@lenne.tech/nest-server 3.3.3 → 8.0.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lenne.tech/nest-server",
-  "version": "3.3.3",
+  "version": "8.0.0",
   "description": "Modern, fast, powerful Node.js web framework in TypeScript based on Nest with a GraphQL API and a connection to MongoDB (or other databases).",
   "keywords": [
     "node",
@@ -52,38 +52,38 @@
     "node": ">= 16.13.0"
   },
   "dependencies": {
-    "@apollo/gateway": "0.48.1",
-    "@nestjs/apollo": "10.0.2",
-    "@nestjs/common": "8.2.6",
-    "@nestjs/core": "8.2.6",
-    "@nestjs/graphql": "10.0.2",
+    "@apollo/gateway": "0.48.3",
+    "@nestjs/apollo": "10.0.7",
+    "@nestjs/common": "8.4.1",
+    "@nestjs/core": "8.4.1",
+    "@nestjs/graphql": "10.0.7",
     "@nestjs/jwt": "8.0.0",
-    "@nestjs/mongoose": "9.0.2",
-    "@nestjs/passport": "8.1.0",
-    "@nestjs/platform-express": "8.2.6",
-    "@nestjs/testing": "8.2.6",
-    "@shelf/jest-mongodb": "2.2.0",
+    "@nestjs/mongoose": "9.0.3",
+    "@nestjs/passport": "8.2.1",
+    "@nestjs/platform-express": "8.4.1",
+    "@nestjs/testing": "8.4.1",
+    "@shelf/jest-mongodb": "2.2.1",
     "@types/ejs": "3.1.0",
-    "@types/jest": "27.4.0",
-    "@types/lodash": "4.14.178",
+    "@types/jest": "27.4.1",
+    "@types/lodash": "4.14.180",
     "@types/multer": "1.4.7",
-    "@types/node": "17.0.17",
+    "@types/node": "17.0.21",
     "@types/node-mailjet": "3.3.8",
     "@types/nodemailer": "6.4.4",
     "@types/passport": "1.0.7",
     "@types/supertest": "2.0.11",
-    "@typescript-eslint/eslint-plugin": "5.11.0",
-    "@typescript-eslint/parser": "5.11.0",
-    "apollo-server-core": "3.6.3",
-    "apollo-server-express": "3.6.3",
+    "@typescript-eslint/eslint-plugin": "5.15.0",
+    "@typescript-eslint/parser": "5.15.0",
+    "apollo-server-core": "3.6.4",
+    "apollo-server-express": "3.6.4",
     "bcrypt": "5.0.1",
     "class-transformer": "0.5.1",
     "class-validator": "0.13.2",
     "coffeescript": "2.6.1",
     "ejs": "3.1.6",
-    "eslint": "8.9.0",
-    "eslint-config-prettier": "8.3.0",
-    "fastify": "3.27.1",
+    "eslint": "8.11.0",
+    "eslint-config-prettier": "8.5.0",
+    "fastify": "3.27.4",
     "graphql": "16.3.0",
     "graphql-subscriptions": "2.0.0",
     "grunt": "1.4.1",
@@ -93,13 +93,13 @@
     "grunt-sync": "0.8.2",
     "husky": "7.0.4",
     "jest": "27.5.1",
-    "json-to-graphql-query": "2.2.2",
-    "light-my-request": "4.7.1",
+    "json-to-graphql-query": "2.2.3",
+    "light-my-request": "4.8.0",
     "lodash": "4.17.21",
-    "mongodb": "4.3.1",
-    "mongoose": "6.2.1",
+    "mongodb": "4.4.1",
+    "mongoose": "6.2.6",
     "multer": "1.4.4",
-    "node-mailjet": "3.3.5",
+    "node-mailjet": "3.3.7",
     "nodemailer": "6.7.2",
     "nodemon": "2.0.15",
     "passport": "0.5.2",
@@ -108,17 +108,17 @@
     "pretty-quick": "3.1.3",
     "reflect-metadata": "0.1.13",
     "rimraf": "3.0.2",
-    "rxjs": "7.5.4",
+    "rxjs": "7.5.5",
     "supertest": "6.2.2",
     "ts-jest": "27.1.3",
     "ts-morph": "13.0.3",
-    "ts-node": "10.5.0",
-    "tsconfig-paths": "3.12.0",
-    "typescript": "4.5.5"
+    "ts-node": "10.7.0",
+    "tsconfig-paths": "3.14.0",
+    "typescript": "4.6.2"
   },
   "devDependencies": {
     "find-file-up": "2.0.1",
-    "pm2": "5.1.2"
+    "pm2": "5.2.0"
   },
   "jest": {
     "collectCoverage": true,

package/src/config.env.ts

@@ -32,8 +32,10 @@ const config: { [env: string]: IServerOptions } = {
     },
     env: 'development',
     graphQl: {
-      debug: true,
-      introspection: true,
+      driver: {
+        debug: true,
+        introspection: true,
+      },
     },
     jwt: {
       secret: 'SECRET_OR_PRIVATE_KEY_DEV',
@@ -79,8 +81,10 @@ const config: { [env: string]: IServerOptions } = {
     },
     env: 'productive',
     graphQl: {
-      debug: false,
-      introspection: true,
+      driver: {
+        debug: false,
+        introspection: true,
+      },
     },
     jwt: {
       secret: 'SECRET_OR_PRIVATE_KEY_PROD',

package/src/core/common/interfaces/server-options.interface.ts

@@ -20,7 +20,17 @@ export interface IServerOptions {
    * see https://docs.nestjs.com/graphql/quick-start
    * and https://www.apollographql.com/docs/apollo-server/api/apollo-server/
    */
-  graphQl?: ApolloDriverConfig;
+  graphQl?: {
+    /**
+     * Driver configuration for Apollo
+     */
+    driver?: ApolloDriverConfig;
+
+    /**
+     * Subscription authentication
+     */
+    enableSubscriptionAuth?: boolean;
+  };
 
   /**
    * Configuration of JavaScript Web Token (JWT) module

package/src/core/modules/auth/services/core-auth.service.ts

@@ -33,4 +33,8 @@ export class CoreAuthService {
   async validateUser(payload: JwtPayload): Promise<any> {
     return await this.userService.getViaEmail(payload.email);
   }
+
+  decodeJwt(token: string): JwtPayload {
+    return this.jwtService.decode(token) as JwtPayload;
+  }
 }

package/src/core.module.ts

@@ -1,4 +1,4 @@
-import { DynamicModule, Global, Module } from '@nestjs/common';
+import { DynamicModule, Global, Module, UnauthorizedException } from '@nestjs/common';
 import { APP_INTERCEPTOR, APP_PIPE } from '@nestjs/core';
 import { GraphQLModule } from '@nestjs/graphql';
 import { Config } from './core/common/helpers/config.helper';
@@ -34,23 +34,43 @@ export class CoreModule {
    * Dynamic module
    * see https://docs.nestjs.com/modules#dynamic-modules
    */
-  static forRoot(options: Partial<IServerOptions>): DynamicModule {
+  static forRoot(AuthService: any, AuthModule: any, options: Partial<IServerOptions>): DynamicModule {
     // Process config
     const config: IServerOptions = Config.merge(
       {
         env: 'develop',
         graphQl: {
-          autoSchemaFile: 'schema.gql',
-          context: ({ req }) => ({ req }),
-          installSubscriptionHandlers: true,
-          subscriptions: {
-            'subscriptions-transport-ws': {
-              onConnect: (connectionParams) => {
-                // TODO: Handle Authorization
-                const authToken = connectionParams.Authorization;
+          driver: {
+            imports: [AuthModule],
+            inject: [AuthService],
+            useFactory: async (authService: any) => ({
+              autoSchemaFile: 'schema.gql',
+              context: ({ req }) => ({ req }),
+              installSubscriptionHandlers: true,
+              subscriptions: {
+                'subscriptions-transport-ws': {
+                  onConnect: async (connectionParams) => {
+                    if (config.graphQl.enableSubscriptionAuth) {
+                      // get authToken from authorization header
+                      const authToken: string =
+                        'Authorization' in connectionParams && connectionParams?.Authorization?.split(' ')[1];
+
+                      if (authToken) {
+                        // verify authToken/getJwtPayLoad
+                        const payload = authService.decodeJwt(authToken);
+                        const user = await authService.validateUser(payload);
+                        // the user/jwtPayload object found will be available as context.currentUser/jwtPayload in your GraphQL resolvers
+                        return { user: user, headers: connectionParams };
+                      }
+
+                      throw new UnauthorizedException();
+                    }
+                  },
+                },
               },
-            },
+            }),
           },
+          enableSubscriptionAuth: true,
         },
         port: 3000,
         mongoose: {
@@ -107,7 +127,7 @@ export class CoreModule {
       module: CoreModule,
       imports: [
         MongooseModule.forRoot(config.mongoose.uri, config.mongoose.options),
-        GraphQLModule.forRoot<ApolloDriverConfig>(Object.assign({ driver: ApolloDriver }, config.graphQl)),
+        GraphQLModule.forRootAsync<ApolloDriverConfig>(Object.assign({ driver: ApolloDriver }, config.graphQl.driver)),
       ],
       providers,
       exports: [ConfigService, EmailService, TemplateService, MailjetService],

package/src/server/server.module.ts

@@ -4,6 +4,7 @@ import { CoreModule } from '../core.module';
 import { AuthModule } from './modules/auth/auth.module';
 import { FileController } from './modules/file/file.controller';
 import { ServerController } from './server.controller';
+import { CoreAuthService } from '../core/modules/auth/services/core-auth.service';
 
 /**
  * Server module (dynamic)
@@ -15,7 +16,7 @@ import { ServerController } from './server.controller';
   // Include modules
   imports: [
     // Include CoreModule for standard processes
-    CoreModule.forRoot(envConfig),
+    CoreModule.forRoot(CoreAuthService, AuthModule.forRoot(envConfig.jwt), envConfig),
 
     // Include AuthModule for authorization handling,
     // which will also include UserModule