Greetings! Well it certainly seems that I am confused about which schema to alter where.
I want to experiment with the @auth directive.
Is it correct to infer from your post that DQL schemas cannot include the @auth directives?
I was now able to alter the GQL schema using the /admin/schema endpoint as suggested!
type Ride @auth(query: { rule: "{$isAuthenticated: { eq: \"true\" } }" }) {
where: String
when: Int
who: String
comments: String
created: Int
modified: Int
}
# Dgraph.Authorization X-Auth-Token ...
via insomnia i can see that adding the x-auth-token header will enable queries to get results!
However, it seems that the auth rules are ignored on the dgraph /query endpoint?
Is that how it is meant to be?
Well, I am starting to understand how the graphql endpoints and the dql endpoints are sharing data and schemas…
But now I have a very important question:
If I set up a GraphQL schema with @auth rules, do / will DQL queries respect them?
It seems that I can freely query via the DQL /query/ endpoint even though the /graphql/ endpoint is requiring an auth header…
Is there a way to disable the DQL endpoint or otherwise convince it to respect the @auth rules?