ruohki · March 23, 2018 22:46
diff --git a/directive.graphql b/directive.graphql
 enum UserRoleEnum {
  ROOT
  ADMIN
  USER
 }

 directive @isAuthenticated(role: UserRoleEnum = USER) on FIELD_DEFINITION | OBJECT

 ....

 Query {
  myVar: String @isAuthenticated(role: ROOT)
 }
diff --git a/isAuthenticatedDirective.js b/isAuthenticatedDirective.js
 import { defaultFieldResolver } from "graphql";
 import { SchemaDirectiveVisitor } from "graphql-tools";

 class isAuthenticated extends SchemaDirectiveVisitor {
  visitObject(type) {
    this.ensureFieldsWrapped(type);
    type._role = this.args.role;
  }

  visitFieldDefinition(field, details) {
    this.ensureFieldsWrapped(details.objectType);
    field._role = this.args.role;
  }

  ensureFieldsWrapped(objectType) {
    if (objectType._authFieldsWrapped) return;
    objectType._authFieldsWrapped = true;

    const fields = objectType.getFields();
    Object.keys(fields).forEach(fieldName => {
      const field = fields[fieldName];
      const { resolve = defaultFieldResolver } = field;

      field.resolve = async function (root, args, ctx, info) {
        const role = field._role || objectType._role;
        const { userId = false } = ctx;

        if (!userId) {
          throw new Error("Not Authenticated");
        }

        // Throw in some random checks
        // like checks against the user and his roles etc
        // throw error if no access

        return await resolve.call(this, root, args, ctx, info);
      };
    })
  }
 }

 export default isAuthenticated;
diff --git a/schema.js b/schema.js
 import isAuthenticated from './isAuthenticatedDirective';
 ...

 const schema = makeExecutableSchema({
  typeDefs,
  resolvers,
  schemaDirectives: {
    isAuthenticated
  }
 });

 ...
	enum UserRoleEnum {
	ROOT
	ADMIN
	USER
	}

	directive @isAuthenticated(role: UserRoleEnum = USER) on FIELD_DEFINITION \| OBJECT

	....

	Query {
	myVar: String @isAuthenticated(role: ROOT)
	}
	import { defaultFieldResolver } from "graphql";
	import { SchemaDirectiveVisitor } from "graphql-tools";

	class isAuthenticated extends SchemaDirectiveVisitor {
	visitObject(type) {
	this.ensureFieldsWrapped(type);
	type._role = this.args.role;
	}

	visitFieldDefinition(field, details) {
	this.ensureFieldsWrapped(details.objectType);
	field._role = this.args.role;
	}

	ensureFieldsWrapped(objectType) {
	if (objectType._authFieldsWrapped) return;
	objectType._authFieldsWrapped = true;

	const fields = objectType.getFields();
	Object.keys(fields).forEach(fieldName => {
	const field = fields[fieldName];
	const { resolve = defaultFieldResolver } = field;

	field.resolve = async function (root, args, ctx, info) {
	const role = field._role \|\| objectType._role;
	const { userId = false } = ctx;

	if (!userId) {
	throw new Error("Not Authenticated");
	}

	// Throw in some random checks
	// like checks against the user and his roles etc
	// throw error if no access

	return await resolve.call(this, root, args, ctx, info);
	};
	})
	}
	}

	export default isAuthenticated;
	import isAuthenticated from './isAuthenticatedDirective';
	...

	const schema = makeExecutableSchema({
	typeDefs,
	resolvers,
	schemaDirectives: {
	isAuthenticated
	}
	});

	...