Hi, Iβm following the Cookbook for Role-based Access Control (RBAC) and came across the following codes:
export const requireAuth = ({ roles } = {}) => {
if (!context.currentUser) {
throw new AuthenticationError("You don't have permission to do that.")
}
I have difficulty in understanding where does the context comes from, appreciate any help.
3nvy
2
Context is set as a global variable, so you can access it throughout the API code as you please
1 Like
HI @andrewlamyw - as @3nvy noted, you can see its implementation here:
https://github.com/redwoodjs/redwood/blob/main/packages/api/src/globalContext.ts
And the reason currentUser
is available is because this handler sets it (line 44).
and itβs use the the GraphQLHandler:
https://github.com/redwoodjs/redwood/blob/main/packages/api/src/functions/graphql.ts#L4
in createContextHandler
:
https://github.com/redwoodjs/redwood/blob/main/packages/api/src/functions/graphql.ts#L34
and the reason currentUser
is available is because it is set on this context at line 44.
1 Like