This is a sample auth webhook for authenticating requests to the Hasura GraphQL engine.

• PostgreSQL
• Node.js 8.9+

The easiest way to get started is to clone the repository:

# Get the latest snapshot
git clone [email protected]:hasura/graphql-engine.git myproject

# Change directory
cd myproject/community/boilerplates/auth-webhooks/passport-js-auth-webhook

# Install NPM dependencies
npm install

# Set DATABASE_URL env
export DATABASE_URL=postgres://<username>:<password>@<host>:<port>/<database_name>

# Apply migrations
knex migrate:latest

# Then simply start your app
npm start

1. Follow the below steps to deploy with heroku:

   # Create heroku app
   heroku create <app-name>
   
   # Create PostgreSQL addon
   heroku addons:create heroku-postgresql:hobby-dev -a <app-name>
   
   # Push changes to heroku
   git push heroku master
   
   # Run Apply migrations
   heroku run knex migrate:latest

2. Once it is deployed, we can create an user using /signup API like below:

   curl --header "Content-Type: application/json" \
    --request POST \
    --data '{"username": "test123", "password": "test123", "confirmPassword": "test123"}' \
    http://localhost:8080/signup

3. On signup, we get below response:

  {
    "id": 1,
    "username": "[email protected]",
    "token": "4ffd5ee92853787836325dcea74c02e4"
  }

4. Also, we can use /login API to fetch the user token,

   curl --header "Content-Type: application/json" \
    --request POST \
    --data '{"username": "test123", "password": "test123"}' \
    http://localhost:8080/login

5. Webhook is available at /webhook API which accepts Authorization header to validate the token against an user.

Once you have deployed this webhook, you can use it along with the GraphQL engine. You have to set the webhook URL as an environment variable in the docker container that runs the GraphQL engine.

Read the docs.

Send the token as a header while making queries to the graphql-engine

{
  "Authorization": "Bearer <token>"
}