My recommendation for login/logout is that the Login mutation returns a Session object. That Session object includes an access token that the consuming app may use to make further requests.
I apologize that this isn't in node; but most of my API work is done using Rails for the backend since it has such rich tooling for database schema management and providing vectors for customer success teams / clients to administer the data. That's not to say you should totally use Rails for whatever you're doing; as it looks like Yoga/Apollo-Server are some damn-fine piees of software. I'm just not as familiar with them and don't have any open source code I can point to for how to do registration and authentication in them just yet.
Zee
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Hey RJ!
My recommendation for login/logout is that the Login mutation returns a Session object. That Session object includes an access token that the consuming app may use to make further requests.
I've created an authenticate mutation and a register mutation in Rails.
Each of them return a UserSession payload object.
On each GraphQL request, I query the database to find a user with the access token provided via the HTTP Headers; and add it to the
contextso that the GraphQL Resolvers may use it later.From there, each resolver can make decisions about how they should behave
I apologize that this isn't in node; but most of my API work is done using Rails for the backend since it has such rich tooling for database schema management and providing vectors for customer success teams / clients to administer the data. That's not to say you should totally use Rails for whatever you're doing; as it looks like Yoga/Apollo-Server are some damn-fine piees of software. I'm just not as familiar with them and don't have any open source code I can point to for how to do registration and authentication in them just yet.
Zee