Replies: 2 comments 2 replies
-
|
depends on your architecture, but with this function you might be able to detect an introspection query and then you can add it to any middleware layer on your backend which checks you auth token or whatever... import { parse, print, getIntrospectionQuery } from 'graphql';
const introspectionQuery = print(parse(getIntrospectionQuery()));
const isIntrospectionQuery = (context: Context) => context.request.body?.query === introspectionQuery; |
Beta Was this translation helpful? Give feedback.
-
|
I like the thinking here; I'd prefer more to have something built into thanks |
Beta Was this translation helpful? Give feedback.
-
Beta Was this translation helpful? Give feedback.
-
|
I have the same issue, @mfulton26 have you found a solution? Everyone suggests some workarounds on this issue, is there a proper solution? |
Beta Was this translation helpful? Give feedback.
-
Is there a way to enable introspection but only honor such requests if the authenticated user has a certain role (i.e. is authorized)?
Beta Was this translation helpful? Give feedback.
All reactions