DEV Community

Cover image for Authenticate jwt token in Apollo server express
HasOne
HasOne

Posted on

9 2

Authenticate jwt token in Apollo server express

The hard thing for newcomers to get familiar with the specific technology as it requests a lot of time and patience and hard work, to stay ahead in the curve we have to do that!

Authenticate the user to log him in, we need to verify the token JSON web token(JWT), in the tradition GraphQL we had access to request argument, but in the Apollo server we have context instead, by default context doesn't give any argument, so let go ahead and create!

context API

import Auth from './Auth.ts'
const server = new ApolloServer({
  typeDefs,
  resolvers,
  context: Auth,
});
Enter fullscreen mode Exit fullscreen mode

The Auth is the function we haven't created yet, let jump into that!

// Auth.ts

import jwt from "jsonwebtoken";

export default (request: any) => {
  const header = request.req.headers.authorization;

  // not found
  if (!header) return { isAuth: false };

  // token
  const token: any = header.split(" ");

  // token not found
  if (!token) return { isAuth: false };

  let decodeToken: any;

  try {
    decodeToken = jwt.verify(token[1], privateKey);
  } catch (err) {
    return { isAuth: false };
  }

  // in case any error found
  if (!!!decodeToken) return { isAuth: false };

  // token decoded successfully, and extracted data
  return { isAuth: true, userId: decodeToken.userId };
};

Enter fullscreen mode Exit fullscreen mode

This is the logic to verify the token, does it a valid token, if so, extract the userId and set isAuth to true so we can then make a condition on resolver if isAuth is true, proceed the code execution, if not throw an error.

now the isAuth can be accessed in any resolvers:

  login: async (parent: any, args: any, context: any, info: any) => {
    if (!context.isAuth)
      return {
        error: true,
        message: "Token doesn't find!",
      };

     // your code here....
  },
Enter fullscreen mode Exit fullscreen mode

That's pretty much it!

let me know if this helped you or you come with a good solution. thanks for reading coming along with me!

you can follow me on Github Profile: https://github.com/lifeeric

Resources:

https://www.apollographql.com/docs/apollo-server/api/apollo-server/
https://www.apollographql.com/docs/apollo-server/data/resolvers/

Image of Timescale

🚀 pgai Vectorizer: SQLAlchemy and LiteLLM Make Vector Search Simple

We built pgai Vectorizer to simplify embedding management for AI applications—without needing a separate database or complex infrastructure. Since launch, developers have created over 3,000 vectorizers on Timescale Cloud, with many more self-hosted.

Read more

Top comments (1)

Collapse
 
mananmehta22 profile image
mananmehta22

There is some issue with resolver. I do not have the login part but I am using this on a static data. Can you help?

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more