📌  相关文章
📜  hasura jwt config (1)

📅  最后修改于: 2023-12-03 15:31:06.729000             🧑  作者: Mango

Hasura JWT Config

If you're building an application that requires authentication and authorization, Hasura should be on top of your list. Hasura is a fully managed GraphQL API platform that provides instant, customizable APIs and backend services for your applications.

Hasura provides a way to authenticate your users using JSON Web Tokens (JWTs). To configure JWT authentication, you need to provide a few pieces of information to Hasura:

  • A JWT secret
  • A JWT audience
  • A JWT issuer

Let's take a look at each of these in detail.

JWT Secret

The JWT secret is simply a long, randomly generated string that is used to sign the JWTs that Hasura generates. This secret should be kept secret and not shared with anyone.

You can generate a random JWT secret using the following command:

$ openssl rand -base64 64

Once you have generated the secret, you can set it as an environment variable in your Hasura container:

version: '3.6'
services:
  graphql-engine:
    image: hasura/graphql-engine:v2.0.7
    environment:
      HASURA_GRAPHQL_DATABASE_URL: postgres://postgres:@db/postgres
      HASURA_GRAPHQL_ENABLE_CONSOLE: "true"
      HASURA_GRAPHQL_JWT_SECRET: '{"type": "HS256", "key": "super_secret_jwt_key"}'
      HASURA_GRAPHQL_UNAUTHORIZED_ROLE: anonymous
    depends_on:
      - db
    ports:
      - "8080:8080"
JWT Audience

The JWT audience is a string that identifies the recipients that the JWT is intended for. This could be your application, a specific user, or a group of users.

The audience should be set to the URL of your Hasura GraphQL API. For example, if your Hasura GraphQL API is hosted at https://myapp.hasura.app, the audience should be set to https://myapp.hasura.app.

JWT Issuer

The JWT issuer is a string that identifies the entity that issued the JWT. This could be your application, a third-party service, or some other entity.

The issuer should be set to your Hasura GraphQL API's URL as well. For example, if your Hasura GraphQL API is hosted at https://myapp.hasura.app, the issuer should also be set to https://myapp.hasura.app.

Conclusion

In this tutorial, we learned how to configure JWT authentication for Hasura. We covered the three pieces of information that are required to configure JWT authentication: the JWT secret, the JWT audience, and the JWT issuer.

By following these steps, you should now have a basic understanding of how to use JWT authentication with Hasura. Happy coding!