Hello anyone worked on a Prisma Auth0 example already If not Prisma #prisma-whats-new

Join Slack

Hello, anyone worked on a Prisma/Auth0 example alr...

# prisma-whats-new

picosam

01/21/2018, 9:07 AM

Hello, anyone worked on a Prisma/Auth0 example already? If not I’ll try to do one this week.

ehodges

01/21/2018, 12:16 PM

There are a couple of guys that did work on this for the 1.0 beta, which is very similar to Prisma. I can't remember where their repo is though, sorry. If I find it, I'll let you know.

👍 1

matic

01/21/2018, 12:59 PM

@logan has something, if I am not mistaken

logan

01/21/2018, 4:10 PM

I have a working example in my app, haven’t had a chance to split this out to another repo yet… @harrisrobin was interested in working on this as well

👍 1

harrisrobin

01/21/2018, 5:04 PM

yes been meaning to get to this. the app im working on is almost at that stage so might having something soon 🙂

❤️ 1

lawjolla

01/22/2018, 3:23 PM

I worked on it this weekend. My approach was graphql-yoga / express middleware that validates the token and injects the User into context. Is that the preferred method?

picosam

01/22/2018, 9:09 PM

I believe so, yes!

logan

01/23/2018, 2:45 PM

@lawjolla would love to see what that looks like, mind sharing a snippet?

lawjolla

01/23/2018, 11:31 PM

Hey @logan, I'm happy to, though it needs to be abstracted out to make much sense. Let me see if I can break it down here. First, I have two middleware(s?):

Copy code

<http://server.express.post|server.express.post>(server.options.endpoint, checkJwt)
<http://server.express.post|server.express.post>(server.options.endpoint, (req, res, done) => getUser(req, res, done, db))

checkJwt

is https://github.com/auth0/express-jwt that I put into a middleware folder. If the Bearer token checks, then the request can proceed. If not, the request is stopped. I have it set up to pass on token validation or no token, but it will stop on an improper token. If it validates, it appends the token to req.user. So the next middleware, getUser...

Copy code

const getUser = async (req, res, next, db) => {
  if (!req.user) return next()
  const user = await db.query.user({ where: { auth0id: req.user.sub } })
  req.user = { token: req.user, ...user}
  next()
}

Now the User object is available to all of your resolvers through context at

ctx.request.user

. Does that make sense to anyone?

logan

01/23/2018, 11:47 PM

Yes this makes a ton of sense! Would love to help get this example together. My implementation needs improvement. Would also like to see the sign up / login logic, and potentially auth for specific GraphQL queries/mutations

lawjolla

01/23/2018, 11:54 PM

@logan I'll be working on it all tonight and tomorrow and should have something good toss online

logan

01/23/2018, 11:59 PM

Ah exciting! Ok well let me know if I can help in some way - recruited a friend to chip in tonight 😁

ehodges

01/24/2018, 5:13 AM

I'm very interested in seeing this, thank you for working on it!

lawjolla

01/25/2018, 6:52 PM

For those still curious, here's my demo https://github.com/LawJolla/prisma-auth0-example

🚀 2

2 Views

Open in Slack

Previous Next