Cache authenticated data

Some types and fields can contain data that is specific to a certain user. Cached query results that contain those types or fields should not be returned to any other user.

In order to handle this scenario you can define "scopes" in your graphcdn.yml, which let you scope (hence the name) cached query results to specific headers and/or cookies.

Every service has a special PUBLIC scope it uses by default. This scope returns the same cached results for all users.

Basics

You can define scopes in your graphcdn.yml based on the header and/or cookie your users use to authenticate:

scopes:
AUTHORIZATION_HEADER: 'header:Authorization'
SESSION_COOKIE: 'cookie:session'

Recommended: Unless you're certain you want to cache them separately, combine all your authentication methods into a single scope with a pipe (|, which means "or") to avoid having to create excessive rules:

scopes:
AUTHENTICATED: 'header:Authorization|cookie:session'

Using scopes

To set the scope a certain query result should be cached by, create a cache rule for the types you want to cache separately per-user (see Cache rules for more information):

rules:
- description: 'Cache any user-specific data per-user'
scope: AUTHENTICATED
types:
User: true

Now any query result that contains any User will be cached with the corresponding cookie and/or header of the AUTHENTICATED scope and will only be returned for the same requester. Users that aren't authenticated will still get the same cached results.