I am deploying my graphql API using AWS lambda. However Api authorization is not working.
I have used neo4j-graphql library and @auth from neo4j-graphql library. In dev setup authorization is working properly however after deployment to aws lambda the Forbidden error is coming for all authentication api
Here is my graphql schema
type NFDAdmin @exclude(operations: [CREATE, UPDATE]){
user_id: ID! @unique
user_name: String!
email: String!
phone: String!
otp: String
role: String! @default(value: "master")
password: String! @private
}
extend type NFDAdmin @auth(rules: [
{operations: [DELETE], roles: ["master"]}
{ operations: [READ], allow: { user_id: "$jwt.sub"}, roles: ["master"]}
])
type RuleSet {
contract_address: String! @unique(constraintName: "ROLE_KEY")
token_start: String! @unique(constraintName: "ROLE_KEY")
token_end: String! @unique(constraintName: "ROLE_KEY")
blockchain: String! @unique(constraintName: "ROLE_KEY")
subdomain: String!
appAccess: [String!]!
type: String!
children: [VM!]! @relationship(type: "HAS", direction: OUT)
}
type VM {
contract_address: String! @unique(constraintName: "VM_KEY")
token_id: String! @unique(constraintName: "VM_KEY")
blockchain: String! @unique(constraintName: "VM_KEY")
subdomain_name: String!
alias_name: String!
active: Boolean!
parent: RuleSet! @relationship(type: "HAS", direction: IN)
}
extend type RuleSet @auth(rules:[
{operations: [READ,CREATE,UPDATE,DELETE], roles: ["master"]}
])
extend type VM @auth(rules:[
{operations: [READ,CREATE,UPDATE,DELETE], roles: ["master"]}
])
type Mutation{
nfdAdminSignIn(user_id: String!, password: String!, otp: String): String! ### JWT
addNfdAdmin(user_id: String!, user_name: String!, email: String!, phone: String!,
password: String!): String!
}
I have followed the apollo graphql docs for deploying :Deploying with AWS Lambda - Apollo GraphQL Docs
here is my graphql.js code
const neoSchema = new Neo4jGraphQL({
typeDefs,
resolvers: {
Mutation: {
nfdAdminSignIn,
addNfdAdmin
}
},
plugins: {
auth: new Neo4jGraphQLAuthJWTPlugin({
secret: jwt_secret
})
},
driver });
let schema
await neoSchema.getSchema().then(async(value) => {
schema = value
});
const app = express();
const httpServer = http.createServer(app);
const server = new ApolloServer({
schema,
csrfPrevention: true,
cors: {
origin: '*'
},
cache: 'bounded',
context: ({ event, context, express }) => ({
headers: event.headers,
functionName: context.functionName,
event,
context,
expressRequest: express.req,
}),
plugins: [
ApolloServerPluginDrainHttpServer({ httpServer })
],
introspection: true,
playground: true,
});
export const graphqlHandler = server.createHandler();