Still looking for a good way of handling auth tokens with GraphQL and Go. Parsing it in a middleware and then attaching it to context seems smelly.
-
-
Aha. And only throw an error if it's an invalid token? And skip validity checks if the token is blank?
-
yep! I resolve the token to a more complete user object with some permission fields and check against those
-
I see, I see, I see. I like this approach a lot, actually. You may be onto something.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
