wp-graphql-jwt-authentication icon indicating copy to clipboard operation
wp-graphql-jwt-authentication copied to clipboard

Published 20 hours ago verified publisher icon wp-graphql

Check if user is logged in

Open popeating opened this issue 2 years ago • 2 comments

Is there an endpoint, that based on jwt (or refresh token) tell me if im logged n?

im actually using the user query with my usename and jwt, but it feel quiete unsecure, i mean i can pass any username registered on the system

i would prefere an endpoint like /me that return the current user/owner of jwt

thank you

popeating avatar Mar 06 '22 14:03 popeating

The endpoint you are looking for is called viewer, which returns information about the currently logged in user, no need to specify any username at all. viewer is null if you are not logged in.

Something as simple as this will do:

query Viewer {
  viewer {
    id
  }
}

...but of course you can get more user information from the same object if you want, such as username, email, avatar or the current auth and refresh tokens.

query Viewer {
  viewer {
    avatar {
      url
    }
    email
    username
    jwtAuthToken
    jwtRefreshToken
  }
}

ojohnny avatar Mar 26 '22 17:03 ojohnny

The endpoint you are looking for is called viewer, which returns information about the currently logged in user, no need to specify any username at all. viewer is null if you are not logged in.

Something as simple as this will do:

query Viewer {
  viewer {
    id
  }
}

...but of course you can get more user information from the same object if you want, such as username, email, avatar or the current auth and refresh tokens.

query Viewer {
  viewer {
    avatar {
      url
    }
    email
    username
    jwtAuthToken
    jwtRefreshToken
  }
}

I tried querying the viewer endpoint to get jwtRefreshToken but getting Cannot query field \"jwtRefreshToken\" on type \"User\". error

Khadreal avatar May 31 '22 09:05 Khadreal