Check if user is logged in

[popeating]

Is there an endpoint, that based on jwt (or refresh token) tell me if im logged n?

im actually using the user query with my usename and jwt, but it feel quiete unsecure, i mean i can pass any username registered on the system

i would prefere an endpoint like /me that return the current user/owner of jwt

thank you

[ojohnny]

The endpoint you are looking for is called viewer, which returns information about the currently logged in user, no need to specify any username at all. viewer is null if you are not logged in.

Something as simple as this will do:

query Viewer {
  viewer {
    id
  }
}

...but of course you can get more user information from the same object if you want, such as username, email, avatar or the current auth and refresh tokens.

query Viewer {
  viewer {
    avatar {
      url
    }
    email
    username
    jwtAuthToken
    jwtRefreshToken
  }
}

[Khadreal]

The endpoint you are looking for is called viewer, which returns information about the currently logged in user, no need to specify any username at all. viewer is null if you are not logged in.

Something as simple as this will do:

query Viewer {
  viewer {
    id
  }
}

...but of course you can get more user information from the same object if you want, such as username, email, avatar or the current auth and refresh tokens.

query Viewer {
  viewer {
    avatar {
      url
    }
    email
    username
    jwtAuthToken
    jwtRefreshToken
  }
}

I tried querying the viewer endpoint to get jwtRefreshToken but getting Cannot query field \"jwtRefreshToken\" on type \"User\". error