GiraphQL
Search…
AuthZ
This is a simple plugin for integrating with GraphQL AuthZ
For more details on GraphQL AuthZ see the official documentation here

Usage

Install

1
yarn add @giraphql/plugin-authz
Copied!

Setup

1
import AuthzPlugin from '@giraphql/plugin-authz';
2
3
const builder = new SchemaBuilder<{
4
AuthZRule: keyof typeof rules;
5
}>({
6
plugins: [AuthzPlugin],
7
});
Copied!
This plugin will add the rules to your schema, but you will still need to set up your server (or execute function) to run the authorization checks. The implementation of this depends on how your app is set up.
A simple example that just wraps the execute function might look like:
1
import { execute } from 'graphql';
2
import { wrapExecuteFn } from '@graphql-authz/core';
3
import rules from './auth-rules';
4
5
const wrappedExecute = wrapExecuteFn(execute, { rules });
Copied!

Defining rules for fields

1
builder.queryType({
2
fields: (t) => ({
3
users: t.field({
4
type: [User],
5
authz: {
6
rules: ['IsAuthenticated'],
7
},
8
resolve: () => users,
9
}),
10
}),
11
});
Copied!

Defining rules for types

1
const Post = builder.objectRef<IPost>('Post');
2
3
Post.implement({
4
authz: {
5
rules: ['CanReadPost'],
6
},
7
fields: (t) => ({
8
id: t.exposeID('id'),
9
}),
10
});
Copied!
Last modified 1mo ago