-
Notifications
You must be signed in to change notification settings - Fork 593
/
security.js
52 lines (47 loc) · 1.74 KB
/
security.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
// @flow
import type { PluginType } from "@webiny/api/types";
import { shield } from "graphql-shield";
import authenticate from "./authentication/authenticate";
export default options =>
([
{
type: "graphql-middleware",
name: "graphql-middleware-shield",
middleware: ({ plugins }) => {
const middleware = [];
plugins.byType("graphql-schema").forEach(plugin => {
let { security } = plugin;
if (!security) {
return true;
}
if (typeof security === "function") {
security = security();
}
security.shield &&
middleware.push(
shield(security.shield, {
allowExternalErrors: true
})
);
});
return middleware;
}
},
{
type: "graphql-context",
name: "graphql-context-security",
preApply: async context => {
context.security = options;
context.token = null;
context.user = null;
context.getUser = () => context.user;
const securityPlugins: Array<PluginType> = context.plugins.byType(
"graphql-security"
);
for (let i = 0; i < securityPlugins.length; i++) {
await securityPlugins[i].authenticate(context);
}
}
},
{ type: "graphql-security", name: "graphql-security", authenticate }
]: Array<PluginType>);