fullstack-apollo-express-mongodb-boilerplate icon indicating copy to clipboard operation
fullstack-apollo-express-mongodb-boilerplate copied to clipboard

Published 20 hours ago • verified publisher icon the-road-to-graphql

Can not SingUp if previous session is expired

Open animir opened this issue 6 years ago • 3 comments

If token is expired, there is no way to SignUp, as it tries to use current token.

See getMe method in index.js

animir avatar Mar 02 '19 06:03 animir

Thanks for reporting! Do you have a suggestion how to fix it? :)

rwieruch avatar Mar 03 '19 05:03 rwieruch

@rwieruch Hi, I am not GraphQL expert, but I do have an idea. I'd do next check on the backend before getting me object:

      let me = {};
      if (req.body.operationName !== 'signUp' && req.body.operationName !== 'signIn') {
        me = await getMe(req);
      }

And those operations should be named on client:

const SIGN_UP = gql`
  mutation signUp( ...

What do you think?

animir avatar Mar 03 '19 10:03 animir

I think we can fix this issue like this.

const getMe = async req => {
  const token = req.headers['x-token'];

  if (token) {
    try {
      return await jwt.verify(token, process.env.SECRET);
    } catch (e) {
      // throw new AuthenticationError(
      //   'Your session expired. Sign in again.',
      // );
    }
  }
  return null;
};

Why?

* Many projects may have more public API. (as well as `signUp` and `signIn` )

syJSdev avatar May 15 '20 22:05 syJSdev