Created
November 18, 2021 18:22
-
-
Save lydemann/77300749988d9cf9c9d94b4348b45600 to your computer and use it in GitHub Desktop.
server.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import { ApolloServer, AuthenticationError } from 'apollo-server-express'; | |
import responseCachePlugin from 'apollo-server-plugin-response-cache'; | |
import * as express from 'express'; | |
import admin from 'firebase-admin'; | |
import { AuthIdentity, RequestContext } from './auth-identity'; | |
import { resolvers } from './resolvers'; | |
import { typeDefs } from './schema'; | |
/* Async verification with user token */ | |
const verifyToken = async ({ authorization, schoolid }) => { | |
const newToken = authorization.replace('Bearer ', ''); | |
// TODO: disable for local env and set admin true | |
const header = await admin | |
.auth() | |
.verifyIdToken(newToken) | |
.then((decodedToken) => { | |
if (decodedToken.firebase.tenant !== schoolid) { | |
throw new AuthenticationError("User doesn't have access to school"); | |
} | |
return { | |
...decodedToken, | |
schoolId: schoolid, | |
} as AuthIdentity; | |
}) | |
.catch(function (error) { | |
// Handle error | |
throw new AuthenticationError('No Access: Invalid id token'); | |
}); | |
return header; | |
}; | |
export function gqlServer() { | |
const app = express(); | |
const apolloServer = new ApolloServer({ | |
typeDefs, | |
resolvers, | |
context: async ({ req, res }) => { | |
if (!req.headers.authorization) { | |
return { | |
req, | |
res, | |
} as RequestContext; | |
} | |
const auth = await verifyToken(req.headers as any); | |
return { | |
auth: auth || {}, | |
req, | |
res, | |
} as RequestContext; | |
}, | |
// Enable graphiql gui | |
introspection: true, | |
playground: { | |
endpoint: 'api', | |
}, | |
persistedQueries: { | |
ttl: 900, // 15 minutes | |
}, | |
plugins: [ | |
responseCachePlugin({ | |
sessionId: (requestContext) => | |
requestContext.request.http.headers.get('authorization') || null, | |
}), | |
], | |
}); | |
apolloServer.applyMiddleware({ app, path: '/', cors: true }); | |
return app; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment