Hi everyone.
I'm currently developping a graphql server for a neo4j database that will be using a few custom resolvers.
Basically, all but very few of the operations on the server will require user to be authenticated (including reading any content). Of course the very few exceptions will be login and signup.
Is there a solution to set globalAuthentication: true in Neo4jGraphQLAuthJWTPlugin while also be able to define some exceptions to it ? As the doc says, it is not possible to pass an @auth directive to a custom resolver.
const neo4jgraphql = new Neo4jGraphQL (
{
typeDefs,
resolvers,
driver: neo4jdriver,
plugins:
{
subscriptions: new Neo4jGraphQLSubscriptionsSingleInstancePlugin(),
auth: new Neo4jGraphQLAuthJWTPlugin(
{
secret: process.env.JWT_SESSION_KEY,
globalAuthentication: true,
}),
},
})
This would spare me from having to (and forget to !!!) define "allowUnauthenticated: false" in every @auth clause.
Reading the "auth and custom resolvers" page made me think I just had to verify the JWT's content if a user has to be authenticated to access a custom resolvers, but if globalAuthentication is set to true, this assertion is obviously false.
Thanks for your help.
