Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update useRequireAuth docs to v4 auth #7646

Merged
merged 2 commits into from
Feb 20, 2023
Merged

Update useRequireAuth docs to v4 auth #7646

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
17365a6
Update useRequireAuth docs to v4 auth
Tobbe Feb 15, 2023
93d64ab
Merge branch 'main' into tobbe-docs-userequireauth
jtoar Feb 20, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 8 additions & 11 deletions docs/docs/serverless-functions.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -742,13 +742,16 @@ The `useRequireAuth` wrapper configures your handler's `context` so that you can

- import `useRequireAuth` from `@redwoodjs/graphql-server`
- import your app's custom `getCurrentUser` and the `isAuthenticated` check from `src/lib/auth`
- import your auth provider's `authDecoder`
- implement your serverless function as you would, but do not `export` it (see `myHandler` below).
- pass your implementation and `getCurrentUser` to the `useRequireAuth` wrapper and export its return
- pass your implementation, `getCurrentUser` and `authDecoder` to the `useRequireAuth` wrapper and export its return
- check if the user `isAuthenticated()` and, if not, handle the unauthenticated case by returning a `401` status code (for example)

```tsx
import type { APIGatewayEvent, Context } from 'aws-lambda'

// highlight-next-line
import { authDecoder } from '@redwoodjs/auth-dbauth-api'
// highlight-next-line
import { useRequireAuth } from '@redwoodjs/graphql-server'

Expand All @@ -772,20 +775,21 @@ const myHandler = async (event: APIGatewayEvent, context: Context) => {
data: 'myHandler function',
}),
}
// highlight-start
} else {
// highlight-start
logger.error('Access to myHandler was denied')

return {
statusCode: 401,
}
// highlight-end
}
// highlight-end
}

export const handler = useRequireAuth({
handlerFn: myHandler,
getCurrentUser,
authDecoder,
})
```

Expand All @@ -805,17 +809,10 @@ As there is no login flow when using functions, the `useRequireAuth` check assum

In your request, you must include the following headers:

- the auth provider type that your application is using
- the auth provider type that your application is using, e.g. `dbAuth`
- the Bearer token (JWT access token)
- if using dbAuth, then also the dbAuth Cookie

You can find the auth provider type as the `type` attribute set on the `AuthProvider`:

```jsx
<AuthProvider client={netlifyIdentity} type="netlify">
<AuthProvider client={supabaseClient} type="supabase">
```

For example:

```bash
Expand Down