Hi,
I’m trying to attach a custom cookie to my gql response (doesn’t matter if it’s a query or a mutation call). But I struggle to see how should I do it.
I know how to modify the api/src/function/graphql.ts to read the request context headers.
However, I do not see how to add some http cookie to the response of gql query or mutation call.
Could anyone please point me some direction?
Thank you.
Hi @Hexsense could I ask your use case?
The best way to set a cookie would be to write your own envelop Plug-in and add in the the GraphQL handler.
This post is a bit old, but the ideas are the same:
My use case is to provide auxiliary pbac rules to an existing system.
The pbac rules are queried in gql functions.
But to deliver such info securely, I have part of the validating process that utilize jwt token and cookies.
I looked at your linked solution. But I do not understand the 2nd part of code snippet “Then, in your resolvers” part.
Here is how my api/src/functions/graphql.ts looks like so far. This inject more results into gql answer body. But not in the header yet. I’m still looking into how to set the res header using the plugin.
...
import {contextPlugin} from 'src/lib/contextPlugin'
export const handler = createGraphQLHandler({
context: setUserContextFromToken, // <- ignore this function, it's where I collect request cookie into context.
loggerConfig: { logger, options: {} },
directives,
sdls,
services,
extraPlugins: [
contextPlugin, // <- this is the attempt to inject cookie into response.
],
cors: {
origin: '*',
credentials: true,
},
onException: () => {
db.$disconnect()
}
})
And here is my api/src/lib/contextPlugin.
import type { Plugin } from '@envelop/core'
export const contextPlugin :Plugin =
{
onContextBuilding({ extendContext }) {
extendContext({
responseHeaders: new Set()
});
},
onExecute(args ) {
return {
onExecuteDone({ result, setResult }) {
setResult({...result, extensions: { ...(result.extensions || {}) }, headers: {"x-custom7": "A String7"}, res:{"x-custom8": "A String8"} });
}
}
}
}
I mocked up a quick example:
import type { Plugin } from '@envelop/core'
const useResponseHeaders: Plugin = {
onExecute({ args }) {
console.log('Execution started!', { args })
return {
onExecuteDone({ result, setResult }) {
console.log('Execution done!', { result })
setResult({
extensions: { ...(result.extensions || {}) },
headers: args.contextValue.responseHeaders,
})
},
}
},
}
const setResponseHeaders = ({ event, context }) => {
context.responseHeaders = { 'Set-Cookie': 'sessionId=38afes7a8' }
return context
}
export const handler = createGraphQLHandler({
loggerConfig: { logger, options: {} },
context: setResponseHeaders,
directives,
sdls,
services,
extraPlugins: [useResponseHeaders],
onException: () => {
// Disconnect from your database with an unhandled exception.
db.$disconnect()
},
})
But doesn’t add in headers, just adds in the response result.
I’d suggest perhaps asking in the envelop GitHub about how to write a plugin to set cookies in headers in the response.
Thank you so much.
I’ll ask envelop on their Github and will provide solution here, if I can get it done.