Securing GraphQL
Use the @secureGraphQL
decorator to protect access to your GraphQL integrations.
This decorator enables you to easily control access to your GraphQL endpoints, ensuring that only authorized users can access your data and resources.
When you use the @secureGraphQL
decorator, the decorated function accepts a parameter of type GraphqlContext
. This
provides the full context of the GraphQL query, including the actual query, variables, operation name, and more.
Backend code
import {
secureGraphQL,
SquidService,
GraphqlContext,
} from '@squidcloud/backend';
export class ExampleService extends SquidService {
@secureGraphQL('usersGraphQl')
secureUsersGraphQl(context: GraphqlContext): boolean {
// TODO - Implement your security logic here
}
}