/
graphql.js
118 lines (94 loc) · 3.05 KB
/
graphql.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
const {promisify} = require('util');
const Boom = require('boom');
const jwt = require('jsonwebtoken');
const jwtVerify = promisify(jwt.verify);
const {get} = require('lodash/fp');
const has = require('../utils/fp/has');
const pkg = require('../../package.json');
const shortName = pkg.name.replace('hapi-', '');
const shouldVerify = verify => request => {
return (
verify === 'always' ||
(verify === 'present' && request.headers.origin)
);
};
const onPreAuth = server => {
const {settings} = server.plugins[pkg.name];
const {verifyOrigin} = settings.authentication;
const shouldVerifyOrigin = shouldVerify(verifyOrigin);
return (request, h) => {
if (shouldVerifyOrigin(request)) {
if (!get('info.cors.isOriginMatch', request)) {
throw Boom.forbidden();
}
}
return h.continue;
};
};
const onPreResponse = server => {
const {settings} = server.plugins[pkg.name];
const {loginOperationName, logoutOperationName, tokenDataPath} = settings.authentication;
const {name, options} = settings.cookieAuthentication;
return (request, h) => {
const response = request.response;
if (!response.isBoom) {
const {operationName} = request.payload;
if (operationName === loginOperationName) {
const token = get(tokenDataPath, response.source);
h.state(name, token, options);
}
if (operationName === logoutOperationName) {
h.unstate(name, options);
}
}
return h.continue;
};
};
const getJwtToken = server => {
const {settings} = server.plugins[pkg.name];
const {cookieAuthentication, headerAuthentication} = settings;
return async (request, h) => {
if (request.auth && request.auth.token) {
// If using hapi-auth-jwt2 allow it to take over
return request.auth.token;
}
if (cookieAuthentication && cookieAuthentication.name) {
return request.state[cookieAuthentication.name];
}
if (headerAuthentication) {
const {headerName, tokenType} = headerAuthentication;
const header = request.headers[headerName.toLowerCase()];
if (header && header.startsWith(tokenType)) {
const tokenTypeLength = tokenType.length;
return header.substr(tokenTypeLength).trim();
}
}
return h.continue;
};
};
const handler = server => {
const {settings} = server.plugins[pkg.name];
const postgraphile = server.methods[shortName];
const {cacheAllowedOperations} = settings;
let isAllowedOperation;
if (cacheAllowedOperations && cacheAllowedOperations.length) {
isAllowedOperation = has(cacheAllowedOperations);
}
return async request => {
const {payload, pre} = request;
const {operationName} = payload;
if (operationName && isAllowedOperation && isAllowedOperation(operationName)) {
if (postgraphile.performQueryWithCache) {
// Cached queries cannot have options
return postgraphile.performQueryWithCache(payload);
}
}
return postgraphile.performQuery(payload, pre);
};
};
module.exports = {
onPreAuth,
onPreResponse,
getJwtToken,
handler
};