realm/realm-graphql-service

Authentication

Closed this issue 7 years ago · 0 comments

nirinchev commented 7 years ago

TODO:

Auth for regular http requests.
Auth for socket requests (likely only authenticate and connect and assume access for the lifetime of the socket.
ROS openRealm should accept token to impersonate the user rather than use the admin account.
Update ROS auth middleware to handle access tokens.

References:
https://github.com/apollographql/graphql-subscriptions/blob/master/.designs/authorization.md