Middleware + Extension + Permissions
Building a plugin with all 3 elements (Middleware, Extension and Permissions).
You can also combine them with a
Router
. For example: to create aUser / Authentication
API.
Plugin Workflow
Middleware (FastAPI / Starlette)
User is
Authenticated
orAnonymous
?Inject the
Authorization Token
to theHeaders
if the is in theCookies
.
Extension (Strawberry)
Convert
Authorization-Token
orNone
to aUser-Object
and inject it toGraphQL
's context.
Permissions (Strawberry)
Get the request's
User
and check theRole
for a list of allowed methods.Then, check if
info.field_name
(which is the name of the current:Query
orMutation
) is in the list of allowed methods.Alternatively, you can use
info.python_name
if you prefer to use the python's original name of the function.