How to implement custom authorization decorators #1000
-
|
The @authorization implementation in type-graphql assumes role-based authorization. That has come in very handy (thank you!), but I also have some more complex authorization policies that I'd also like to describe declaratively. I was thinking of something like:
OR
I'm not sure how I would go about implementing either of these without hacking type-graphql itself to, for example, add additional authChecker-like functions . It seems like I'd have to specify a map of authChecker functions where each function was related to the specific custom authorization annotation. Thanks in advance for your advice. |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 1 reply
-
|
Of course, a few minutes after posting this I came up with one possible implementation. Since @Authorized is generic, I could define a complex role type that would suffice for a number of different authorization polices. In my authChecker I could then do type checking or duck-type-checking (presence of one or more properties) to determine which policy code to delegate to. Sound right? Or is there a better way? |
Beta Was this translation helpful? Give feedback.
-
|
@blevine You can use the The alternative solution would be to use custom method decorators and middlewares to pass functions as arguments into a generic function which will throw error or call |
Beta Was this translation helpful? Give feedback.
-
|
Thanks! |
Beta Was this translation helpful? Give feedback.
@blevine You can use the
authCheckersolution with passing functions as arguments to@Authorized().The alternative solution would be to use custom method decorators and middlewares to pass functions as arguments into a generic function which will throw error or call
next():https://typegraphql.com/docs/custom-decorators.html#method-decorators