Schema-Directives, the Right Way of Doing GraphQL Authorizations

Schema-Directives, the Right Way of Doing GraphQL Authorizations

In my last post, I tried to share a way that can be used to implement resolver specific authorization. Even though I’m using it in production, after making some changes to the approach like not using a global dictionary instead of that I’m injecting “User” object to every request context, it has been working well without giving any issues.

In my last post, I tried to share a way that can be used to implement resolver specific authorization. Even though I’m using it in production, after making some changes to the approach like not using a global dictionary instead of that I’m injecting “User” object to every request context, it has been working well without giving any issues. But I find this approach not so generalized and hence not optimal. As I was new to GraphQL then I’m fine with that novice approach, but as I read more about Graphql specs and different parts of it I learned about schema-directives. With some more reading about using schema-directives with Ariadne it was evident that’s the way to do it, and hence this article.

I’ll be using this repository as a base. If you look into schemas/Query.graphql you will find the following.

directive @is_authenticated on FIELD_DEFINITION

directive @has_permission(

resource: String

permission: String

) on FIELD_DEFINITION

type Query {

“””

Get all users

“””

users(offset: Int = 0, limit: Int = 10): UsersInResp!

@has_permission(resource: “_ps_users”, permission: “read”)

“””

python apollo-server ariadne graphql-authentication graphql

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

How to Build Apollo GraphQL Server From Scratch

GraphQL is a query language and a server-side runtime that is used to request data from the server. The first thing that comes to mind when hearing the term “query language” is SQL. Just as SQL is used for querying databases, GraphQL is a bit like SQL but for querying web APIs as it eliminates the need to repeatedly develop or change existing end-points. GraphQL also enables the client/front-end to retrieve exactly the data they have requested and no more. This means that, within a single request of GraphQL, you can traverse from the entry point to the related data (whereas in RESTful API you have to call multiple endpoints to fetch similar results). Build Nodejs and GraphQL server from scratch using Apollo. How to Build Apollo GraphQL Server From Scratch

Full-Stack GraphQL With Apollo & NextJS — Part 3: Server-Side

This is the third and final part of my series which explores implementing GraphQL using Apollo and NextJS.Part 1 dealt with the app setup, and Part 2 dealt with the Client-Side in depth. I would highly recommend reading them first before getting into this article, unless you are already comfortable with Client-Side GraphQL using Apollo.

Server-Side GraphQL with Apollo & NextJS 

This tutorial will teach you how to set up a full-stack GraphQL application using NextJS and Apollo.

Basic Data Types in Python | Python Web Development For Beginners

In the programming world, Data types play an important role. Each Variable is stored in different data types and responsible for various functions. Python had two different objects, and They are mutable and immutable objects.

How To Set Up Two-Factor Authentication in cPanel

What is 2FA Two-Factor Authentication (or 2FA as it often referred to) is an extra layer of security that is used to provide users an additional level of protection when securing access to an account.