Investigating using a JWT for Hasura authentication

[dysbulic]

What would you like to be added?

Hasura has two modes for authenticating connections. Either it can connect to the backend on each connection and get permission, or the server can generate a JSON Web Token representing the user's role which is reused for each connection without any server interaction.

We are currently authenticating each connection, but the JWT would both be more performant and reliable.

Why is this needed?

I'm frequently (~20% of the time) getting the following error:

The process of an endpoint that is only generating a token would be a simpler interaction that is easier to debug and removed the need for repeated requests.

Additionally, adding another network request for every query can't be helping performance.

[alalonde]

I'm frequently (~20% of the time) getting the following error

This is almost always due to the backend not actually running.

Additionally, adding another network request for every query can't be helping performance.

This is only a network request from hasura to the backend, not from browser -> backend.

That all said, I have another project where we set up Hasura to use JWTs and it was fairly straightforward. Were I to do this, I would also upgrade Hasura to the latest version.

[Seroxdesign]

Closing this, reopen if still relevant @dysbulic @alalonde

[dysbulic]

I think this is worth looking into. It would remove a network call needed for every Hasura interaction & network calls ain't cheap.

Especially since @alalonde said it's not all that hard to implement.