@auth directive
The @auth directive definition is dynamically generated on runtime based on user type definitions.
rules
You can have many rules for many operations. Each rule is fallen through until a match is found against the corresponding operation. If no match is found, an error is thrown. You can think of rules as a big OR.
@auth(rules: [
{ operations: [CREATE, UPDATE], ... }, ## or
{ operations: [READ, UPDATE], ...}, ## or
{ operations: [DELETE, UPDATE], ... } ## or
])operations
operations is an array which allows you to re-use the same rule for many operations.
@auth(rules: [
{ operations: [CREATE, UPDATE, DELETE, CONNECT, DISCONNECT, SUBSCRIBE] },
{ operations: [READ] }
])
Note that the absence of an operations argument will imply all operations.
|
Many different operations can be called at once, for example in the following Mutation:
mutation {
createPosts(
input: [
{
content: "I like GraphQL",
creator: { connect: { where: { id: "user-01" } } }
}
]
) {
posts {
content
}
}
}In the above example, there is a CREATE operation followed by a CONNECT, so the auth rule must allow a user to perform both of these operations.
Auth Value Plucking
When using the @auth directive, you use the following prefixes to substitute in their relevant values:
-
$jwt.- pulls value from JWT -
$context.- pulls value from context
Was this page helpful?