Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pass custom header in GraphiQL #133

Merged
merged 4 commits into from
Sep 12, 2016
Merged

Conversation

nicolaslopezj
Copy link
Contributor

@nicolaslopezj nicolaslopezj commented Sep 10, 2016

This passes the Meteor login token in the authorization header so magically we are connected with the logged in user in GraphiQL.


I wanted to make a solution that fits all types of Apps, not only Meteor. But I couldn't find a non-hacky way to pass headers to the fetch function.

So as a second option we could pass a string to renderGraphiQL (setting it in the options when creating the server) that we later put into the GraphiQL document string, like this:

createApolloServer({
  /* schema and resolvers */
}, {
  graphiqlOptions: {
    passHeader: "'Authorization': localStorage['Meteor.loginToken']"
  }
})
headers: {
  'Accept': 'application/json',
  'Content-Type': 'application/json',
  ${passHeader}
},

I don't like this solution very much but it works with non Meteor Apps

@stubailo
Copy link
Contributor

I think it would be better to add an option to do this rather than hard coding a meteor specific solution.

@nicolaslopezj
Copy link
Contributor Author

@stubailo It's ok now?

I also made a PR https://github.com/apollostack/meteor-integration/pull/35/files that passes the meteor authorization header automatically.

@nicolaslopezj nicolaslopezj changed the title Pass meteor login token in Authorization header Pass custom header in GraphiQL Sep 12, 2016
@helfer
Copy link
Contributor

helfer commented Sep 12, 2016

I think we can merge this, because it's a simple way to get authorization, but it's a very hacky solution, so I'd rather not document it prominently.

@helfer helfer merged commit be0f5ec into apollographql:master Sep 12, 2016
@helfer
Copy link
Contributor

helfer commented Sep 12, 2016

Thanks @nicolaslopezj

@helfer
Copy link
Contributor

helfer commented Sep 14, 2016

@nicolaslopezj I just realized that there's no test for this code. Would you mind making another PR that adds a test? Thanks!

@lorensr
Copy link
Contributor

lorensr commented Sep 20, 2016

Included in v0.3.0

https://github.com/apollostack/apollo-server/blob/master/CHANGELOG.md#v030

@bryanerayner
Copy link

@helfer, AFAIK this is the easiest way to get authentication for a Graphiql client. Hacky or not, I think it would make a lot of people's lives much easier (including mine!)

How can we upgrade this feature to make it "not hacky"?

@stubailo
Copy link
Contributor

stubailo commented Feb 3, 2017

I think it is best to open a new issue about it.

trevor-scheer added a commit that referenced this pull request May 6, 2020
trevor-scheer added a commit that referenced this pull request May 14, 2020
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Apr 23, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants