Authentication function

Question

Authentication function

JFGHT opened this issue 6 years ago · comments

I'm having this issue at executing the auth. Any idea what could it be wrong?

This is working:

jwt {
  role
  userId
}

Btw: how to de-authenticate?

Toby Murray · Answer 1 · Mon May 28 2018 11:47:51 GMT+0800 (China Standard Time)

Any idea what could it be wrong?

I just gave it a try following the readme and it seemed to work for me. What version of everything are you using? What OS? I just noticed that this is still using the postgraphql dependency, so I'll have to update it.

Btw: how to de-authenticate?

By that I assume you mean revoke the authorization associated with a JWT? Generally, you don't "de-authenticate" with JWTs, you just wait for them to expire. One of the driving use cases for JWTs is statelessness, and to invalidate a JWT you'd have to store that it was no longer valid (store state). That said, it's not uncommon to have a blacklist of JWTs because actual statelessness is hard... here's a StackOverflow answer that discusses it.

JFGHT · Answer 2 · Mon May 28 2018 15:58:46 GMT+0800 (China Standard Time)

Thanks for the fast answer.

1.- Versions:

"postgraphile": "^4.0.0-beta.9".
"express": "^4.16.3".
psql (PostgreSQL) 9.5.12.
Linux Mint (Ubuntu based).

2.- I answer myself: just removing the token from the client should help.