0
0
GraphQLquery~20 mins

JWT integration in GraphQL - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
JWT Integration Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
2:00remaining
What is the primary purpose of JWT in database access?

Imagine you want to securely access your database through a web app. What role does JWT play in this process?

AIt encrypts the database data automatically without any extra configuration.
BIt stores the entire database schema inside the token for quick access.
CIt acts as a secure token to verify the user's identity and permissions before allowing database access.
DIt replaces the database with a JSON file for faster queries.
Attempts:
2 left
💡 Hint

Think about how a token helps confirm who you are before you get access.

query_result
intermediate
2:00remaining
What is the output of this GraphQL query with JWT authorization?

Given a GraphQL query that requests user data, and a valid JWT token with user role 'admin', what will be the result?

GraphQL
query {
  users {
    id
    name
    email
  }
}

// JWT token payload: {"role": "admin"}
A[{"id": "1", "name": "Alice", "email": "alice@example.com"}, {"id": "2", "name": "Bob", "email": "bob@example.com"}]
BError: Unauthorized access - insufficient permissions
C[]
DError: Invalid JWT token
Attempts:
2 left
💡 Hint

Admins usually have full access to user data.

📝 Syntax
advanced
2:00remaining
Identify the syntax error in this JWT verification snippet in GraphQL resolver

Look at this code snippet that verifies a JWT token in a GraphQL resolver. Which option correctly fixes the syntax error?

GraphQL
const jwt = require('jsonwebtoken');

function verifyToken(token) {
  try {
    const decoded = jwt.verify(token, 'secretKey')
    return decoded;
  } catch (error) {
    throw new Error('Invalid token')
  }
}
ARemove the return statement to fix syntax.
BAdd a semicolon after jwt.verify(token, 'secretKey') to fix syntax: const decoded = jwt.verify(token, 'secretKey');
CReplace try-catch with if-else to fix syntax.
DChange 'secretKey' to secretKey without quotes to fix syntax.
Attempts:
2 left
💡 Hint

Check if all statements end properly.

optimization
advanced
2:00remaining
How to optimize JWT usage to reduce database load in GraphQL API?

You want to reduce database queries by using JWT in your GraphQL API. Which approach is best?

AStore the entire user profile in the JWT token to eliminate database queries.
BUse JWT only for login and query the database for every request to ensure fresh data.
CEncrypt the JWT token with the database password to speed up queries.
DInclude user roles and permissions inside the JWT payload to avoid querying the database for each request.
Attempts:
2 left
💡 Hint

Think about what info in the token can help skip database checks.

🔧 Debug
expert
2:00remaining
Why does this GraphQL query fail with 'Invalid token' error despite a valid JWT?

Given this GraphQL resolver code snippet, why does the query fail with 'Invalid token' error even though the JWT token is valid?

GraphQL
const jwt = require('jsonwebtoken');

function resolver(parent, args, context) {
  const token = context.headers.authorization;
  try {
    const decoded = jwt.verify(token, process.env.SECRET);
    return getDataForUser(decoded.userId);
  } catch (e) {
    throw new Error('Invalid token');
  }
}

// Environment variable SECRET is not set.
AThe environment variable SECRET is missing, so jwt.verify fails to validate the token.
BThe token is expired, causing jwt.verify to throw an error.
CThe token is not passed in the authorization header.
DThe getDataForUser function is undefined, causing the error.
Attempts:
2 left
💡 Hint

Check if the secret used to verify the token is properly set.