AuthenticationStrategy
AuthenticationStrategy
An AuthenticationStrategy defines how a User (which can be a Customer in the Shop API or and Administrator in the Admin API) may be authenticated.
Real-world examples can be found in the Authentication guide.
Signature
interface AuthenticationStrategy<Data = unknown> extends InjectableStrategy {
readonly name: string;
defineInputType(): DocumentNode;
authenticate(ctx: RequestContext, data: Data): Promise<User | false | string>;
onLogOut?(ctx: RequestContext, user: User): Promise<void>;
}
Extends
Members
name
string
'facebook'
, 'google'
, 'keycloak'
.
defineInputType
() => DocumentNode
Defines the type of the GraphQL Input object expected by the authenticate
mutation. The final input object will be a map, with the key being the name
of the strategy. The shape of the input object should match the generic Data
type argument.
Example
For example, given the following:
defineInputType() {
return gql`
input MyAuthInput {
token: String!
}
`;
}
assuming the strategy name is “my_auth”, then the resulting call to authenticate
would look like:
authenticate(input: {
my_auth: {
token: "foo"
}
}) {
# ...
}
Note: if more than one graphql input
type is being defined (as in a nested input type), then
the first input will be assumed to be the top-level input.
authenticate
(ctx: RequestContext, data: Data) => Promise<User | false | string>
false | string
on failure.
A string
return could be used to describe what error happened, otherwise false
to an unknown error.
onLogOut
(ctx: RequestContext, user: User) => Promise<void>