In this demo, you will verify if a token is valid and carry
-
Run
npm installandnpm run seedto set up the database. -
Open server.js and explain the following:
-
We can add another option to our Apollo Server configuration called
context, which is a lot like middleware in Express. -
This will allow us to intercept any request to the server and check if there's a valid JWT before the request gets to the resolver.
-
-
Open auth.js and explain the
authMiddlewarefunction:-
Whenever we make a request to our server, we will check if there's a token with the request and attempt to verify and decode it if there is.
-
We use the
returnstatement to return thereqobject, either modified with user data or not modified at all, and the request will continue to go to its intended resolver function.
-
-
Open resolvers.js and explain the following:
-
Any time we need to implement authentication on a query or mutation, we can add a third parameter called
contextto the resolver function. -
The
contextobject is whatever has been returned from ourauthMiddlewarefunction, so it may or may not include auserproperty depending on the status of the JSON Web Token. -
If there is a
userproperty, we can assume the user's token has been verified and theuserproperty now holds data about the user that we stored in the token itself.
-