nexus-plugin-auth0

Contents

Installation

npm install nexus-plugin-auth0

How it Works

The plugin currently expects the "UsersAccessToken" to be in the following format on the header of the incoming request.

{
  "authorization": "Bearer UsersAccessToken"
}

There are two main ways to use this plugin.

Using the protectedPaths to deny access to certain paths.
Using it to only validate and decode then to using the decoded token (available as ctx.token) to control access using another plugin such as nexus-plugin-sheild

The decoded token will be added to Nexus Context under ctx.token which has the following type

type DecodedAccessToken = {
  iss: string
  sub: string
  aud: string[]
  iat: number
  exp: number
  azp: string
  scope: string
}
// ctx.token
type ContextToken = DecodedAccessToken | null

Examples

Protected Paths

If protectedPaths is passed, then only valid access tokens will be allowed to access these paths

import { use } from 'nexus'
import { auth } from 'nexus-plugin-auth0'

use(
  auth({
    auth0Audience: 'nexus-plugin-auth0',
    auth0Domain: 'graphql-nexus.eu.auth0.com',
    protectedPaths: ['Query.posts'],
  })
)

Usage with nexus-plugin-shield

All paths will have the decoded token added to ctx only if the token is validated but will not deny access. The token can then be used by nexus-plugin-shield to control access.

import { use } from 'nexus'
import { auth } from 'nexus-plugin-auth0'
import { rule } from 'nexus-plugin-shield'


const isAuthenticated = rule({ cache: 'contextual' })(async (parent, args, ctx: NexusContext, info) => {
  const userId = ctx?.token?.sub
  return Boolean(userId)
})

const rules = {
  Query: {
    posts: isAuthenticated,
  },
  Mutation: {
    deletePost: isAuthenticated,
  },
}

use(
  auth({
    auth0Audience: 'nexus-plugin-auth0',
    auth0Domain: 'graphql-nexus.eu.auth0.com',
  })
)

use(
  shield({
    rules,
  })
)

Plugin Settings

type Settings = {
  auth0Domain: string
  auth0Audience: string
  protectedPaths?: string[]
  debug?: boolean
}

PreviousHISTORY Nextnode_modules

Last updated 2 years ago

hashtagInstallation

hashtagHow it Works

hashtagExamples

hashtagProtected Paths

hashtagUsage with nexus-plugin-shield

hashtagPlugin Settings