AuthGuardian support for adding Hasura session variables directly #42
Description
A quick update, we've added an effect in AuthGuardian to add session variables
directly. Simple choose the action On Hasura set session variable, give the
variable a name, and we'll take care of prefixing the name and putting it in the right JWT location.
See the Hasura documentation on how session variables can be used with
permissions, mutations, and so much
more.
It's an incredibly powerful system for being so small!
For example, if we want to make the user's verified TwitchTV email available for
our Hasura permission, queries, or mutations, we can set the following
AuthGuardian rules:
When this user on Twitch has verified email is true
Then On hasura set session variable
TWITCH_TV_EMAIL
And our resulting JWT will have the X-HASURA-EMAIL variable correctly set:
{
"iss": "OneGraph",
"aud": "https://serve.onegraph.com/dashboard/app/00000000-0000-0000-0000-000000000000",
"iat": 1579589498,
"exp": 1579675898,
"https://hasura.io/jwt/claims": {
"x-hasura-email": "[email protected]"
}
}