1.0.2 • Published 4 years ago
type-gql-server v1.0.2
GQL-Server
GQL-Server is a small wrapper around the Type GraphQl server. It allows to easily use JWTs and handle authentication and authorization.
how to use
install package
npm install dotenv --save
npm install type-gql-server --save
create .env
Port=4000
AccessTokenSecret=youraccesstokensecret
AccessTokenExpire=1d
RefreshTokenSecret=youraccesstokensecret
RefreshTokenExpire=14d
Playground=enabled
implement authorization service
import {Response} from "express";
export default class MyAuthorizationService implements AuthorisationService
{
authorized(res: Response, requiredRole: string): boolean
{
const {roles} = res.locals.userData;
return roles === "my_role";
}
}
or use default service
const authorizeService: AuthorisationService = new DefaultAuthorizationService();
implement credential service
/**
* demo credential service
*/
export default class DemoCredentialService extends CredentialService
{
/**
*
* @param username username must be "test"
* @param password does not matter
*/
public async checkCredentials(username: string, password: string): Promise<AuthUser>
{
if(username == "test")
{
return new AuthUser(
"userID1",
"admin",
"access",
"refresh"
);
}
else throw "checking credentials for " + username + " failed";
}
}
or use default service
const authorizeService: CredentialService = new DemoCredentialService();
use in code
import "reflect-metadata"; // always execute at the beginning
require('dotenv').config();
/**
* load the token settings from env and create the token service
*/
function loadTokenSettings(): TokenService
{
// access token
const accessTokenSecret: string = process.env.AccessTokenSecret || "access token secret";
const accessTokenExpires: string = process.env.AccessTokenExpire || "15m";
const accessTokenProps: TokenProps = {secret: accessTokenSecret, expireTime: accessTokenExpires};
// refresh token
const refreshTokenSecret: string = process.env.RefreshTokenSecret || "refresh token secret";
const refreshTokenExpires: string = process.env.RefreshTokenExpire || "7d";
const refreshTokenProps: TokenProps = {secret: refreshTokenSecret, expireTime: refreshTokenExpires};
return new TokenService(accessTokenProps, refreshTokenProps, new DemoCredentialService());
}
// setup server
const port: number = Number.parseInt(process.env.Port || "4000");
const gqlPath: string = "/";
const authPath: string = "/auth";
const tokenPath: string = "refresh";
const enablePlayground: boolean = (process.env.Playground || "false") === "enabled";
const resolvers: any = [HelloResolver];
const authService: AuthenticationService = new AuthenticationService(loadTokenSettings());
const authorizeService: AuthorisationService = new DefaultAuthorizationService();
const server: GQLServer = new GQLServer(port, gqlPath, authPath, tokenPath, enablePlayground, authService, authorizeService, resolvers);
server.start();