Apollo setup client headers from NextAuth
Unanswered
Ninhache posted this in #help-forum
![Avatar](https://cdn.discordapp.com/avatars/236834751325929472/93e134e78bacf95c1a4176772ec1b978.webp?size=256)
NinhacheOP
Hi,
I'm trying to use Apollo client to make graphql queries but I'm pretty stuck :
I can't setup the authorization header because i can't have access to my JWT, stored in my session..
I've looked through some solutions.. but no one has sense :
- LocalStorage isnt accessible
- Cookies shouldnt be used like that
Someone have an idea to make this possible ?
I'm trying to use Apollo client to make graphql queries but I'm pretty stuck :
I can't setup the authorization header because i can't have access to my JWT, stored in my session..
I've looked through some solutions.. but no one has sense :
- LocalStorage isnt accessible
- Cookies shouldnt be used like that
Someone have an idea to make this possible ?
24 Replies
![Avatar](https://cdn.discordapp.com/guilds/752553802359505017/users/258390283127881728/avatars/6d84d27ad734d86c3c3d7f004660bded.webp?size=256)
Rafael Almeida
are you trying to make requests from server components? where are you storing the auth session token?
![Avatar](https://cdn.discordapp.com/avatars/236834751325929472/93e134e78bacf95c1a4176772ec1b978.webp?size=256)
NinhacheOP
In the session, and yes that's what i'm trying to do..
may i've to use a route.js?
![Avatar](https://cdn.discordapp.com/avatars/236834751325929472/93e134e78bacf95c1a4176772ec1b978.webp?size=256)
NinhacheOP
anyways, my client is already defined.. i don't know how i'm supposed to update the header..
![Avatar](https://cdn.discordapp.com/avatars/236834751325929472/93e134e78bacf95c1a4176772ec1b978.webp?size=256)
NinhacheOP
Apparently i could change like that :
import { ApolloClient, createHttpLink, InMemoryCache } from '@apollo/client';
import { setContext } from '@apollo/client/link/context';
const httpLink = createHttpLink({ uri: '/graphql' });
const authLink = setContext((_, { headers }) => {
const token = localStorage.getItem('token');
return {
headers: {
...headers,
authorization: token ? `Bearer ${token}` : '',
},
};
});
const client = new ApolloClient({
link: authLink.concat(httpLink),
cache: new InMemoryCache(),
});
// To update the headers later, you can create a new link with updated headers
const newAuthLink = setContext((_, { headers }) => {
const newHeader = 'new header value';
return {
headers: {
...headers,
'new-header': newHeader,
},
};
});
// Then set the new link as the client's link
client.setLink(newAuthLink.concat(httpLink));
but the problem is still the same.. I can't get my jwt :^)
![Avatar](https://cdn.discordapp.com/embed/avatars/3.png)
Ocicat
"Cookies shouldnt be used like that"
what is the resoning about that if the cookies are send as
HttpOnly
?also is the JWT token available in the
headers
?![Avatar](https://cdn.discordapp.com/avatars/236834751325929472/93e134e78bacf95c1a4176772ec1b978.webp?size=256)
NinhacheOP
which headers?
![Avatar](https://cdn.discordapp.com/embed/avatars/3.png)
Ocicat
const authLink = setContext((_, { headers }) => {
There is a headers object passed
![Avatar](https://cdn.discordapp.com/avatars/236834751325929472/93e134e78bacf95c1a4176772ec1b978.webp?size=256)
NinhacheOP
"Apparently".. idk if it would've work
![Avatar](https://cdn.discordapp.com/embed/avatars/3.png)
Ocicat
let me check a few things
![Avatar](https://cdn.discordapp.com/avatars/236834751325929472/93e134e78bacf95c1a4176772ec1b978.webp?size=256)
NinhacheOP
Thanks :/
![Avatar](https://cdn.discordapp.com/embed/avatars/3.png)
Ocicat
actually yes you can store the JWT token in a session/localstorage and retrieve it. Not sure if its the best practice now though.
However you need to retrieve it from the session:
https://next-auth.js.org/configuration/options#session
Have you explored this config? It should be available in the session
https://next-auth.js.org/configuration/options#session
Have you explored this config? It should be available in the session
![Avatar](https://cdn.discordapp.com/avatars/236834751325929472/93e134e78bacf95c1a4176772ec1b978.webp?size=256)
NinhacheOP
I've done this really badly imo
But i'm using session rn
![Avatar](https://cdn.discordapp.com/embed/avatars/3.png)
Ocicat
you can configure the session key and retrieve it
there is also the callbacks that you can use to retrieve the jwt
https://next-auth.js.org/configuration/options#callbacks
https://next-auth.js.org/configuration/options#callbacks
![Avatar](https://cdn.discordapp.com/avatars/236834751325929472/93e134e78bacf95c1a4176772ec1b978.webp?size=256)
NinhacheOP
These callback can be usefull right but i was still a bit lock, but thanks both of you anyways <3
![Avatar](https://cdn.discordapp.com/guilds/752553802359505017/users/258390283127881728/avatars/6d84d27ad734d86c3c3d7f004660bded.webp?size=256)
Rafael Almeida
I mean where is the session stored? you need it in a cookie so you can read it from the server
you can then use
next/headers
to read the cookie and add it to the headers of the request![Avatar](https://cdn.discordapp.com/avatars/236834751325929472/93e134e78bacf95c1a4176772ec1b978.webp?size=256)
NinhacheOP
Mh may i'm wrong then, im gonna loonk after.. launch time rn ![:Kappa:](https://cdn.discordapp.com/emojis/564134491187314709.png)
![:Kappa:](https://cdn.discordapp.com/emojis/564134491187314709.png)