Skip to content
This repository has been archived by the owner on May 30, 2021. It is now read-only.

Commit

Permalink
Update app.ts
Browse files Browse the repository at this point in the history
  • Loading branch information
RodolfoSilva committed Sep 13, 2019
1 parent 805222f commit 02ba2ef
Showing 1 changed file with 17 additions and 1 deletion.
18 changes: 17 additions & 1 deletion src/app.ts
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
import express, { Application } from 'express';
import jwt from 'jsonwebtoken';
import { ApolloServer } from 'apollo-server-express';
import omitIn from 'lodash/omit';
import resolvers from './resolvers';
import { typeDefs } from './typeDefs';
import * as vars from './vars';
Expand Down Expand Up @@ -28,6 +29,7 @@ export const createApp = (): Application => {

try {
const token = request.get('Authorization');
let role = request.get('x-hasura-role');

if (!token) {
response.json(unauthorizedResponseBody);
Expand All @@ -36,7 +38,21 @@ export const createApp = (): Application => {

const payload: any = jwt.verify(token.split(' ')[1], vars.jwtSecretKey);

response.json(payload[vars.hasuraGraphqlClaimsKey]);
const claims = payload[vars.hasuraGraphqlClaimsKey];

if (role === undefined) {
role = claims['x-hasura-default-role'];
}

if (!claims['x-hasura-allowed-roles'].includes(role)) {
response.sendStatus(401);
return;
}

response.json({
...omitIn(claims, ['x-hasura-default-role', 'x-hasura-allowed-roles']),
'x-hasura-role': role,
});
} catch (e) {
response.sendStatus(401);
}
Expand Down

0 comments on commit 02ba2ef

Please sign in to comment.