| .. | ||
| assets | ||
| auth0 | ||
| firebase | ||
| .gitignore | ||
| app.json | ||
| package-lock.json | ||
| package.json | ||
| Procfile | ||
| README.md | ||
| server.js | ||
Sample Auth Webhook for Hasura GraphQL engine
This is a sample auth webhook for authenticating requests to the Hasura GraphQL engine.
It has boilerplate code written for auth0 and firebase auth. There is also a generic sample handler in server.js where you can handle your custom auth providers.
Quick deploy
Deploy using Now
Run the following commands to deploy using Now.
git clone https://github.com/hasura/graphql-engine
cd graphql-engine/community/boilerplates/auth-webhooks/nodejs-express
npm install -g now
now -e \
AUTH_ZERO_DOMAIN='test.auth0.com' -e \
FIREBASE_CONFIG='{
"type": "service_account",
"project_id": "testapp-2222",
"private_key_id": "f02aca08952f702de43ed577b428f405efe2d377",
"private_key": "-----BEGIN PRIVATE KEY-----\n<your-private-key>\n-----END PRIVATE KEY-----\n",
"client_email": "firebase-adminsdk-t4sik@testapp-24a60.iam.gserviceaccount.com",
"client_id": "113608616484852272199",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-t4sik%40testapp-22222.iam.gserviceaccount.com"
}'
If you are not using an auth provider, you need not enter the environment variable associated with it. For example, if you are not using firebase, the command last command you should run is,
$ now -e \
AUTH_ZERO_DOMAIN='test.auth0.com'
Deploy with Glitch
-
Click the following button to edit on glitch
-
Add the following environment variables in the
.envfile on glitch.AUTH_ZERO_DOMAIN='test.auth0.com' FIREBASE_CONFIG='{ "type": "service_account", "project_id": "testapp-2222", "private_key_id": "f02aca08952f702de43ed577b428f405efe2d377", "private_key": "-----BEGIN PRIVATE KEY-----\n<your-private-key>\n-----END PRIVATE KEY-----\n", "client_email": "firebase-adminsdk-t4sik@testapp-24a60.iam.gserviceaccount.com", "client_id": "113608616484852272199", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "token_uri": "https://accounts.google.com/o/oauth2/token", "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-t4sik%40testapp-22222.iam.gserviceaccount.com" }'If you are not using an auth provider, you need not enter the environment variable associated with it. For example, if you are not using firebase, the command last command you should run is,
AUTH_ZERO_DOMAIN='test.auth0.com'
Usage with Hasura GraphQL engine
Once you have deployed this webhook, you can use it along with the GraphQL engine. You have to set the webhook URL as an environment variable in the docker container that runs the GraphQL engine.
Auth0
Send the auth0 access_token as a header while making queries to the graphql-engine.
{
"Authorization": "Bearer <access_token>"
}
Firebase
Send the firebase id_token as a header while making queries to the graphql-engine.
{
"Authorization": "Bearer <id_token>"
}