- Extract the JWT decode functionality into a new library:
@neo4j/graphql-plugins - Expose an extended
AuthPluginclass that has adecodeJWTmethod on it. The class extends a ‘core’ abstract class calledNeo4jGraphQLAuthPluginexported directly from@neo4j/graphql. - Expose ability for users to specify plugins in
Neo4jGraphQLconstructor - Call a given plugin
Neo4j GraphQL is a Typescript codebase that, at the moment, is to be used exclusively on Node.js. This document outlines how to enable users to use Neo4j GraphQL in other environments where Javascript can be executed.
Neo4j GraphQL uses Node.js crypto libraries to decode the JWT. If this usage of core Node.js libraries could be extracted into a 'plugin' users could use the library inside the Browser.
If you want to specify your own custom auth then use the two classes imported from @neo4j/graphql:
- Neo4jGraphQL - Already exists
- Neo4jGraphQLAuthPlugin
import { Neo4jGraphQL, Neo4jGraphQLAuthPlugin } from "@neo4j/graphql";
const typeDefs = `
type User @auth(rules: [{ isAuthenticated: true }]) {
id: ID!
username: String!
}
`;
class CustomAuthPlugin extends Neo4jGraphQLAuthPlugin {
async decodeJWT() {}
}
const neoSchema = new Neo4jGraphQL({
typeDefs,
driver,
plugins: {
auth: new CustomAuthPlugin(),
},
});If you want to use the auth how it already is you should first import the Auth plugin from the new @neo4j/graphql-plugins package and then use it in the constructor of Neo4jGraphQL
import { Neo4jGraphQL } from "@neo4j/graphql";
import { Auth } from "@neo4j/graphql-plugins";
const typeDefs = `
type User @auth(rules: [{ isAuthenticated: true }]) {
id: ID!
username: String!
}
`;
const neoSchema = new Neo4jGraphQL({
typeDefs,
driver,
plugins: {
auth: new Auth(),
},
});