执行经过身份验证的keystone.js/GraphQL API查询 [英] Perform an authenticated keystone.js / GraphQL API query
问题描述
我是Keystone.js和GraphQL的新手.到目前为止,我已经能够成功执行以下API查询(摘自页面)通过POST请求:
I am new to Keystone.js and GraphQL. So far I have been able to successfully execute the following API queries (taken from this page) via a POST request:
const SIGNIN = `mutation signin($identity: String, $secret: String) {
authenticate: authenticateUserWithPassword(email: $identity, password: $secret) {
item {
id
name
}
}
}`;
// Returns id and name of authenticated user
和
const GET_ALL_POSTS = `query GetPosts {
allPosts {
name
id
}
}`;
// Returns id and name of all posts (if no access controls)
如果我为列表 Post
设置访问控制>我从第二个查询中获得了访问错误,但是我无法解决如何对 allPosts
执行经过身份验证的查询,例如我想要:
If I set access controls for the list Post
I get an access error from the second query as expected, but I can't work how to then perform an authenticated query for allPosts
, e.g. I want:
- 要(通过编程方式)通过用户的电子邮件和密码对用户进行身份验证
- 如果成功,对
allPosts
运行查询并返回结果
- To (programatically) authenticate a user by their email and password
- If successful, run a query for
allPosts
and return the results
我在做什么错了?
推荐答案
答案是首先在下面提交查询,以验证您的用户并生成访问令牌:
The answer is to first submit the query below, to authenticate your user and generate an access token:
query: `mutation ($identity: String, $secret: String) {
authenticate: authenticateUserWithPassword(email: $identity, password: $secret) {
token
}
}`
随后的查询通过以下方式进行身份验证:将提供的令牌添加到请求的标头中:
Subsequent queries are then authenticated by adding the provided token to your headers of your request with:
'Authorization: Bearer <token>'.
其他信息此处.
更一般地说, GraphQL游乐场非常值得一看对于任何使用keystonejs且是GraphQL的新手的人.
More generally, the GraphQL playground is well worth a look for anyone getting into keystonejs and new to GraphQL.
这篇关于执行经过身份验证的keystone.js/GraphQL API查询的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!