Function AxGuardPlugin

  • AxGuard plugin is created by combining three plugins - QueryMutationGuardPlugin, SubscriptionGuardPlugin and PermissionDefinitionExporterPlugin.

    This plugin handles authorization for GraphQL resources exposed by the APIs. For Queries and Mutations an error is thrown if the authorization fails.

    In addition, the PermissionDefinitionExporterPlugin exports the permission definition for the respective service to a file as given by the permissionDefinitionExportPath parameter.

    For subscriptions, if the JWT token expires while subscription events are emitted, the websocket connection is closed with 4403 code, allowing the client to automatically re-establish the connection. For authorization errors, the websocket is closed with 4401 code.

    !!!!!!!!!! IMPORTANT !!!!!!!!!!

    When using this plugin with subscriptions, it's mandatory to send the reference to the websocket through Extended GraphQL Context with the key name websocket. getWebsocketFromRequest from @axinom/mosaic-service-common can be used to extract the websocket from request.

    Parameters

    • Optional config: ValueObject<{
          environment: (() => "test" | "development" | "production");
          fullDevLogs: (() => boolean);
          healthEndpointPort: (() => number);
          isDev: (() => boolean);
          isProd: (() => boolean);
          logLevel: (() => "" | "ERROR" | "FATAL" | "WARN" | "INFO" | "DEBUG" | "TRACE");
          logMaskKeywords: (() => string[]);
          logMaskMaxDepth: (() => number);
          secureLoggingMode: (() => MaskMode);
          serviceId: (() => string);
          useEphemeralPortsDuringDev: (() => boolean);
      }>
    • Optional permissionDefinitionExportPath: string

    Returns Plugin

Settings

Member Visibility

Theme

Generated using TypeDoc