apollo-accounts-password-server
v0.3.0-beta.26-1
Published
Fullstack accounts for Apollo: server side
Downloads
3
Readme
Apollo Accounts Password—Server
Server side of Apollo Accounts Password, a full-stack JS accounts system for Apollo and MongoDB.
Usage
npm install apollo-accounts-password-server
import { ApolloServer, makeExecutableSchema } from 'apollo-server'
import { merge } from 'lodash'
import mongodb from 'mongodb'
import {
createApolloAccounts,
accountsContext
} from 'apollo-accounts-password-server'
const start = async () => {
const client = await mongodb.MongoClient.connect(process.env.MONGO_URL)
const db = client.db()
const accounts = createApolloAccounts({
db,
tokenSecret: process.env.TOKEN_SECRET,
siteUrl:
process.env.NODE_ENV === 'production'
? 'https://myapp.com'
: 'http://localhost:3000'
})
const typeDefs = `
type PrivateType @auth {
field: String
}
type Query {
publicField: String
privateField: String @auth
privateType: PrivateType
adminField: String @auth
}
type Mutation {
_: String
}
extend type User {
firstName: String
}
`
const resolvers = {
Query: {
publicField: () => 'public',
privateField: () => 'private',
privateType: () => ({
field: () => 'private'
}),
adminField: (root, args, context) => {
if (context.user.isAdmin) {
return 'admin field'
}
}
},
User: {
firstName: () => 'first'
}
}
const schema = makeExecutableSchema({
typeDefs: [typeDefs, accounts.typeDefs],
resolvers: merge(accounts.resolvers, resolvers),
schemaDirectives: {
...accounts.schemaDirectives
}
})
const server = new ApolloServer({
schema,
context: ({ req }) => accountsContext(req)
})
server.listen(4000).then(({ url }) => {
console.log(`🚀 Server ready at ${url}`)
})
}
start()
createApolloAccounts()
generates typedefs, resolvers, and directives for us to use in our schema. It creates a User
type that we can extend and an @auth
directive for fields and types that returns an error if the client is not logged in. It also creates resolvers and types used by apollo-accounts-password-client
.
Demo
See flyblackbird/apollo-accounts
API
createApolloAccounts
createApolloAccounts(options)
options
format. Detailed format:
options.db
: (Required) the database connection. Using themongodb
module:
const client = await mongodb.MongoClient.connect(process.env.MONGO_URL)
// uses the db listed at the end of the MONGO_URL
const db = client.db()
// or:
const db = client.db('my-db-name')
Using Mongoose:
await mongoose.connect(
'mongodb://localhost:27017/apollo-accounts-demo',
{ useNewUrlParser: true }
)
const db = mongoose.connection
options.tokenSecret
: (Required) a secret the library uses for token creation. You can generate a secret withopenssl rand -base64 30
.options.siteUrl
: (Required) eg'http://localhost:3000'
or'https://myapp.com'
options.sendMail
: (Required) a function that sends an email. For instance:
import nodemailer from 'nodemailer'
let transporter = nodemailer.createTransport('smtps://username:[email protected]/?pool=true')
...
sendMail: ({ from, subject, to, text, html }) => {
transporter.sendMail({
from,
to,
subject,
text,
html
}, (err, info) => {
console.log(info)
})
}
options.emailTemplates
: templates for auth emails. Format. Defaults:
{
from: 'accounts-js <[email protected]>',
verifyEmail: {
subject: () => 'Verify your account email',
text: (user, url) =>
`To verify your account email please click on this link: ${url}`,
html: (user, url) =>
`To verify your account email please <a href="${url}">click here</a>.`,
},
resetPassword: {
subject: () => 'Reset your password',
text: (user, url) => `To reset your password please click on this link: ${url}`,
html: (user, url) => `To reset your password please <a href="${url}">click here</a>.`,
}
}
options.userObjectSanitizer
: a function that, given a user object from the database, returns a filtered user object that will be sent to the client. The default only removes authentication data (user.services
). Here is an example that removes theusername
field:
userObjectSanitizer: (user, omit, pick) => omit(user, ['username'])
options.tokenConfigs
: expiration for the access and refresh tokens. The default values are:
tokenConfigs: {
accessToken: {
expiresIn: '90m',
},
refreshToken: {
expiresIn: '90d',
},
}
The refresh token expiration matches Meteor's default 90-day login token expiration.
Expiration format matches jwt.sign
's options.expiresIn
.
options.impersonationAuthorize
: a function that, given the current user and the target of impersonation, returns whether to allow impersonation. For example:
impersonationAuthorize: (currentUser, targetUser) => currentUser.isAdmin
accountsContext
Sets the request context so that we can access context.user
in our resolvers:
const server = new ApolloServer({
schema,
context: ({ req }) => accountsContext(req)
})
onLogin
onLogin(cb)
cb
is called each time a user successfully logs in via login()
. It's given an object with information about the request, including a user
property.
cb
is not called when an access token is refreshed.
onCreateUser
onCreateUser(cb)
cb
is called after a user is successfully created (by a call to createUser()
). It's given the user record that was saved in the database.
Eject
This package is like Apollo Boost—if at some point you need more configuration options than this package exposes, you can eject by directly installing the below accounts-js
packages and configuring them yourself:
npm install @accounts/server @accounts/password @accounts/graphql-api @accounts/database-manager @accounts/mongo
See index.js