1.0.2 • Published 4 years ago

type-gql-server v1.0.2

Weekly downloads
-
License
-
Repository
-
Last release
4 years ago

GQL-Server

GQL-Server is a small wrapper around the Type GraphQl server. It allows to easily use JWTs and handle authentication and authorization.

how to use

install package

npm install dotenv --save
npm install type-gql-server --save

create .env

Port=4000
AccessTokenSecret=youraccesstokensecret
AccessTokenExpire=1d
RefreshTokenSecret=youraccesstokensecret
RefreshTokenExpire=14d
Playground=enabled

implement authorization service

import {Response} from "express";
export default class MyAuthorizationService implements AuthorisationService
{
    authorized(res: Response, requiredRole: string): boolean
    {
        const {roles} = res.locals.userData;
        
        return roles === "my_role";
    }
}

or use default service

const authorizeService: AuthorisationService = new DefaultAuthorizationService();

implement credential service

/**
 * demo credential service
 */
export default class DemoCredentialService extends CredentialService
{
    /**
     *
     * @param username  username must be "test"
     * @param password  does not matter
     */
    public async checkCredentials(username: string, password: string): Promise<AuthUser>
    {
        if(username == "test")
        {
            return new AuthUser(
                "userID1",
                "admin",
                "access",
                "refresh"
            );
        }
        else throw "checking credentials for " + username + " failed";
    }
}

or use default service

const authorizeService: CredentialService = new DemoCredentialService();

use in code

import "reflect-metadata"; // always execute at the beginning
require('dotenv').config();

/**
 * load the token settings from env and create the token service
 */
function loadTokenSettings(): TokenService
{
    // access token
    const accessTokenSecret: string = process.env.AccessTokenSecret || "access token secret";
    const accessTokenExpires: string = process.env.AccessTokenExpire || "15m";
    const accessTokenProps: TokenProps = {secret: accessTokenSecret, expireTime: accessTokenExpires};

    // refresh token
    const refreshTokenSecret: string = process.env.RefreshTokenSecret || "refresh token secret";
    const refreshTokenExpires: string = process.env.RefreshTokenExpire || "7d";
    const refreshTokenProps: TokenProps = {secret: refreshTokenSecret, expireTime: refreshTokenExpires};

    return new TokenService(accessTokenProps, refreshTokenProps, new DemoCredentialService());
}

// setup server
const port: number = Number.parseInt(process.env.Port || "4000");
const gqlPath: string = "/";
const authPath: string = "/auth";
const tokenPath: string = "refresh";
const enablePlayground: boolean = (process.env.Playground || "false") === "enabled";
const resolvers: any = [HelloResolver];
const authService: AuthenticationService = new AuthenticationService(loadTokenSettings());
const authorizeService: AuthorisationService = new DefaultAuthorizationService();
const server: GQLServer = new GQLServer(port, gqlPath, authPath, tokenPath, enablePlayground, authService, authorizeService, resolvers);
server.start();