我正在尝试使用 cookie 使用长生不老药和苦艾酒进行授权/身份验证 graphql 订阅,我使用了以下链接:
https://nts.strzibny.name/graphql-subscriptions-with-elixir-and-absinth/
我正在尝试对订阅正确主题的用户进行身份验证,但我无权访问订阅连接中的 cookie。为什么?
在我看到以下链接后:
https://hexdocs.pm/absinthe_phoenix/Absinthe.Phoenix.Socket.html
在我的 user_socket.ex 中,我将 user_id 作为查询参数传递,这有效,但根本不安全......我可以传递我想要的 id ??!!
有人能帮我吗?
@moduledoc false
use Phoenix.Socket
use Absinthe.Phoenix.Socket,
schema: MyAppGraphQL.Schema
## Channels
# channel "room:*", MyAppWeb.RoomChannel
# Socket params are passed from the client and can
# be used to verify and authenticate a user. After
# verification, you can put default assigns into
# the socket that will be set for all channels, ie
#
# {:ok, assign(socket, :user_id, verified_user_id)}
#
# To …