🎁

12 Days of Baddass Courses sale! Get instant access to the entire egghead library of courses and lessons for 58% off.

Runs out in:
15 : 05 : 51 : 36
Join egghead, unlock knowledge.

Want more egghead? It's 58% off for a limited time only!

This lesson is for members. Join us? Get access to all 3,000+ tutorials + a community with expert developers around the world.

Unlock All Content for 40% Off
1×
Become a member
to unlock all features
Autoplay

    Authenticate a User with a GraphQL Mutation

    Eve PorcelloEve Porcello
    graphqlGraphQL

    Mutations give you the ability to invoke backend functions from the client. In this lesson, we will use a mutation to authenticate a user with their username and password. Authorized users will receive a token that can be used to identify the current user in future operations.

    To follow along with these queries, go to the Pet Library GraphQL Playground.

    Code

    Code

    Become a Member to view code

    You must be a Member to view code

    Access all courses and lessons, track your progress, gain confidence and expertise.

    Become a Member
    and unlock code for this lesson
    Discuss

    Discuss

    Transcript

    Transcript

    Instructor: Now that we have an account, we can log in. Let's look at our mutation's list. We should see that there is a logIn mutation. I'm going to go ahead and write that here in our query document. We'll use logIn with the capital I. We'll use our username, our password.

    What's returned from the logIn mutation is a type called the logIn payload. This is a custom object that returns both the customer, all the of the customer details, and the user token. We're going to use the user token to validate that the user is authorized.

    When we send the logIn mutation, we're going to have access to all of the customer details. Grab their name. We're going to grab the token.

    Let's go ahead and hit play. We see our customer name, which is my name that I provided when I created my account. I also see my token. We're going to place this in another panel here at the bottom called HTTP headers.

    Now, this is easy to get mixed up with query variables. We'll make sure that we're in the HTTP header section and we'll add the authorization key. We'll add Baer. We'll paste in this token.

    Once I provide this token in the HTTP headers, I'm going to be able to send queries that are only for authorized uses. Now the query I am going to send here is called "Me". Me is going to give me information about myself, the currently authenticated user.

    The Me query returns customer details for anyone who's logged in. Here I'll query the name field. I'm going to add an operation name, because I have two different operations here in my query document. I'll call query Me, and I'll call the mutation logIn.

    Now, I can send this query and I should see all of the details for myself, because I am a logged in user. Since I'm logged in, I'll be able to check in and check out pets.