Learn how to handle authentication and authorization of a GraphQL server using Node.js and JWTs.
Let us know if you have any questions in the comments below!
Thanks for this very interesting tutorial. I add the same authentication mechanism but I noticed slow performance on each authorized request.
I suspect the HTTP call make by the jwks client to add the network over trip.
What could be the solution to avoid that.
I used the cache option and it is better. But as I want to deploy this on a serverless platform I will meet some problem.
Is it safe to keep the jwks file or store the content into an environment variables ? To avoid the network trip ?
Thanks again for this great post
Hi Olivier! Glad you enjoyed the tutorial
There are multiple ways to solve this issue, like the cache one you tried. Another thing you could do is move the authentication to the context instead of the resolvers to verify the token. That way the token will only be verified once, but this takes away the certainty that you would always have a fresh token for the user.
Regarding this, I’ve also made a small change to the code for this tutorial which can be found here: https://github.com/auth0-blog/auth0-graphql-server/pull/3/files#diff-e7a4798606e55c8810812dec8eb5ef6d. With the current setup on every request to a resolver the
database variable will be recreated, this PR will solve that issue.
Let me know if this solves your problem!