
conradwt
What's the recommended approach for securing GraphQL APIs?
Hi, I’m building an application that will have support for both the web and mobile. At this time, I’m using PhxGenAuth for authentication on the web. However, it appears that there’s no out-of-the-box support for API authentication.
Thus, I was wondering, what’s the recommended approach for securing GraphQL APIs these days? From the book “Craft GraphQL APIs in Elixir with Absinthe”, it appears that JWTs is a good solution to go with for now.
Finally, are there any recommended Hex authentication packages that support both session and API authentication?
Most Liked

OvermindDL1
A header token or a token passed in the message directly are the two ways I most often see.
3
Popular Backend topics

I maintain a project that lists hundreds of thousands of web pages, and I’d like to show a screenshot for each web page. There are alread...
New

API 4
Path:
/user/following/
Method:
GET
Description:
Returns the list of all names of people whom the user follows
Response
[
{ ...
New

Hi,
Recommend pls your favorite learning resources in Go, with best books, podcasts etc.
New

Background
I have recently been delving into more functional code. My objective right now is to get something similar to the IO Monad (in...
New

Wanted to check if there is a UI available to use Ora2pg tool.
New

Background
I am a fan of dialyzer and friends (looking at Gradient) and I try to have sepcs in my code as much as I can. To this end, I a...
New

Currently reading the book “Programming Phoenix LiveView”.
At the end of the Chapter 1, I’m trying to solve the guess game. If the user ...
New

What is the difference between using `:references` and `:belongs_to` in a generate command in Rails?
What is the difference between using :references and :belongs_to in the following command?
bin/rails generate scaffold LineItem product:...
New

Background
As I often do, I read books to learn and improve myself. I also enjoy teaching and helping others when I can, so this is somet...
New

Anyone know how to get in golang? I am from elixir background?.
New
Other popular topics

I know that these benchmarks might not be the exact picture of real-world scenario, but still I expect a Rust web framework performing a ...
New

I’m thinking of buying a monitor that I can rotate to use as a vertical monitor?
Also, I want to know if someone is using it for program...
New

Design and develop sophisticated 2D games that are as much fun to make as they are to play. From particle effects and pathfinding to soci...
New

You might be thinking we should just ask who’s not using VSCode :joy: however there are some new additions in the space that might give V...
New

We have a thread about the keyboards we have, but what about nice keyboards we come across that we want? If you have seen any that look n...
New

I ended up cancelling my Moonlander order as I think it’s just going to be a bit too bulky for me.
I think the Planck and the Preonic (o...
New

I am asking for any distro that only has the bare-bones to be able to get a shell in the server and then just install the packages as we ...
New

The File System Access API with Origin Private File System.
WebKit supports new API that makes it possible for web apps to create, open,...
New

Large Language Models like ChatGPT say The Darnedest Things.
The Errors They MakeWhy We Need to Document Them, and What We Have Decided ...
New

Author Spotlight:
Tammy Coron
@Paradox927
Gaming, and writing games in particular, is about passion, vision, experience, and immersio...
New
Latest in Phoenix
Backend>Questions
Categories:
Sub Categories:
Popular Portals
- /elixir
- /rust
- /wasm
- /ruby
- /erlang
- /phoenix
- /keyboards
- /rails
- /js
- /python
- /security
- /go
- /swift
- /vim
- /clojure
- /java
- /haskell
- /emacs
- /svelte
- /onivim
- /typescript
- /crystal
- /c-plus-plus
- /tailwind
- /kotlin
- /gleam
- /react
- /flutter
- /elm
- /ocaml
- /ash
- /opensuse
- /vscode
- /centos
- /php
- /deepseek
- /html
- /zig
- /scala
- /debian
- /nixos
- /lisp
- /agda
- /react-native
- /textmate
- /sublime-text
- /kubuntu
- /arch-linux
- /ubuntu
- /revery
- /manjaro
- /django
- /spring
- /diversity
- /nodejs
- /lua
- /slackware
- /julia
- /c
- /neovim