Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/Camji55/nexus-plugin-jwt-auth
Basic jsonwebtoken authentication plugin for The Nexus Framework
https://github.com/Camji55/nexus-plugin-jwt-auth
authentication graphql jsonwebtoken jwt jwt-token nexus-plugin nexusjs
Last synced: 2 months ago
JSON representation
Basic jsonwebtoken authentication plugin for The Nexus Framework
- Host: GitHub
- URL: https://github.com/Camji55/nexus-plugin-jwt-auth
- Owner: Camji55
- License: mit
- Archived: true
- Created: 2020-04-24T22:11:41.000Z (almost 5 years ago)
- Default Branch: develop
- Last Pushed: 2020-09-18T17:44:52.000Z (over 4 years ago)
- Last Synced: 2024-08-03T23:07:28.071Z (6 months ago)
- Topics: authentication, graphql, jsonwebtoken, jwt, jwt-token, nexus-plugin, nexusjs
- Language: TypeScript
- Homepage: https://www.npmjs.com/package/nexus-plugin-jwt-auth
- Size: 347 KB
- Stars: 56
- Watchers: 3
- Forks: 14
- Open Issues: 5
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
README
## Contents
- [Contents](#contents)
- [Installation](#installation)
- [Example Usage](#example-usage)
- [Setup](#setup)
- [Permissions](#permissions)
- [Stored Properties](#stored-properties)
- [Use cookie instead of Authorization header](#use-cookie-instead-of-authorization-header)
- [Contributing](#contributing)
- [License](#license)
## Installation
```sh
npm install nexus-plugin-jwt-auth
```
## Example Usage
Find full examples using both the built in permissions system or by leveragering [nexus-plugin-shield](https://github.com/lvauvillier/nexus-plugin-shield):
- **Basic Permissions** - [examples/basic-permissions](https://github.com/Camji55/nexus-plugin-jwt-auth/tree/master/examples/basic-permissions)
- **[Shield](https://github.com/lvauvillier/nexus-plugin-shield)** - [examples/shield](https://github.com/Camji55/nexus-plugin-jwt-auth/tree/master/examples/shield)
### Setup
```typescript
// app.ts
import { use } from 'nexus'
import { auth } from 'nexus-plugin-jwt-auth'
// Enables the JWT Auth plugin without permissions
use(auth({
appSecret: "" // optional if using custom verify function
}))
```
You may now access the `token` object and it's properties on the Nexus `context`.
### Permissions
Basic permissions can be added too.
```typescript
// app.ts
import { use } from 'nexus'
import { auth } from 'nexus-plugin-jwt-auth'
// Define the paths you'd like to protect
const protectedPaths = [
'Query.me',
'Query.filterPosts',
'Query.post',
'Mutation.createDraft',
'Mutation.deletePost',
'Mutation.publish'
]
// Enables the JWT Auth plugin with permissions
use(auth({
appSecret: "", // optional if using custom verify function
protectedPaths // optional
}))
```
### Stored Properties
You can also access properties stored in the token.
> In this example I sign the token on signup or login then store the userId in the token to be accessed directly in a query or mutation to find the authed user.
```typescript
// Query.ts
import { schema } from 'nexus'
schema.queryType({
definition(t) {
t.field('me', {
type: 'User',
async resolve(_root, _args, ctx) {
const user = await ctx.db.user.findOne({
where: {
id: ctx.token.userId // This is the token object passed through the context
}
})
if (!user) {
throw new Error('No such user exists')
}
return user
}
})
}
})
```
## Use cookie instead of Authorization header
```typescript
import { use, server } from "nexus"
import cookieParser from "cookie-parser" // Set esModuleInterop: true in tsconfig.json
// Add the cookie-parser middleware to Express
server.express.use(cookieParser())
// Enables the JWT Auth plugin with cookies
use(auth({
// ...
useCookie: true,
cookieName: "token"
}))
```
Don't forget to set `credentials: true` in your GraphQL client or the cookie will not be sent to the server.
## Contributing
Please read [CONTRIBUTING.md](CONTRIBUTING.md)
## License
[](https://app.fossa.com/projects/git%2Bgithub.com%2FCamji55%2Fnexus-plugin-jwt-auth?ref=badge_large)