In this demo, you will verify if a token is valid and carry
-
Run
npm install
andnpm run seed
to set up the database. -
Open server.js and explain the following:
-
We can add another option to our Apollo Server configuration called
context
, which is a lot like middleware in Express. -
This will allow us to intercept any request to the server and check if there's a valid JWT before the request gets to the resolver.
-
-
Open auth.js and explain the
authMiddleware
function:-
Whenever we make a request to our server, we will check if there's a token with the request and attempt to verify and decode it if there is.
-
We use the
return
statement to return thereq
object, either modified with user data or not modified at all, and the request will continue to go to its intended resolver function.
-
-
Open resolvers.js and explain the following:
-
Any time we need to implement authentication on a query or mutation, we can add a third parameter called
context
to the resolver function. -
The
context
object is whatever has been returned from ourauthMiddleware
function, so it may or may not include auser
property depending on the status of the JSON Web Token. -
If there is a
user
property, we can assume the user's token has been verified and theuser
property now holds data about the user that we stored in the token itself.
-