执行经过身份验证的keystone.js/GraphQL API查询 [英] Perform an authenticated keystone.js / GraphQL API query

问题描述

我是Keystone.js和GraphQL的新手.到目前为止，我已经能够成功执行以下API查询(摘自页面)通过POST请求:

I am new to Keystone.js and GraphQL. So far I have been able to successfully execute the following API queries (taken from this page) via a POST request:

const SIGNIN = `mutation signin($identity: String, $secret: String) {
  authenticate: authenticateUserWithPassword(email: $identity, password: $secret) {
    item {
      id
      name
    }
  }
}`;

// Returns id and name of authenticated user

和

const GET_ALL_POSTS = `query GetPosts {
  allPosts {
    name
    id
  }
}`;

// Returns id and name of all posts (if no access controls)

如果我为列表 Post 设置访问控制>我从第二个查询中获得了访问错误，但是我无法解决如何对 allPosts 执行经过身份验证的查询，例如我想要:

If I set access controls for the list Post I get an access error from the second query as expected, but I can't work how to then perform an authenticated query for allPosts, e.g. I want:

• 要(通过编程方式)通过用户的电子邮件和密码对用户进行身份验证
• 如果成功，对 allPosts 运行查询并返回结果

• To (programatically) authenticate a user by their email and password
• If successful, run a query for allPosts and return the results

我在做什么错了?

推荐答案

答案是首先在下面提交查询，以验证您的用户并生成访问令牌:

The answer is to first submit the query below, to authenticate your user and generate an access token:

query: `mutation ($identity: String, $secret: String) {
  authenticate: authenticateUserWithPassword(email: $identity, password: $secret) {
    token
  }
}`

随后的查询通过以下方式进行身份验证:将提供的令牌添加到请求的标头中:

Subsequent queries are then authenticated by adding the provided token to your headers of your request with:

'Authorization: Bearer <token>'.

其他信息此处.

更一般地说， GraphQL游乐场非常值得一看对于任何使用keystonejs且是GraphQL的新手的人.

More generally, the GraphQL playground is well worth a look for anyone getting into keystonejs and new to GraphQL.

这篇关于执行经过身份验证的keystone.js/GraphQL API查询的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！