This tutorial requires that you have a knowledge of GraphQL queries, mutation and context.
This tutorial covers the following:
- Signup User
- Account Activation
- Login User
- Password Reset
- Facebook Login
- Google Login
- Admin Role (Deleting Users, Get All Users)
- Get Current User
These are the following packages required for authentication and authorization:
- bcrypt: This package use to hash our passwords
- jsonwebtoken: This package use encrypt the payload, returns the token which use for authentication and we can also configure how much time this token last.
- node-fetch: This package use to make a fetch request
- nodemailer: This package use to send a email
- graphql-middleware: This package use to apply middlewares to manage additional functionality on multiple resolvers.
- graphql-shield: This package helps to create a permission middleware for your application.
Install these packages
yarn add bcrypt jsonwebtoken node-fetch nodemailer graphql-middleware graphql-shield google-auth-library
In this user schema
- id and email is unique
- Password is not required for every user like facebook and google.
- ResetPasswordToken is used to check the token is not expired when resetting password
- isAdmin is set to false by default
type User {
id: ID! @id
name: String!
email: String! @unique
password: String
isAdmin: Boolean @default(value: false)
resetPasswordToken: String @default(value: "")
createdAt: DateTime! @createdAt
updatedAt: DateTime! @updatedAt
}
Define the context in the GraphQL Server
We have to create a context type for it
import { Prisma } from "./generated/prisma-client";
export interface Context {
prisma: Prisma;
request: {
request: {
headers: {
authorization: string;
};
};
connection: {
context: {
Authorization: string;
};
};
};
}
After defining the context type set global context to prisma and request so we can use prisma methods and request object for getting authorization token.
#web-development #javascript #programming #graphql #prisma
7.85 GEEK