Coder Social home page Coder Social logo

Security Features about gqlify HOT 3 OPEN

gqlify avatar gqlify commented on May 28, 2024
Security Features

from gqlify.

Comments (3)

wwwy3y3 avatar wwwy3y3 commented on May 28, 2024 1

Hi @jthegedus

Currently, I only plan to implement graphql-rbac at our next release, but I did think about malicious queries protection before.

Since most of them are apollo schema directives, I could probably open up an API for schema directives. If it's not, we can still transform it into graphql middleware.

I'll think about it more. I'll see If it's sth I can implement with graphql-rbac and come up with a general API.

Thanks!

from gqlify.

jthegedus avatar jthegedus commented on May 28, 2024 1

I think opening up the API to allow users to specify their own directives and 3rd part tools would be ideal.

Just as a side note, it would be good to get some examples in the docs that demonstrate how people can use their existing Apollo Configs with gqlify. Currently I'm doing this:

  new Gqlify({
    // provide datamodel to gqlify
    sdl,

    // provide data-sources map to GQLify,
    // so GQLify would know how to create data-source for each model
    dataSources: {
      firestore: args => new FirestoreDataSource({ collection: args.key }),
    },
    skipPrint: true,
  })


...


function createApolloConfig() {
  return {
    introspection: true,
    playground: true,
    onHealthCheck: () =>
      new Promise((resolve, reject) => {
        // check your downstream services for health status
        // this could be internal or external dbs etc
        console.info("checking health");
        resolve();
      }),
    formatError: error => {
      console.error(error); // log the error in the Cloud Function logs
      return new Error("Internal server error"); // mask the error returned to the frontend
    },
  };
}


...


async function createGQLServer() {
  const app = express();

  // GQLify will provide GraphQL apis & resolvers to apollo-server
  const gqlify = await createGqlify();
  const gqlifyApolloConfig = gqlify.createApolloConfig();
  const apolloConfig = createApolloConfig();

  const finalServerConfig = {
    ...gqlifyApolloConfig,
    ...apolloConfig,
  };

  const server = new ApolloServer(finalServerConfig);

  ...

from gqlify.

jthegedus avatar jthegedus commented on May 28, 2024

Hi @wwwy3y3, is there any progress or roadmap we can see for these types of features? Happy to help contribute where I can

from gqlify.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.