New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Updates to with-apollo-auth #9274
Changes from 3 commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,103 @@ | ||
import { ApolloServer, gql } from 'apollo-server-micro' | ||
import bcrypt from 'bcryptjs' | ||
import jwt from 'jsonwebtoken' | ||
import { Photon } from '@generated/photon' | ||
|
||
const photon = new Photon() | ||
|
||
const JWT_SECRET = 'PleaseUseBetterStorageForThisSecret' | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @DevSpeak why not stick this in |
||
|
||
const getUserId = (req) => { | ||
const Authorization = req.headers && req.headers.authorization || '' | ||
if (Authorization) { | ||
const token = Authorization.replace('Bearer ', '') | ||
const verifiedToken = jwt.verify(token, JWT_SECRET) | ||
return verifiedToken.userId | ||
} | ||
} | ||
|
||
const typeDefs = gql` | ||
type Query { | ||
me: User! | ||
} | ||
type Mutation { | ||
register(email: String, name: String, password: String): AuthPayload! | ||
login(email: String, password: String): AuthPayload! | ||
} | ||
type AuthPayload { | ||
token: String | ||
} | ||
type User { | ||
id: String | ||
name: String | ||
email: String | ||
} | ||
` | ||
|
||
const resolvers = { | ||
Query: { | ||
async me (parent, args, context) { | ||
const id = context.user | ||
const user = await context.photon.users.findOne({ where: { id } }).then(user => user) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. is the |
||
|
||
if (!user) throw new Error('No such user found.') | ||
|
||
return { ...user } | ||
} | ||
}, | ||
Mutation: { | ||
async register (parent, { email, name, password }, context) { | ||
const hashedPassword = await bcrypt.hash(password, 10) | ||
|
||
const user = await context.photon.users.create({ | ||
data: { | ||
email, | ||
name, | ||
password: hashedPassword | ||
} | ||
}).then(user => user) | ||
|
||
if (!user) throw new Error('No such user found.') | ||
|
||
const token = jwt.sign({ | ||
userId: user.id | ||
}, JWT_SECRET) | ||
|
||
return { token } | ||
}, | ||
async login (parent, { email, password }, context) { | ||
const user = await context.photon.users.findOne({ where: { email } }).then(user => user) | ||
|
||
if (!user) throw new Error('No such user found.') | ||
|
||
const valid = await bcrypt.compare(password, user.password) | ||
|
||
if (valid) { | ||
const token = jwt.sign({ | ||
userId: user.id | ||
}, JWT_SECRET) | ||
|
||
return { token } | ||
} else { | ||
throw new Error('Invalid password.') | ||
} | ||
} | ||
} | ||
} | ||
|
||
const apolloServer = new ApolloServer({ | ||
typeDefs, | ||
resolvers, | ||
context: ({ req }) => { | ||
const user = getUserId(req) | ||
return { req, user, photon } | ||
} | ||
}) | ||
|
||
export const config = { | ||
api: { | ||
bodyParser: false | ||
} | ||
} | ||
|
||
export default apolloServer.createHandler({ path: '/api/graphql' }) |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -18,11 +18,10 @@ const CreateAccountPage = () => ( | |
) | ||
|
||
CreateAccountPage.getInitialProps = async context => { | ||
const { loggedInUser } = await checkLoggedIn(context.apolloClient) | ||
const data = await checkLoggedIn(context.apolloClient) | ||
|
||
if (loggedInUser.user) { | ||
// Already signed in? No need to continue. | ||
// Throw them back to the main page | ||
if (data.me) { | ||
// If not signed in, send them somewhere more useful | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. |
||
redirect(context, '/') | ||
} | ||
|
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
generator photon { | ||
provider = "photonjs" | ||
} | ||
|
||
datasource db { | ||
provider = "postgresql" | ||
url = "postgresql://yevnnxduqfivsa:d91c5ef154ae01e7ef8e7add436065c15491dd2245e6a83149c01f0e4a85b1b0@ec2-54-235-163-246.compute-1.amazonaws.com/dd90ll8j0inem8?schema=next&sslmode=prefer" | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This DB url seems unintended. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. It was actually intended for example use purpose. |
||
} | ||
|
||
model User { | ||
id String @default(cuid()) @id | ||
email String @unique | ||
name String? | ||
password String | ||
} |
This file was deleted.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Might be good to add dummy login credentials if we're going to leave this database in the example 🤔