Graphql: No TypeGraphQL authorization support

Created on 25 Jun 2019  路  5Comments  路  Source: nestjs/graphql

I'm submitting a...


[ ] Regression 
[ ] Bug report
[x] Feature request
[ ] Documentation issue or request
[ ] Support request => Please do not submit support request here, instead post your question on Stack Overflow.

Current behavior


No support for TypeGraphQL Authorization feature: https://typegraphql.ml/docs/authorization.html

Expected behavior


It would be nice to annotate @ObjectType class fields with @Authorized() annotation, but GraphQLModule doesn't have configuration for customAuthChecker.

What is the motivation / use case for changing the behavior?


If GraphQL is used for public and private (admin) usage, we would like to restrict access to fields dedicated for admin.

picture ghost

Most helpful comment

I would appreciate it if you can provide some example or clue to achieve it. I have similar issue about it. I can use UseGuards in resolver class query. But it seems like it doesn't work with @ObjectType class fields.

picture Davis10733 on 3 Jul 2019
👍5

All 5 comments

There is no plan to support @Authorized(). You can achieve the same behavior with class-transformer + Nest guards/interceptors.

kamilmysliwiec picture kamilmysliwiec on 26 Jun 2019

I would appreciate it if you can provide some example or clue to achieve it. I have similar issue about it. I can use UseGuards in resolver class query. But it seems like it doesn't work with @ObjectType class fields.

Davis10733 picture Davis10733 on 3 Jul 2019
👍5

There is actually support for this feature with a rather easy configuration.

Create an extending interface:

import { BuildSchemaOptions } from '@nestjs/graphql/dist/external/type-graphql.types';
import { AuthChecker } from 'type-graphql';

export interface TypeGraphQLBuildSchemaOptions extends BuildSchemaOptions {
 authChecker: AuthChecker<any, any>;
}

And use it in the buildSchemaOptions (these options goes directly to type-graphqls buildSchema function):

GraphQLModule.forRoot({
 autoChemaFile: 'schema.gql,
 buildSchemaOptions: { authChecker: () => true } as TypeGraphQLBuildSchemaOptions
});

You could also just use any but with the cost of missing typechecking

Hybral picture Hybral on 5 Jul 2019
🚀1 👍1

Is there any reason why this isn't included in the BuildSchemaOptions type already?

jonlambert picture jonlambert on 17 Sep 2019

We're actively working on the docs and will provide more tutorials shortly.

kamilmysliwiec picture kamilmysliwiec on 17 Sep 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

zhenwenc picture zhenwenc  路  4Comments
vnenkpet picture vnenkpet  路  3Comments
jiayechao picture jiayechao  路  4Comments
fenos picture fenos  路  5Comments
willsoto picture willsoto  路  5Comments