How to use the apollo-server.ForbiddenError function in apollo-server
To help you get started, we’ve selected a few apollo-server examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
OriginProtocol / origin / infra / growth / src / apollo / resolvers.js View on Github 
async enroll(_, args, context) {
let ip, eligibility, countryCode
if (process.env.NODE_ENV !== 'production') {
ip = '192.168.1.1'
eligibility = 'Eligible'
countryCode = 'NA'
} else {
ip = context.req.headers['x-real-ip']
const locationInfo = await getLocationEligibilityInfo(ip)
eligibility = locationInfo.eligibility
countryCode = locationInfo.countryCode
}
if (eligibility === 'Forbidden') {
logger.warn('Enrollment declined for user in country ', countryCode)
throw new ForbiddenError('Forbidden country')
}
try {
const authToken = await authenticateEnrollment(
context.walletAddress,
args.agreementMessage,
args.fingerprintData,
ip,
countryCode
)
/* Make referral connection after we are sure user provided the correct accountId
*
* Important to keep in mind: We realise making a referral connection inside enroll mutation
* has a downside where a referrer gets the reward only when the referee also enrolls into
* the growth campaign.async function isUserAuth(userId, ctx) {
const authUser = await getAuthenticatedUser(ctx);
if (authUser.id !== userId) {
throw new ForbiddenError('Unauthorized');
}
return authUser;
}(parent, args, { me: { role } }) =>
role === 'ADMIN'
? skip
: new ForbiddenError('Not authorized as admin.'),
);return getAuthenticatedUser(ctx).then((currentUser) => {
if (currentUser.id !== user.id) {
throw new ForbiddenError('Unauthorized');
}
return user.getGroups();
});
},async (parent, { id }, { models }) => {
const users = await models.User.find({
where: { roleId: id }
});
return !users
? skip :
new ForbiddenError('Unable to delete role. Associations found in User table.')
};(parent, args, { me: { role } }) => {
return role.name === 'ADMIN'
? skip :
new ForbiddenError('Not authorized as admin.')
}
);export const isMessageOwnerOrAdmin = async (
parent,
{ id },
{ models, me },
) => {
const message = await models.Message.findById(id, { raw: true });
if (me.role.name === 'ADMIN') {
return skip;
} else if (message.userId !== me.id) {
throw new ForbiddenError('Not authenticated as owner.');
}
return skip;
};export const isAuthenticated = (parent, args, { me }) =>
me ? skip : new ForbiddenError('Not authenticated as user.');export async function getAuthUser(connection: any, token: any) {
let userId
try {
userId = jwt.verify(token, getAppKey()).userId
} catch (err) {
throw new ForbiddenError('You are not authorized.')
}
const user = await connection('users').where('id', userId).first()
if (!user) throw new AuthenticationError('Encrypted user does not exist.')
return user
}
Popular apollo-server functions
- apollo-server.ApolloError
- apollo-server.apolloExpress
- apollo-server.ApolloServer
- apollo-server.apolloServer
- apollo-server.AuthenticationError
- apollo-server.buildSchemaFromTypeDefinitions
- apollo-server.ForbiddenError
- apollo-server.gql
- apollo-server.graphiqlExpress
- apollo-server.introspectSchema
- apollo-server.makeExecutableSchema
- apollo-server.makeRemoteExecutableSchema
- apollo-server.mergeSchemas
- apollo-server.MockList
- apollo-server.PubSub
- apollo-server.UserInputError
- apollo-server.ValidationError
- apollo-server.withFilter