Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
function createMiddleware(
{ config, graphqlApi, logger, graphqlPath }: ExpressMiddlewareProps,
jwtVerify: Middleware,
): Middleware {
const isDev = config.env === "development";
const isProd = config.env === "production";
const PLAYGROUND_PATH = "/playground";
const VOYAGER_PATH = "/voyager";
const playground = playgroundMiddleware({ endpoint: graphqlPath });
const voyager = voyagerMiddleware({ endpointUrl: graphqlPath });
const router = Router();
const validationRules = [depthLimit(10)];
const schema = graphqlApi.getSchema();
const context = graphqlApi.getContext();
const allQueries = graphqlApi.getAllQueries();
const isIntrospectionQuery = (query: string): boolean => {
return Boolean(query && query.includes("query IntrospectionQuery {"));
};
if (!isDev) {
maskErrors(schema); // do not send internal errors to client
validationRules.push(NoIntrospection);
}
const apolloExpress = (req: $Request, res: $Response, next: NextFunction) => {
import AuthenticationService from './AuthenticationService';
import AuthorizationService from './AuthorizationService';
import Database from './Database';
import HttpStatus from './utils/HttpStatus';
import { RateLimitError, JsonWebTokenError } from './utils/errors';
const IS_DEV = process.env.NODE_ENV === 'development';
const app = express();
app.disable('x-powered-by');
app.disable('etag');
app.use(bodyParser.json({ limit: '1kb' }));
app.use(cookieParser());
// Host graphql playground
app.get('/playground', expressPlayground({ endpoint: config.hasuraUrl }));
const database = new Database(config.database);
const authenticationService = new AuthenticationService(config.passcode);
const authorizationService = new AuthorizationService(
database,
config.accessToken,
config.refreshToken,
);
const emailHandler: RequestHandler = (req, res, next) => {
const email = req.body.email;
if (!email) {
return res
.status(HttpStatus.BAD_REQUEST)
.send('Missing field `email` of type string in post body.');
}
function setupGraphQL (app) {
app.use(GRAPHQL_ENDPOINT, graphqlExpress(req => {
return ({
schema,
// Set the context for all resolvers
context: {
// Current user
user: req.user,
},
// Apollo Engine flags
tracing: true,
cacheControl: false,
})
}))
app.use(PLAYGROUND_ENDPOINT, expressPlayground({
endpoint: GRAPHQL_ENDPOINT,
subscriptionEndpoint: SUBSCRIPTION_ENDPOINT,
}))
}
# Mutation type is removed entirely, because it isn't specified
type WeatherPayload {
temp(unit: UnitEnum): Float
# other fields are removed here
}
enum UnitEnum {
Celcius
# other enum value is removed here
}`)
)
app.use('/graphql', express.json(), graphql, await serve())
app.use('/playground', expressPlayground({ endpoint: '/graphql' }))
app.listen(3000, () => console.log('Server running. Open http://localhost:3000/playground to run queries.'))
}
export function startPublications() {
const mode = process.env.NODE_ENV || "DEVELOPMENT";
const app = express();
app.use(bodyParser.urlencoded({ extended: false }));
app.use(bodyParser.json());
if (mode.toUpperCase() === "DEVELOPMENT") {
app.use("/playground", graphqlPlayground({ endpoint: "/graphql" }));
} else {
const publicPath = path.resolve(__dirname, "../public");
app.use(express.static(publicPath));
app.get("*", (req, res) =>
res.sendFile(path.resolve(publicPath, "index.html"))
);
}
app.use(jwt(jwtConfig));
app.post("/documents/:id/pdf", documentPdfHandler);
app.use(
"/graphql",
graphqlHttp(request => ({
schema,
context: { user: request.user },
}))
export default function glide(options: Options): Application {
const application = express();
const runtime = createRuntime(options.schema);
application.use(morgan(isDevEnv() ? "dev" : "common"));
application.get("/", playground(playgroundSettings));
application.post("/", json(), (request, response, next) => {
const authorization = request.get("authorization");
let { connection } = options;
if (typeof authorization === "string") {
connection = new Connection({
accessToken: authorization.substr(7),
instanceUrl: options.instance,
});
}
if (connection == null) {
return next(new GraphQLError("Session expired or invalid"));
}
runtime(connection, request.body.query).then(
const startServer = async () => {
const port = process.env.PORT
const app = express()
app.use(cors({ origin:true, credentials: true }))
app.use(helmet())
app.use(bodyParser.json())
app.use(bodyParser.text({ type: 'application/graphql' }))
app.use(passport.initialize())
app.use(passport.session())
const playroundUrl = process.env.ENVIROMENT !== 'production'
? '/playground'
: '/super-secret-playground'
app.get(playroundUrl, graphqlPlayground({
endpoint: '/graphql',
subscriptionEndpoint: '/subscriptions'
}))
app.use(
'/graphql',
customBearerAuth,
graphqlHTTP(req => ({
formatError,
schema,
context: {
req,
},
})),
)
path: `/__webpack_hmr`,
heartbeat: 10 * 1000,
})
)
app.use(cors())
/**
* Pattern matching all endpoints with graphql or graphiql with 1 or more leading underscores
*/
const graphqlEndpoint = `/_+graphi?ql`
if (process.env.GATSBY_GRAPHQL_IDE === `playground`) {
app.get(
graphqlEndpoint,
graphqlPlayground({
endpoint: `/___graphql`,
}),
() => {}
)
} else {
graphiqlExplorer(app, {
graphqlEndpoint,
})
}
app.use(
graphqlEndpoint,
graphqlHTTP(() => {
const { schema, schemaCustomization } = store.getState()
return {
export default async function configureApp(app, config) {
const GraphQLOptions = await gramps(config);
app.use(bodyParser.json());
app.use(GRAPHQL_ENDPOINT, graphqlExpress(GraphQLOptions));
app.use(TESTING_ENDPOINT, playground({ endpoint: GRAPHQL_ENDPOINT }));
return app;
}
}
const { url, headers } = projectConfig.endpointsExtension.getEndpoint(
endpoint,
)
app.use(
'/graphql',
requestProxy({
url,
headers,
}),
)
app.use(
'/playground',
expressPlayground({
endpoint: '/graphql',
config: config.config,
}),
)
} else {
app.use(
'/playground',
expressPlayground({ config: config.config } as any),
)
}
const listener = app.listen(port, () => {
let host = (listener.address() as AddressInfo).address
if (host === '::') {
host = 'localhost'
}