执行经过身份验证的 keystone.js/GraphQL API 查询 [英] Perform an authenticated keystone.js / GraphQL API query
问题描述
我是 Keystone.js 和 GraphQL 的新手.到目前为止,我已经能够成功执行以下 API 查询(取自这个 页面) 通过 POST 请求:
I am new to Keystone.js and GraphQL. So far I have been able to successfully execute the following API queries (taken from this page) via a POST request:
const SIGNIN = `mutation signin($identity: String, $secret: String) {
authenticate: authenticateUserWithPassword(email: $identity, password: $secret) {
item {
id
name
}
}
}`;
// Returns id and name of authenticated user
和
const GET_ALL_POSTS = `query GetPosts {
allPosts {
name
id
}
}`;
// Returns id and name of all posts (if no access controls)
如果我为列表Post
访问控制> 我按预期从第二个查询中收到访问错误,但我无法工作,然后如何对 allPosts
执行经过身份验证的查询,例如我要:
If I set access controls for the list Post
I get an access error from the second query as expected, but I can't work how to then perform an authenticated query for allPosts
, e.g. I want:
- (以编程方式)通过用户的电子邮件和密码对用户进行身份验证
- 如果成功,运行
allPosts
查询并返回结果
- To (programatically) authenticate a user by their email and password
- If successful, run a query for
allPosts
and return the results
我做错了什么?
推荐答案
答案是首先提交下面的查询,验证您的用户并生成访问令牌:
The answer is to first submit the query below, to authenticate your user and generate an access token:
query: `mutation ($identity: String, $secret: String) {
authenticate: authenticateUserWithPassword(email: $identity, password: $secret) {
token
}
}`
然后通过将提供的令牌添加到您的请求标头中来验证后续查询:
Subsequent queries are then authenticated by adding the provided token to your headers of your request with:
'Authorization: Bearer <token>'.
更多信息此处.
更一般地说,GraphQL 游乐场非常值得一看适合刚接触 keystonejs 和 GraphQL 的任何人.
More generally, the GraphQL playground is well worth a look for anyone getting into keystonejs and new to GraphQL.
这篇关于执行经过身份验证的 keystone.js/GraphQL API 查询的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!