The @secret directive

Users GraphQL
, ,
1

Hi,

Currently, the documentation doesn’t have any info about the @secret directive.
Can You supply some explanation on what it does and how to use it?
I thought about using it in order to implement an api access key - secret key combination where the secret key is decorated with this directive.

type User {
    hasCredntials: [Credentials!]
}

type Credentials {
    accessKey: String! @search(by: [hash]) @id
    secretKey: String! @secret
    ofUser: User! @hasInverse(field: hasCredentials)
}

Let’s say I have a server that gets both the keys from some script I want to use this scheme to be able to check if the combination that the script sent is valid and if true return the username of the user it belongs to.
How can I make such a query?

2

The docs for this will be updated soon. Meanwhile, you can have a look at this example.

3

Hey @spinelsun, you can find them in the docs here too.

4

so in order to use it I need to change my scheme in this way right?:

type User {
    hasCredentials: [Credentials!]
}

type Credentials @secret(field: "secretKey") {
    accessKey: String! @search(by: [hash]) @id
    ofUser: User! @hasInverse(field: hasCredentials)
}

Now how would be the mutation of a new credential?

5

It should be something like this

mutation {
  addCredentials(input: [{accessKey:"akey", secretKey:"yoursecretkey", ofUser: <uid of user>}]) {
        accessKey
  }
}

To get the uid of a user you may need to have some field with ID! or @id in type User.