zeus
Reputation: 254
Strapi: GraphQL ctx.state.user undefined inside policies
I tried setting up GraphQL with strapi and policies to limit user access. Normal API call gives us user info in ctx.state.user, but while using GraphQL this object is undefined inside api policies. Although I am able to access ctx.state.user inside api controller.
'use strict';
/**
* `hasViewPermissions` policy.
*/
module.exports = async (ctx, next) => {
console.log(ctx.state.user);// Undefined
await next();
};
schema.graphql for api
module.exports = {
resolver: {
Query: {
posts: {
description: 'Return a list of posts',
policy: [
'hasViewPermissions',
],
resolver: 'Posts.find'
},
}
},
};
Node Version: v11.6.0
Strapi: 3.0.0-alpha.24.1
Thanks
Upvotes: 0
Views: 859
Answers (2)
andres martinez
Reputation: 1439
try in your controller or revolver:
if (!ctx.state && ctx.request && ctx.request.header && ctx.request.header.authorization) {
const { id } = await strapi.plugins["users-permissions"].services.jwt.getToken(ctx);
ctx.state.user = await strapi.plugins['users-permissions'].services.user.fetchAuthenticatedUser(id);
}
check that ctx is {context}
look: Strapi: GraphQL ctx.state is undefined
Upvotes: 1
Yen Sheng
Reputation: 725
Try adding 'plugins.users-permissions.permissions' for the policies.
module.exports = {
resolver: {
Query: {
posts: {
description: 'Return a list of posts',
policies: [
'plugins.users-permissions.permissions', <---
'hasViewPermissions',
],
resolver: 'Posts.find'
},
}
},
};
Upvotes: 0
Related Questions
- How to make authorized "post" request strapi graphql apollo nextjs
- Bootstraping Strapi Role Permissions
- strapi.JS GRAPHQL ERROR "Expected value of type \"StringFilterInput\", found \”anna\”.”,
- Strapi: GraphQL ctx.state is undefined
- Bootstraping new Strapi Role Permissions
- GraphQl query issue
- How to query a Strapi backend using GraphQL as an authenticated user?
- Strapi / Graphql. What am i doing wrong?
- GraphQL and Strapi Session
- Strapi - How to custom graphql with Strapi