Hey, I want to forbid calling of some resolvers if an user is not authenticated.
My server setup looks smth like this:
new ApolloServer({
typeDefs: [schemas, queries],
resolvers,
context: async ({ event }) => {
let isAuthenticated = false;
const authHeader = event.multiValueHeaders.authorization || '';
if (authHeader) {
const token = authHeader[0].split(' ')[1];
const payload = await verifyToken(token);
isAuthenticated = !!payload;
}
return { isAuthenticated };
},
formatError: (error): GraphQLFormattedError => {
return error.message.startsWith('Context creation failed')
? new AuthenticationError(`User is not authenticated: ${error.message}`)
: error;
},
});
And I can throw an error in a resolver like this:
export const abrResolver = {
Query: {
getCurrentAbr: (
_parent,
_args,
{ isAuthenticated },
): Promise<Abr | undefined> => {
if (!isAuthenticated) {
throw new AuthenticationError('User is not authenticated');
}
return AbrSevice.getCurrentAbr();
},
},
};
What can be done to prevent copying the same ‘if’ check, but not for every resolver?