reject) => {

          // a function that passes the scoping info in the response
          getScopableData(request, (err, res) => {
              if (err) {
                return reject(err);
              }

              // add scoping data
              GraphqlOptions.context.scopingOptions = res;

              return resolve(GraphqlOptions);
            });
        });
      }
}

现在,您可以在编写解析器时在您的上下文中访问此字段。我不得不进入并修改解析器以仅查询符合我的范围标准的内容。

于 2017-03-19T20:34:51.117 回答