Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add option to secure graphql route #3

Open
ChristianBlom84 opened this issue Jan 27, 2023 · 3 comments
Open

Add option to secure graphql route #3

ChristianBlom84 opened this issue Jan 27, 2023 · 3 comments
Labels
enhancement New feature or request

Comments

@ChristianBlom84
Copy link

Is there a way to apply the cookie setting/getting to the graphql route as well?

We're using Apollo Client on the frontend and the graphql plugin. When I send a login mutation using the graphql, there are no cookies set, but they're set when I send the request to the /api/auth/local endpoint.

@bwyx bwyx added the enhancement New feature or request label Feb 1, 2023
@callmephilip
Copy link

@ChristianBlom84 have you tried explicitly telling Apollo Client to pass cookies along as described here?

const link = createHttpLink({
  uri: '/graphql',
  credentials: 'same-origin' // 👈
});

const client = new ApolloClient({
  cache: new InMemoryCache(),
  link,
});

@callmephilip
Copy link

i guess i have misread the original post - i guess the issue is with the SERVER not setting cookies correctly. @bwyx how would you approach fixing this? does this require intercepting all graphql requests and then inspecting query/mutation?

@callmephilip
Copy link

i guess a workaround for now would be to login via REST API and then rely on cookie setting via credentials: 'same-origin'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

3 participants