I want to add a traditional rest endpoint to my Apollo server and I would like to reuse Meteors authentication system. However, Meteor.user() is not defined in this context. The endpoint will not look or ask for user credentials.
createApolloServer( ... , {
configServer: (app) => {
app.use('/myEndpoint', () => {
/* I want to have a meteor userId here */
});
},
});
If you are using Meteor, the best way to make a traditional REST endpoint is:
https://github.com/stubailo/meteor-rest/
simple:json-routes
and you can do authentication with
simple:rest-accounts-password
simple:authenticate-user-by-token
The best way to get Meteor user information in your resolvers is:
http://dev.apollodata.com/core/meteor.html
Related
I have added a custom domain to the API Gateway due to CORS/Cookies/Infosec and other fun reasons.
I then added the following code to hack the correct domain into my Amplify configuration:
import { Amplify, API } from "aws-amplify"
const myfunc () => {
const amplifyEndpoint = API._restApi._options.endpoints[0]
Amplify.configure({
aws_cloud_logic_custom: [
{
...amplifyEndpoint,
endpoint: process.env.REACT_APP_API_URL || amplifyEndpoint.endpoint,
},
]
})
const response = await API.post("MyApiNameHere", "/some-endpoint", {data:"here"})
}
This works but a) is this really the correct way to do it? and b) I'm seeing a weird issue whereby the first API.post request of the day from a user is missing the authorization & x-amz-security-token headers that I expect Amplify to be magically providing. If a user refreshes the page, the headers are sent and everything works as expected.
[edit] turns out my missing headers issue is unrelated to this override, so still need to get to the bottom of that!
The more correct place looks to be in the index.js:
import { Amplify, API } from "aws-amplify"
import awsExports from "./aws-exports"
Amplify.configure(awsExports)
const amplifyEndpoint = API._restApi._options.endpoints[0]
Amplify.configure({
aws_cloud_logic_custom: [
{
...amplifyEndpoint,
endpoint: process.env.REACT_APP_API_URL || amplifyEndpoint.endpoint,
},
]
})
That way it's done once - rather than needing to be done in each API call.
Naturally you would need some more complicated logic if you were dealing with multiple endpoints.
can I generate a custom auth token, for use with a third party, with a resolver in graph.cool? something like this??
type FirebaseTokenPayload {
token: String!
}
extend type Query {
FirebaseToken(userIdentifier: String!): FirebaseTokenPayload
}
const fb = require('myNodeFirebaseAuthLib')
module.exports = event => fb.generateTokenWithPayload({ id: event.data.userId })
Authentication required - restrict who can read data in fields: Permission query:
query ($user_id: ID!, $node_firebaseIdentifier: String) {
SomeUserExists(filter: {
id: $user_id ,
firebaseIdentifier: $node_firebaseIdentifier
})
}
--
I think this question boils down two parts
"is it possible to install node modules in the graph.cool instance -- or for that sort of thing do we need to use a webhook" -- if it must be a webhook, what is the flow of identity verification and how do I pass the payload parameters ?
"can we add permissions queries and authentication to resolvers?"
notes, addendums:
according to this alligator.io blog post, it seems that using the Graphcool framework, you can install node modules! So, I wouldn't need to use a webhook. -- However, that is with an ejected app. I lose auth0 authentication that way -- the template does not produce a createUser and singinUser that works with the same auth0 data that the integration offers.
I forgot to post the answer to this - I had to eject graphcool, I could not use any node_modules I thought to try in my custom functions.
Currently, I am using https://github.com/invertase/react-native-firebase for my project. I have a custom database for users and I want to check if the user exists or not by email.
Here is a screenshot of the database:
Here's a generic firebase method but you may need to reconfigure the method to suit your data structure. Please refer to the official docs if you wish to know more.
firebase.database()
.ref(`/users`)
.orderByChild("email")
.equalTo(email)
.once("value")
.then(snapshot => {
if (snapshot.val()) {
// data exist, do something else
}
})
You can also query the registration status with hasChild method. Refer to your root path and query with .once and check the result returned.
export function checkUserExist(email) {
return(dispatch) => {
firebase.database().ref(`/ExistingUser/`)
.once('value', snapshot => {
if(snapshot.hasChild(email)) {
dispatch({
type: FIREBASE_USER_EXISTED
});
} else {
dispatch({
type: FIREBASE_USER_NOT_EXISTED,
});
}
});
}
}
Another preferred method would be using the fetchProvidersForEmail method provided by Firebase. It takes an email and returns a promise that resolves with the list of providers linked to that email if it is already registered, refer here.
Is there a good reason to store users credential in your database? In my daily practice, I would use the createUserWithEmailAndPassword provided by Firebase for security purposes, refer here. Just make sure rules are defined properly to prevent unauthorized access.
I am currently new to Meteor and Angular2 and I built an application with same.
I want to make External API call inside Meteor Server using Meteor HTTP Module.
Could you please give an example code in "Typescript" how to do this? Thanks in advance.
Use HTTP.call() for external invoking API. You can call both Get and post requests with this. See the documentation link for details.
Here is a simple example
HTTP.call('POST', 'http://api.twitter.com/xyz', {
data: { some: 'json', stuff: 1 }
}, () => (error, result) {
if (!error) {
Session.set('twizzled', true);
}
});
I'm trying to query the Meetup API using meteor,i tried a Meteor package.
when i call the function below i get this error.
API requests must be key-signed,oauth-signed, or accompanied by a key:
Meteor.methods({
getGroups:function(){
Meetup.get('2/events', {
member_id: 'self',
status: 'upcoming',
rsvp: 'yes'
}, {user: this.userId});
}
})
I used the accounts-meetup package ,and i auth successfuly.
You need to provide in your request an access key https://secure.meetup.com/meetup_api/key/ . Also look here Modifying user.profile using Accounts.onCreateUser for loginWithMeetup