@vendure/harden-plugin 3.1.7 → 3.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/lib/src/middleware/query-complexity-plugin.d.ts +1 -1
  2. package/lib/src/middleware/query-complexity-plugin.js +15 -11
  3. package/lib/src/middleware/query-complexity-plugin.js.map +1 -1
  4. package/lib/src/types.d.ts +13 -0
  5. package/package.json +4 -4
package/lib/src/middleware/query-complexity-plugin.d.ts CHANGED
@@ -8,7 +8,7 @@ import { HardenPluginOptions } from '../types';
8
8
  export declare class QueryComplexityPlugin implements ApolloServerPlugin {
9
9
  private options;
10
10
  constructor(options: HardenPluginOptions);
11
- requestDidStart({ schema }: GraphQLRequestContext<any>): Promise<GraphQLRequestListener<any>>;
11
+ requestDidStart(context: GraphQLRequestContext<any>): Promise<GraphQLRequestListener<any>>;
12
12
  }
13
13
  /**
14
14
  * @description
package/lib/src/middleware/query-complexity-plugin.js CHANGED
@@ -1,6 +1,7 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.defaultVendureComplexityEstimator = exports.QueryComplexityPlugin = void 0;
3
+ exports.QueryComplexityPlugin = void 0;
4
+ exports.defaultVendureComplexityEstimator = defaultVendureComplexityEstimator;
4
5
  const core_1 = require("@vendure/core");
5
6
  const graphql_1 = require("graphql");
6
7
  const graphql_query_complexity_1 = require("graphql-query-complexity");
@@ -13,38 +14,42 @@ class QueryComplexityPlugin {
13
14
  constructor(options) {
14
15
  this.options = options;
15
16
  }
16
- async requestDidStart({ schema }) {
17
+ async requestDidStart(context) {
17
18
  var _a;
18
19
  const maxQueryComplexity = (_a = this.options.maxQueryComplexity) !== null && _a !== void 0 ? _a : 1000;
19
20
  return {
20
21
  didResolveOperation: async ({ request, document }) => {
21
- var _a, _b, _c, _d, _e, _f;
22
- if (isAdminApi(schema)) {
22
+ var _a, _b, _c, _d, _e, _f, _g, _h;
23
+ if (isAdminApi(context.schema)) {
23
24
  // We don't want to apply the cost analysis on the
24
25
  // Admin API, since any expensive operations would require
25
26
  // an authenticated session.
26
27
  return;
27
28
  }
29
+ if (await ((_b = (_a = this.options).skip) === null || _b === void 0 ? void 0 : _b.call(_a, context))) {
30
+ // Given skip function tells use we should not check this request for complexity
31
+ return;
32
+ }
28
33
  const query = request.operationName
29
34
  ? (0, graphql_1.separateOperations)(document)[request.operationName]
30
35
  : document;
31
36
  if (this.options.logComplexityScore === true) {
32
- core_1.Logger.debug(`Calculating complexity of "${(_a = request.operationName) !== null && _a !== void 0 ? _a : 'anonymous'}"`, constants_1.loggerCtx);
37
+ core_1.Logger.debug(`Calculating complexity of "${(_c = request.operationName) !== null && _c !== void 0 ? _c : 'anonymous'}"`, constants_1.loggerCtx);
33
38
  }
34
39
  const complexity = (0, graphql_query_complexity_1.getComplexity)({
35
- schema,
40
+ schema: context.schema,
36
41
  query,
37
42
  variables: request.variables,
38
- estimators: (_b = this.options.queryComplexityEstimators) !== null && _b !== void 0 ? _b : [
39
- defaultVendureComplexityEstimator((_c = this.options.customComplexityFactors) !== null && _c !== void 0 ? _c : {}, (_d = this.options.logComplexityScore) !== null && _d !== void 0 ? _d : false),
43
+ estimators: (_d = this.options.queryComplexityEstimators) !== null && _d !== void 0 ? _d : [
44
+ defaultVendureComplexityEstimator((_e = this.options.customComplexityFactors) !== null && _e !== void 0 ? _e : {}, (_f = this.options.logComplexityScore) !== null && _f !== void 0 ? _f : false),
40
45
  (0, graphql_query_complexity_1.simpleEstimator)({ defaultComplexity: 1 }),
41
46
  ],
42
47
  });
43
48
  if (this.options.logComplexityScore === true) {
44
- core_1.Logger.verbose(`Query complexity "${(_e = request.operationName) !== null && _e !== void 0 ? _e : 'anonymous'}": ${complexity}`, constants_1.loggerCtx);
49
+ core_1.Logger.verbose(`Query complexity "${(_g = request.operationName) !== null && _g !== void 0 ? _g : 'anonymous'}": ${complexity}`, constants_1.loggerCtx);
45
50
  }
46
51
  if (complexity >= maxQueryComplexity) {
47
- core_1.Logger.error(`Query complexity of "${(_f = request.operationName) !== null && _f !== void 0 ? _f : 'anonymous'}" is ${complexity}, which exceeds the maximum of ${maxQueryComplexity}`, constants_1.loggerCtx);
52
+ core_1.Logger.error(`Query complexity of "${(_h = request.operationName) !== null && _h !== void 0 ? _h : 'anonymous'}" is ${complexity}, which exceeds the maximum of ${maxQueryComplexity}`, constants_1.loggerCtx);
48
53
  throw new core_1.InternalServerError('Query is too complex');
49
54
  }
50
55
  },
@@ -98,5 +103,4 @@ function defaultVendureComplexityEstimator(customComplexityFactors, logFieldScor
98
103
  return result;
99
104
  };
100
105
  }
101
- exports.defaultVendureComplexityEstimator = defaultVendureComplexityEstimator;
102
106
  //# sourceMappingURL=query-complexity-plugin.js.map
package/lib/src/middleware/query-complexity-plugin.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"query-complexity-plugin.js","sourceRoot":"","sources":["../../../src/middleware/query-complexity-plugin.ts"],"names":[],"mappings":";;;AACA,wCAA4D;AAC5D,qCAOiB;AACjB,uEAAmG;AAEnG,4CAAyC;AAGzC;;;GAGG;AACH,MAAa,qBAAqB;IAC9B,YAAoB,OAA4B;QAA5B,YAAO,GAAP,OAAO,CAAqB;IAAG,CAAC;IAEpD,KAAK,CAAC,eAAe,CAAC,EAAE,MAAM,EAA8B;;QACxD,MAAM,kBAAkB,GAAG,MAAA,IAAI,CAAC,OAAO,CAAC,kBAAkB,mCAAI,IAAI,CAAC;QACnE,OAAO;YACH,mBAAmB,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE;;gBACjD,IAAI,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;oBACrB,kDAAkD;oBAClD,0DAA0D;oBAC1D,4BAA4B;oBAC5B,OAAO;gBACX,CAAC;gBACD,MAAM,KAAK,GAAG,OAAO,CAAC,aAAa;oBAC/B,CAAC,CAAC,IAAA,4BAAkB,EAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC;oBACrD,CAAC,CAAC,QAAQ,CAAC;gBAEf,IAAI,IAAI,CAAC,OAAO,CAAC,kBAAkB,KAAK,IAAI,EAAE,CAAC;oBAC3C,aAAM,CAAC,KAAK,CACR,8BAA8B,MAAA,OAAO,CAAC,aAAa,mCAAI,WAAW,GAAG,EACrE,qBAAS,CACZ,CAAC;gBACN,CAAC;gBACD,MAAM,UAAU,GAAG,IAAA,wCAAa,EAAC;oBAC7B,MAAM;oBACN,KAAK;oBACL,SAAS,EAAE,OAAO,CAAC,SAAS;oBAC5B,UAAU,EAAE,MAAA,IAAI,CAAC,OAAO,CAAC,yBAAyB,mCAAI;wBAClD,iCAAiC,CAC7B,MAAA,IAAI,CAAC,OAAO,CAAC,uBAAuB,mCAAI,EAAE,EAC1C,MAAA,IAAI,CAAC,OAAO,CAAC,kBAAkB,mCAAI,KAAK,CAC3C;wBACD,IAAA,0CAAe,EAAC,EAAE,iBAAiB,EAAE,CAAC,EAAE,CAAC;qBAC5C;iBACJ,CAAC,CAAC;gBAEH,IAAI,IAAI,CAAC,OAAO,CAAC,kBAAkB,KAAK,IAAI,EAAE,CAAC;oBAC3C,aAAM,CAAC,OAAO,CACV,qBAAqB,MAAA,OAAO,CAAC,aAAa,mCAAI,WAAW,MAAM,UAAU,EAAE,EAC3E,qBAAS,CACZ,CAAC;gBACN,CAAC;gBACD,IAAI,UAAU,IAAI,kBAAkB,EAAE,CAAC;oBACnC,aAAM,CAAC,KAAK,CACR,wBACI,MAAA,OAAO,CAAC,aAAa,mCAAI,WAC7B,QAAQ,UAAU,kCAAkC,kBAAkB,EAAE,EACxE,qBAAS,CACZ,CAAC;oBACF,MAAM,IAAI,0BAAmB,CAAC,sBAAsB,CAAC,CAAC;gBAC1D,CAAC;YACL,CAAC;SACJ,CAAC;IACN,CAAC;CACJ;AAtDD,sDAsDC;AAED,SAAS,UAAU,CAAC,MAAqB;IACrC,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,EAAE,CAAC;IACxC,IAAI,SAAS,EAAE,CAAC;QACZ,OAAO,CAAC,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC,cAAc,CAAC;IAClD,CAAC;IACD,OAAO,KAAK,CAAC;AACjB,CAAC;AAED;;;;;;;;;GASG;AACH,SAAgB,iCAAiC,CAC7C,uBAAmD,EACnD,cAAuB;IAEvB,OAAO,CAAC,OAAgC,EAAiB,EAAE;;QACvD,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,eAAe,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC;QACvD,MAAM,SAAS,GAAG,IAAA,sBAAY,EAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC3C,MAAM,IAAI,GAAG,GAAG,IAAI,CAAC,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;QAC1C,IAAI,MAAM,GAAG,eAAe,GAAG,CAAC,CAAC;QACjC,MAAM,YAAY,GAAG,uBAAuB,CAAC,IAAI,CAAC,CAAC;QACnD,IAAI,YAAY,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC,CAAC,GAAG,YAAY,CAAC;QACzD,CAAC;aAAM,CAAC;YACJ,IAAI,IAAA,sBAAY,EAAC,SAAS,CAAC,EAAE,CAAC;gBAC1B,MAAM,eAAe,GAAG,CAAC,CAAC,SAAS,CAAC,aAAa,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,eAAe,CAAC,CAAC;gBAC1F,IAAI,eAAe,EAAE,CAAC;oBAClB,MAAM,IAAI,GAAG,MAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,IAAI,mCAAI,IAAI,CAAC;oBACxC,MAAM,GAAG,eAAe,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC;gBAC5E,CAAC;YACL,CAAC;YACD,IAAI,IAAA,oBAAU,EAAC,IAAA,yBAAe,EAAC,KAAK,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;gBAC1C,MAAM,GAAG,eAAe,GAAG,CAAC,CAAC;YACjC,CAAC;QACL,CAAC;QACD,IAAI,cAAc,EAAE,CAAC;YACjB,aAAM,CAAC,KAAK,CACR,GAAG,IAAI,KAAK,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,sBAAsB,eAAe,YAAY,MAAM,EAAE,EAC1F,qBAAS,CACZ,CAAC;QACN,CAAC;QACD,OAAO,MAAM,CAAC;IAClB,CAAC,CAAC;AACN,CAAC;AAhCD,8EAgCC"}
1
+ {"version":3,"file":"query-complexity-plugin.js","sourceRoot":"","sources":["../../../src/middleware/query-complexity-plugin.ts"],"names":[],"mappings":";;;AAiGA,8EAgCC;AAhID,wCAA4D;AAC5D,qCAOiB;AACjB,uEAAmG;AAEnG,4CAAyC;AAGzC;;;GAGG;AACH,MAAa,qBAAqB;IAC9B,YAAoB,OAA4B;QAA5B,YAAO,GAAP,OAAO,CAAqB;IAAG,CAAC;IAEpD,KAAK,CAAC,eAAe,CAAC,OAAmC;;QACrD,MAAM,kBAAkB,GAAG,MAAA,IAAI,CAAC,OAAO,CAAC,kBAAkB,mCAAI,IAAI,CAAC;QACnE,OAAO;YACH,mBAAmB,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE;;gBACjD,IAAI,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC7B,kDAAkD;oBAClD,0DAA0D;oBAC1D,4BAA4B;oBAC5B,OAAO;gBACX,CAAC;gBACD,IAAI,MAAM,CAAA,MAAA,MAAA,IAAI,CAAC,OAAO,EAAC,IAAI,mDAAG,OAAO,CAAC,CAAA,EAAE,CAAC;oBACrC,gFAAgF;oBAChF,OAAO;gBACX,CAAC;gBACD,MAAM,KAAK,GAAG,OAAO,CAAC,aAAa;oBAC/B,CAAC,CAAC,IAAA,4BAAkB,EAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC;oBACrD,CAAC,CAAC,QAAQ,CAAC;gBAEf,IAAI,IAAI,CAAC,OAAO,CAAC,kBAAkB,KAAK,IAAI,EAAE,CAAC;oBAC3C,aAAM,CAAC,KAAK,CACR,8BAA8B,MAAA,OAAO,CAAC,aAAa,mCAAI,WAAW,GAAG,EACrE,qBAAS,CACZ,CAAC;gBACN,CAAC;gBACD,MAAM,UAAU,GAAG,IAAA,wCAAa,EAAC;oBAC7B,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,KAAK;oBACL,SAAS,EAAE,OAAO,CAAC,SAAS;oBAC5B,UAAU,EAAE,MAAA,IAAI,CAAC,OAAO,CAAC,yBAAyB,mCAAI;wBAClD,iCAAiC,CAC7B,MAAA,IAAI,CAAC,OAAO,CAAC,uBAAuB,mCAAI,EAAE,EAC1C,MAAA,IAAI,CAAC,OAAO,CAAC,kBAAkB,mCAAI,KAAK,CAC3C;wBACD,IAAA,0CAAe,EAAC,EAAE,iBAAiB,EAAE,CAAC,EAAE,CAAC;qBAC5C;iBACJ,CAAC,CAAC;gBAEH,IAAI,IAAI,CAAC,OAAO,CAAC,kBAAkB,KAAK,IAAI,EAAE,CAAC;oBAC3C,aAAM,CAAC,OAAO,CACV,qBAAqB,MAAA,OAAO,CAAC,aAAa,mCAAI,WAAW,MAAM,UAAU,EAAE,EAC3E,qBAAS,CACZ,CAAC;gBACN,CAAC;gBACD,IAAI,UAAU,IAAI,kBAAkB,EAAE,CAAC;oBACnC,aAAM,CAAC,KAAK,CACR,wBACI,MAAA,OAAO,CAAC,aAAa,mCAAI,WAC7B,QAAQ,UAAU,kCAAkC,kBAAkB,EAAE,EACxE,qBAAS,CACZ,CAAC;oBACF,MAAM,IAAI,0BAAmB,CAAC,sBAAsB,CAAC,CAAC;gBAC1D,CAAC;YACL,CAAC;SACJ,CAAC;IACN,CAAC;CACJ;AA1DD,sDA0DC;AAED,SAAS,UAAU,CAAC,MAAqB;IACrC,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,EAAE,CAAC;IACxC,IAAI,SAAS,EAAE,CAAC;QACZ,OAAO,CAAC,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC,cAAc,CAAC;IAClD,CAAC;IACD,OAAO,KAAK,CAAC;AACjB,CAAC;AAED;;;;;;;;;GASG;AACH,SAAgB,iCAAiC,CAC7C,uBAAmD,EACnD,cAAuB;IAEvB,OAAO,CAAC,OAAgC,EAAiB,EAAE;;QACvD,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,eAAe,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC;QACvD,MAAM,SAAS,GAAG,IAAA,sBAAY,EAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC3C,MAAM,IAAI,GAAG,GAAG,IAAI,CAAC,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;QAC1C,IAAI,MAAM,GAAG,eAAe,GAAG,CAAC,CAAC;QACjC,MAAM,YAAY,GAAG,uBAAuB,CAAC,IAAI,CAAC,CAAC;QACnD,IAAI,YAAY,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC,CAAC,GAAG,YAAY,CAAC;QACzD,CAAC;aAAM,CAAC;YACJ,IAAI,IAAA,sBAAY,EAAC,SAAS,CAAC,EAAE,CAAC;gBAC1B,MAAM,eAAe,GAAG,CAAC,CAAC,SAAS,CAAC,aAAa,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,eAAe,CAAC,CAAC;gBAC1F,IAAI,eAAe,EAAE,CAAC;oBAClB,MAAM,IAAI,GAAG,MAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,IAAI,mCAAI,IAAI,CAAC;oBACxC,MAAM,GAAG,eAAe,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC;gBAC5E,CAAC;YACL,CAAC;YACD,IAAI,IAAA,oBAAU,EAAC,IAAA,yBAAe,EAAC,KAAK,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;gBAC1C,MAAM,GAAG,eAAe,GAAG,CAAC,CAAC;YACjC,CAAC;QACL,CAAC;QACD,IAAI,cAAc,EAAE,CAAC;YACjB,aAAM,CAAC,KAAK,CACR,GAAG,IAAI,KAAK,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,sBAAsB,eAAe,YAAY,MAAM,EAAE,EAC1F,qBAAS,CACZ,CAAC;QACN,CAAC;QACD,OAAO,MAAM,CAAC;IAClB,CAAC,CAAC;AACN,CAAC"}
package/lib/src/types.d.ts CHANGED
@@ -1,3 +1,4 @@
1
+ import { GraphQLRequestContext } from '@apollo/server';
1
2
  import { ComplexityEstimator } from 'graphql-query-complexity';
2
3
  /**
3
4
  * @description
@@ -76,4 +77,16 @@ export interface HardenPluginOptions {
76
77
  * @default 'prod'
77
78
  */
78
79
  apiMode?: 'dev' | 'prod';
80
+ /**
81
+ * @description
82
+ * Allows you to skip the complexity check for certain requests.
83
+ *
84
+ * @example
85
+ * ```ts
86
+ * HardenPlugin.init({
87
+ * skip: (context) => context.request.http.headers['x-storefront-ssr-auth'] === 'some-secret-token'
88
+ * }),
89
+ * ```
90
+ */
91
+ skip?: (context: GraphQLRequestContext<any>) => Promise<boolean> | boolean;
79
92
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@vendure/harden-plugin",
3
- "version": "3.1.7",
3
+ "version": "3.2.0",
4
4
  "license": "GPL-3.0-or-later",
5
5
  "main": "lib/index.js",
6
6
  "types": "lib/index.d.ts",
@@ -21,8 +21,8 @@
21
21
  "graphql-query-complexity": "^0.12.0"
22
22
  },
23
23
  "devDependencies": {
24
- "@vendure/common": "^3.1.7",
25
- "@vendure/core": "^3.1.7"
24
+ "@vendure/common": "^3.2.0",
25
+ "@vendure/core": "^3.2.0"
26
26
  },
27
- "gitHead": "fa68d9f0d7138c9bc15bca2340cb6d4a9ffc96be"
27
+ "gitHead": "58c173ac0c7854ff53809d69f34a496f3eff1910"
28
28
  }