Apollo 2.0.0 Graphql cookie 会话
Apollo 2.0.0 Graphql cookie session
谁能帮我解决这个问题,我的设置在 Apollo 2.0 之前如下,我有一个 server.js,其中我使用了 express 和 graphql-server-express
我有一个仅限 http 的 cookie 会话,当用户登录时,我将 jwt 令牌设置为 cookie,并在浏览器中将其设置为仅限 http。
在随后的请求中,我验证了浏览器传回的 cookie。一切正常,我可以访问
来自 req.session.token 的令牌在任何其他解析器中并验证保存在 cookie 会话中的 jwt 令牌。
server.js
import express from 'express';
import { graphqlExpress, graphiqlExpress } from 'graphql-server-express';
import { ApolloEngine } from 'apollo-engine';
import bodyParser from 'body-parser';
import cors from 'cors';
import cookieSession from 'cookie-session';
import schema from './schema/';
const server = express();
server.use(
cookieSession({
name: 'session',
keys: 'k1,k2',
maxAge: 30 * 60 * 1000,
domain: '.mydomain.com',
path: '/',
}),
);
const corsOptions = {
origin: 'http://local.mydomain.com:3000',
credentials: true,
methods: ['GET', 'PUT', 'POST', 'OPTIONS'],
};
server.use(cors(corsOptions));
server.use(
'/graphql',
bodyParser.json(),
graphqlExpress(req => ({
schema,
tracing: true,
context: { req },
})),
);
if (process.env.NODE_ENV !== 'production') {
server.use('/graphiql',graphiqlExpress({endpointURL: '/graphql'}));
}
const engine = new ApolloEngine({
apiKey: engineConfig.apiKey,
});
engine.listen(
{
port: 3000,
graphqlPaths: ['/graphql'],
expressApp: server,
},
() => {console.log('GraphiQL is now running');},
);
authenticateResolver.js
const authenticateResolver = {
Query: {
authenticate: async (root, args, context) => {
const { req } = context;
const auth = `Basic ${Buffer.from(`${args.username}:${args.password}`).toString('base64')}`;
const axiosResponse = await axios.post("localhot:8080/login, 'true',
{
headers: {
Authorization: auth,
},
});
if (axiosResponse.status === 200 && axiosResponse.data.token) {
req.session.token = axiosResponse.data.token;
}
return {
status: 200,
};
},
但是当我升级到 Apollo 2.0 时,我的 server.js 代码发生了变化,authenticateResolver 保持原样。
由于未设置 cookie 会话,我现在无法在任何后续请求中访问 req.session.token。
当我在 chrome 中打开开发人员工具时,我看不到在调用身份验证时设置的 cookie。
我在这里做错了什么?
server.js # Apollo 2.0 升级后
import express from 'express';
import { ApolloServer, gql } from 'apollo-server-express';
import cors from 'cors';
import cookieSession from 'cookie-session';
import { mergedTypes, resolvers } from './schema/';
const server = express();
server.use(
cookieSession({
name: 'session',
keys: 'k1,k2',
maxAge: 30 * 60 * 1000,
domain: '.mydomain.com',
path: '/',
}),
);
const corsOptions = {
origin: 'http://local.mydomain.com:3000',
credentials: true,
methods: ['GET', 'PUT', 'POST', 'OPTIONS'],
};
server.use(cors(corsOptions));
server.listen({ port: 3000 }, () => {
console.log('Server ready');
console.log('Try your health check at: .well-known/apollo/app-health');
});
const apollo = new ApolloServer({
typeDefs: gql`
${mergedTypes}
`,
resolvers,
engine: false,
context: ({ req }) => ({ req }),
});
apollo.applyMiddleware({
server
});
是的,如果您查看 graphql 游乐场,有一个设置选项,如果您单击它,您可以观察到一些设置,其中之一是
"request.credentials": "omit" 改成
"request.credentials": "include" 并保存设置,现在应该可以使用了。
我的代码也如下所示:
const app = express()
app.use(
cookieSession({
name: 'session',
keys: corsConfig.cookieSecret.split(','),
maxAge: 60 * 60 * 1000,
domain: corsConfig.cookieDomain,
path: '/',
})
)
const corsOptions = {
origin: corsConfig.corsWhitelist.split(','),
credentials: true,
methods: ['GET', 'PUT', 'POST', 'OPTIONS'],
}
app.use(cors(corsOptions))
const apollo = new ApolloServer({
typeDefs: gql`
${mergedTypes}
`,
resolvers,
engine: false,
context: ({ req }) => ({ req }),
tracing: true,
debug: !process.env.PRODUCTION,
introspection: !process.env.PRODUCTION,
})
apollo.applyMiddleware({
app,
path: '/',
cors: corsOptions,
})
app.listen({ port: engineConfig.port }, () => {
console.log(' - Server ready')
console.log('Try your health check at: .well-known/apollo/app-health')
})
谁能帮我解决这个问题,我的设置在 Apollo 2.0 之前如下,我有一个 server.js,其中我使用了 express 和 graphql-server-express 我有一个仅限 http 的 cookie 会话,当用户登录时,我将 jwt 令牌设置为 cookie,并在浏览器中将其设置为仅限 http。 在随后的请求中,我验证了浏览器传回的 cookie。一切正常,我可以访问 来自 req.session.token 的令牌在任何其他解析器中并验证保存在 cookie 会话中的 jwt 令牌。
server.js
import express from 'express';
import { graphqlExpress, graphiqlExpress } from 'graphql-server-express';
import { ApolloEngine } from 'apollo-engine';
import bodyParser from 'body-parser';
import cors from 'cors';
import cookieSession from 'cookie-session';
import schema from './schema/';
const server = express();
server.use(
cookieSession({
name: 'session',
keys: 'k1,k2',
maxAge: 30 * 60 * 1000,
domain: '.mydomain.com',
path: '/',
}),
);
const corsOptions = {
origin: 'http://local.mydomain.com:3000',
credentials: true,
methods: ['GET', 'PUT', 'POST', 'OPTIONS'],
};
server.use(cors(corsOptions));
server.use(
'/graphql',
bodyParser.json(),
graphqlExpress(req => ({
schema,
tracing: true,
context: { req },
})),
);
if (process.env.NODE_ENV !== 'production') {
server.use('/graphiql',graphiqlExpress({endpointURL: '/graphql'}));
}
const engine = new ApolloEngine({
apiKey: engineConfig.apiKey,
});
engine.listen(
{
port: 3000,
graphqlPaths: ['/graphql'],
expressApp: server,
},
() => {console.log('GraphiQL is now running');},
);
authenticateResolver.js
const authenticateResolver = {
Query: {
authenticate: async (root, args, context) => {
const { req } = context;
const auth = `Basic ${Buffer.from(`${args.username}:${args.password}`).toString('base64')}`;
const axiosResponse = await axios.post("localhot:8080/login, 'true',
{
headers: {
Authorization: auth,
},
});
if (axiosResponse.status === 200 && axiosResponse.data.token) {
req.session.token = axiosResponse.data.token;
}
return {
status: 200,
};
},
但是当我升级到 Apollo 2.0 时,我的 server.js 代码发生了变化,authenticateResolver 保持原样。 由于未设置 cookie 会话,我现在无法在任何后续请求中访问 req.session.token。 当我在 chrome 中打开开发人员工具时,我看不到在调用身份验证时设置的 cookie。 我在这里做错了什么?
server.js # Apollo 2.0 升级后
import express from 'express';
import { ApolloServer, gql } from 'apollo-server-express';
import cors from 'cors';
import cookieSession from 'cookie-session';
import { mergedTypes, resolvers } from './schema/';
const server = express();
server.use(
cookieSession({
name: 'session',
keys: 'k1,k2',
maxAge: 30 * 60 * 1000,
domain: '.mydomain.com',
path: '/',
}),
);
const corsOptions = {
origin: 'http://local.mydomain.com:3000',
credentials: true,
methods: ['GET', 'PUT', 'POST', 'OPTIONS'],
};
server.use(cors(corsOptions));
server.listen({ port: 3000 }, () => {
console.log('Server ready');
console.log('Try your health check at: .well-known/apollo/app-health');
});
const apollo = new ApolloServer({
typeDefs: gql`
${mergedTypes}
`,
resolvers,
engine: false,
context: ({ req }) => ({ req }),
});
apollo.applyMiddleware({
server
});
是的,如果您查看 graphql 游乐场,有一个设置选项,如果您单击它,您可以观察到一些设置,其中之一是
"request.credentials": "omit" 改成
"request.credentials": "include" 并保存设置,现在应该可以使用了。
我的代码也如下所示:
const app = express()
app.use(
cookieSession({
name: 'session',
keys: corsConfig.cookieSecret.split(','),
maxAge: 60 * 60 * 1000,
domain: corsConfig.cookieDomain,
path: '/',
})
)
const corsOptions = {
origin: corsConfig.corsWhitelist.split(','),
credentials: true,
methods: ['GET', 'PUT', 'POST', 'OPTIONS'],
}
app.use(cors(corsOptions))
const apollo = new ApolloServer({
typeDefs: gql`
${mergedTypes}
`,
resolvers,
engine: false,
context: ({ req }) => ({ req }),
tracing: true,
debug: !process.env.PRODUCTION,
introspection: !process.env.PRODUCTION,
})
apollo.applyMiddleware({
app,
path: '/',
cors: corsOptions,
})
app.listen({ port: engineConfig.port }, () => {
console.log(' - Server ready')
console.log('Try your health check at: .well-known/apollo/app-health')
})