@lenne.tech/nest-server 3.3.2 → 3.4.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lenne.tech/nest-server",
-  "version": "3.3.2",
+  "version": "3.4.1",
   "description": "Modern, fast, powerful Node.js web framework in TypeScript based on Nest with a GraphQL API and a connection to MongoDB (or other databases).",
   "keywords": [
     "node",
@@ -86,6 +86,7 @@
     "fastify": "3.27.1",
     "graphql": "16.3.0",
     "graphql-subscriptions": "2.0.0",
+    "graphql-voyager": "1.0.0-rc.31",
     "grunt": "1.4.1",
     "grunt-bg-shell": "2.3.3",
     "grunt-contrib-clean": "2.0.0",

package/src/config.env.ts

@@ -32,8 +32,11 @@ const config: { [env: string]: IServerOptions } = {
     },
     env: 'development',
     graphQl: {
-      debug: true,
-      introspection: true,
+      driver: {
+        debug: true,
+        introspection: true,
+      },
+      voyager: true,
     },
     jwt: {
       secret: 'SECRET_OR_PRIVATE_KEY_DEV',
@@ -79,8 +82,10 @@ const config: { [env: string]: IServerOptions } = {
     },
     env: 'productive',
     graphQl: {
-      debug: false,
-      introspection: true,
+      driver: {
+        debug: false,
+        introspection: true,
+      },
     },
     jwt: {
       secret: 'SECRET_OR_PRIVATE_KEY_PROD',

package/src/core/common/interfaces/server-options.interface.ts

@@ -20,7 +20,23 @@ export interface IServerOptions {
    * see https://docs.nestjs.com/graphql/quick-start
    * and https://www.apollographql.com/docs/apollo-server/api/apollo-server/
    */
-  graphQl?: ApolloDriverConfig;
+  graphQl?: {
+    /**
+     * Driver configuration for Apollo
+     */
+    driver?: ApolloDriverConfig;
+
+    /**
+     * Subscription authentication
+     */
+    enableSubscriptionAuth?: boolean;
+
+    /**
+     * Enable GraphQL Voyager
+     * https://github.com/APIs-guru/graphql-voyager
+     */
+    voyager?: boolean;
+  };
 
   /**
    * Configuration of JavaScript Web Token (JWT) module

package/src/core/modules/auth/core-auth.module.ts

@@ -21,7 +21,7 @@ export class CoreAuthModule {
     UserModule: Type<any>,
     UserService: Type<CoreAuthUserService>,
     options: JwtModuleOptions & {
-      imports?: Array<Type<any> | DynamicModule | Promise<DynamicModule> | ForwardReference>[];
+      imports?: Array<Type<any> | DynamicModule | Promise<DynamicModule> | ForwardReference>;
       providers?: Provider[];
     }
   ): DynamicModule {

package/src/core/modules/auth/services/core-auth.service.ts

@@ -33,4 +33,8 @@ export class CoreAuthService {
   async validateUser(payload: JwtPayload): Promise<any> {
     return await this.userService.getViaEmail(payload.email);
   }
+
+  decodeJwt(token: string): JwtPayload {
+    return this.jwtService.decode(token) as JwtPayload;
+  }
 }

package/src/core.module.ts

@@ -1,4 +1,4 @@
-import { DynamicModule, Global, Module } from '@nestjs/common';
+import { DynamicModule, Global, Module, UnauthorizedException } from '@nestjs/common';
 import { APP_INTERCEPTOR, APP_PIPE } from '@nestjs/core';
 import { GraphQLModule } from '@nestjs/graphql';
 import { Config } from './core/common/helpers/config.helper';
@@ -34,23 +34,43 @@ export class CoreModule {
    * Dynamic module
    * see https://docs.nestjs.com/modules#dynamic-modules
    */
-  static forRoot(options: Partial<IServerOptions>): DynamicModule {
+  static forRoot(AuthService: any, AuthModule: any, options: Partial<IServerOptions>): DynamicModule {
     // Process config
     const config: IServerOptions = Config.merge(
       {
         env: 'develop',
         graphQl: {
-          autoSchemaFile: 'schema.gql',
-          context: ({ req }) => ({ req }),
-          installSubscriptionHandlers: true,
-          subscriptions: {
-            'subscriptions-transport-ws': {
-              onConnect: (connectionParams) => {
-                // TODO: Handle Authorization
-                const authToken = connectionParams.Authorization;
+          driver: {
+            imports: [AuthModule],
+            inject: [AuthService],
+            useFactory: async (authService: any) => ({
+              autoSchemaFile: 'schema.gql',
+              context: ({ req }) => ({ req }),
+              installSubscriptionHandlers: true,
+              subscriptions: {
+                'subscriptions-transport-ws': {
+                  onConnect: async (connectionParams) => {
+                    if (config.graphQl.enableSubscriptionAuth) {
+                      // get authToken from authorization header
+                      const authToken: string =
+                        'Authorization' in connectionParams && connectionParams?.Authorization?.split(' ')[1];
+
+                      if (authToken) {
+                        // verify authToken/getJwtPayLoad
+                        const payload = authService.decodeJwt(authToken);
+                        const user = await authService.validateUser(payload);
+                        // the user/jwtPayload object found will be available as context.currentUser/jwtPayload in your GraphQL resolvers
+                        return { user: user, headers: connectionParams };
+                      }
+
+                      throw new UnauthorizedException();
+                    }
+                  },
+                },
               },
-            },
+            }),
           },
+          enableSubscriptionAuth: true,
         },
         port: 3000,
         mongoose: {
@@ -107,7 +127,7 @@ export class CoreModule {
       module: CoreModule,
       imports: [
         MongooseModule.forRoot(config.mongoose.uri, config.mongoose.options),
-        GraphQLModule.forRoot<ApolloDriverConfig>(Object.assign({ driver: ApolloDriver }, config.graphQl)),
+        GraphQLModule.forRootAsync<ApolloDriverConfig>(Object.assign({ driver: ApolloDriver }, config.graphQl.driver)),
       ],
       providers,
       exports: [ConfigService, EmailService, TemplateService, MailjetService],

package/src/main.ts

@@ -2,6 +2,7 @@ import { NestFactory } from '@nestjs/core';
 import { NestExpressApplication } from '@nestjs/platform-express';
 import envConfig from './config.env';
 import { ServerModule } from './server/server.module';
+import { express as voyagerMiddleware } from 'graphql-voyager/middleware';
 
 /**
  * Preparations for server start
@@ -23,6 +24,11 @@ async function bootstrap() {
   // Enable cors to allow requests from other domains
   server.enableCors();
 
+  // Activate GraphQL Voyager
+  if (envConfig.graphQl?.voyager) {
+    server.use('/voyager', voyagerMiddleware({ endpointUrl: '/graphql' }));
+  }
+
   // Start server on configured port
   await server.listen(envConfig.port);
 }

package/src/server/server.module.ts

@@ -4,6 +4,7 @@ import { CoreModule } from '../core.module';
 import { AuthModule } from './modules/auth/auth.module';
 import { FileController } from './modules/file/file.controller';
 import { ServerController } from './server.controller';
+import { CoreAuthService } from '../core/modules/auth/services/core-auth.service';
 
 /**
  * Server module (dynamic)
@@ -15,7 +16,7 @@ import { ServerController } from './server.controller';
   // Include modules
   imports: [
     // Include CoreModule for standard processes
-    CoreModule.forRoot(envConfig),
+    CoreModule.forRoot(CoreAuthService, AuthModule.forRoot(envConfig.jwt), envConfig),
 
     // Include AuthModule for authorization handling,
     // which will also include UserModule