Hey fellow devs!! Im working on setting up Authentication in the GRANDstack starter and I just stumbled upon this blog Post. It's from over a year ago I'm pretty sure its outdated. However, I'm using the blog and these graphql-auth-directive docs to set it up but I need a little assistance to wrap my head around whats going on with the "Roles". The example in the blog uses Auth0, here is the repo for the example from the blog. I'm going to use the Auth0-spa package in mine and I hope it works out. the big question I have is about setting up the
AUTH_DIRECTIVES_ROLE_KEY. Here is a snippet of the docs from graphql-auth-directives:
Configuration is done via environment variables.
(required) You must set the
(optional) By default
@hasRolewill validate the
Roleclaim (whichever is found first). You can override this by setting
AUTH_DIRECTIVES_ROLE_KEYenvironment variable. For example, if your role claim is stored in the JWT like this
"https://grandstack.io/roles": [ "admin" ]
Where does this "roles" claim route come from?? How do I set up the url? Do i just add roles to my apps url?? Since I'm still in local development would it just be:
I'm probably overthinking it but this part is really confusing me. i really don't get where this "/roles" route is coming from. I can see in the example repo's .env how they set up the env vars but I still don't understand where that is coming from. Here is my repo. Any help or tips would be greatly appreciated.