JWT verify token is done

Author: anijitsao

src/helpers/jwtHelpers.js

@@ -18,17 +18,16 @@ const createJWTToken = (payload) => {
 };
 
 const verifyJWTToken = (event) => {
-  const token = extractToken(event);
+  const token = extractJWTToken(event);
   try {
     const decoded = verify(token, process.env.JWT_SECRET);
 
-    // if the token has the correct data it is passed
-    if (decoded.appName === process.env.APP_NAME) {
-      return true;
+    // if the token is tampered
+    if (decoded.appName !== process.env.APP_NAME) {
+      throw Error("Invalid Token");
     }
-    return false;
   } catch (error) {
-    return false;
+    throw Error("Invalid Token");
   }
 };
 

src/resolvers/authorResolver.js

@@ -1,29 +1,34 @@
 // local dependencies
 import {
-    findAuthorsFromDB,
-    addAuthorToDB,
-    deleteAuthorFromDB,
-    updateAuthorToDB,
-  } from "../dbRelated/AuthorsDbOps.js";
-  
-  const resolvers = {
-    Query: {
-      findAuthors: () => {
-        return findAuthorsFromDB();
-      },
+  findAuthorsFromDB,
+  addAuthorToDB,
+  deleteAuthorFromDB,
+  updateAuthorToDB,
+} from "../dbRelated/AuthorsDbOps.js";
+
+import { verifyJWTToken } from "../helpers/jwtHelpers.js";
+
+const resolvers = {
+  Query: {
+    findAuthors: (parent, args, { event }) => {
+      verifyJWTToken(event);
+      return findAuthorsFromDB();
     },
-  
-    Mutation: {
-      addAuthor: (_, args) => {
-        return addAuthorToDB(args);
-      },
-      deleteAuthor: (_, args) => {
-        return deleteAuthorFromDB(args);
-      },
-      updateAuthor: (_, args) => {
-        return updateAuthorToDB(args);
-      },
+  },
+
+  Mutation: {
+    addAuthor: (_, args, { event }) => {
+      verifyJWTToken(event);
+      return addAuthorToDB(args, { event });
     },
-  };
-  export { resolvers };
-  
+    deleteAuthor: (_, args, { event }) => {
+      verifyJWTToken(event);
+      return deleteAuthorFromDB(args);
+    },
+    updateAuthor: (_, args, { event }) => {
+      verifyJWTToken(event);
+      return updateAuthorToDB(args);
+    },
+  },
+};
+export { resolvers };

src/resolvers/bookResolver.js

@@ -5,22 +5,27 @@ import {
   deleteBookFromDB,
   updateBookToDB,
 } from "../dbRelated/booksDbOps.js";
+import { verifyJWTToken } from "../helpers/jwtHelpers.js";
 
 const resolvers = {
   Query: {
-    findBooks: () => {
+    findBooks: (_, args, { event }) => {
+      verifyJWTToken(event);
       return findBooksFromDB();
     },
   },
 
   Mutation: {
-    addBook: (_, args) => {
+    addBook: (_, args, { event }) => {
+      verifyJWTToken(event);
       return addBookToDB(args);
     },
-    deleteBook: (_, args) => {
+    deleteBook: (_, args, { event }) => {
+      verifyJWTToken(event);
       return deleteBookFromDB(args);
     },
-    updateBook: (_, args) => {
+    updateBook: (_, args, { event }) => {
+      verifyJWTToken(event);
       return updateBookToDB(args);
     },
   },

src/resolvers/helloResolver.js

@@ -1,10 +1,16 @@
+import { verifyJWTToken } from "../helpers/jwtHelpers.js";
+
 const resolvers = {
   Query: {
-    hello: () => "Hello World from Hello Resolvers",
+    hello: (_, args, { event }) => {
+      verifyJWTToken(event);
+      return "Hello World from Hello Resolvers";
+    },
   },
   Mutation: {
-    getCount: (parent, arg) => {
-      return arg.count + 1;
+    getCount: (_, args, { event }) => {
+      verifyJWTToken(event);
+      return args.count + 1;
     },
   },
 };

src/services/graphqlService.js

@@ -7,6 +7,9 @@ const server = new ApolloServer({
   resolvers,
   csrfPrevention: true,
   cache: "bounded",
+  context: ({ event }) => {
+    return { event };
+  },
 });
 
 const graphqlHandler = server.createHandler();