Authentication in GraphQL Playground

When the Hedwig webapp makes a request to the server, it sends along a web token in the request header, authenticating the currently logged in user (this is generated when you login with netID, and saved in local storage on a per-domain basis). Not all requests require you to be logged in, but some (i.e. asking for the info of the currently logged in user) do.

When using the GraphQL Playground (probably on localhost:3000/graphql), I can request for the netID of the currently logged in user like this:

query {
  userOne {
    netID
  }
}

I haven't done anything special to authenticate myself, so I'll get this response:

{
  "errors": [
    {
      "message": "You need to be logged in.",
      "locations": [
        {
          "line": 2,
          "column": 3
        }
      ],
      "path": [
        "userOne"
      ],
      "extensions": {
        "code": "INTERNAL_SERVER_ERROR",
   ...
}

To fix this, we'll first need to grab a valid token. The easiest (probably only) way to do this is to run the frontend, login with netID, and then grab the session token from local storage:

1. Make sure both the server and frontend client are running locally (we'll assume they're on ports 3000 and 3001, respectively).
2. Login with netID on the client ("Enter" on the homepage).
3. Open devtools in your browser (ctrl+shift+i in Chrome) and navigate to Application > Local Storage.
4. Copy the value of the entry whose key is token.
5. In GraphQL Playground, paste the following under HTTP Headers:

{
  "Authorization": "Bearer TOKEN"
}

where TOKEN is replaced with the token you just copied. 6. Running the same query, I now get a response:

{
  "data": {
    "userOne": {
      "netid": "abc3"
    }
  }
}