benawad / graphql-express-template Goto Github PK
View Code? Open in Web Editor NEWNode.js GraphQL Server template
graphql-express-template's Issues
Refresh Token being issued even if the Access Token/Refresh Token is tampered and fails to get verified
In index.js at Line 29 of branch - https://github.com/benawad/graphql-express-template/tree/8_refresh_token:
const addUser = async (req, res, next) => {
const token = req.headers['x-token'];
if (token) {
try {
const { user } = jwt.verify(token, SECRET);
req.user = user;
} catch (err) {
const refreshToken = req.headers['x-refresh-token'];
Here , consider a scenario if the tokens were compromised and one of them , lets say access token is now tampered , it will fail the verification and hence will enter the catch block and will generate a pair of new token.
There should be an explicit check if the JWT verification fails and only if it is due to expiration of token then generate new pair of tokens.
Mutations
How about sequelize mutations? Could you please do a tutorial?!
What are these objects ?
Hi,
Nice Videos ! Thanks.
Why do we need these extra find calls ? What are they ? Are they types or are they query resolvers ?
https://github.com/benawad/graphql-express-template/blob/2_nesting/resolvers.js#L3
Readme list auto-generated
Hey Ben I was just browsing github for express templates and noticed that you have a video list associated with the branches.
A while ago I created a project to auto-generate markdown bullet points for the readme based on sequential branches by date. Just pasting here in case you want to give it a try.
Why is token passed in as an argument in the refreshTokens method?
Sorry if this is a stupid question but it's not used anywhere in the method so why is it added as the first arg?
Once expired code will not reach refreshTokens
on L 33 of index.js you have logic like this
if (!token) {
return next();
}
If the token were to expire in the client, the client will not send it along with the request meaning there is no token and refreshTokens would never be hit?
subscription filtering
How would you filter outgoing events on subscriptions based on, say the authenticated users role or id?
Not really an issue just curious...
graphql-express-template/models/index.js
Line 26 in 2b65cce
I searched the actual repo this is based on, express-example from the Sequalize docs. I can't see any usage of the Sequelize class instance being attached as property to db. When and where is this ever used?
pg npm
seems to require pg < 7. pg 7.0.2 has connection.query(...).on error. should pg be added to package.json?
[Question] Cannot find module ./models
Just around the 26:32 mark of your tutorial and I ran into the following error
module.js:471
throw err;
^
Error: Cannot find module './models'
at Function.Module._resolveFilename (module.js:469:15)
at Function.Module._load (module.js:417:25)
at Module.require (module.js:497:17)
at require (internal/module.js:20:19)
I have the models folder with the user.js and index.js file and outside in my project directory the index.js file has the following import models from './models';
Do you have any suggestions on what I should be looking at to resolve this issue?
Thanks
graphql-sequelize
I watched your video playlist for this repo and it's been very helpful. Thanks for working on it. A couple thoughts:
- The YouTube playlist is out of order. The order of videos 1, 2, and 3 should be reversed.
- What are your thoughts on graphql-sequelize? It seems like a good fit since you are using sequelize. I'm trying to evaluate whether to use it or not in my project.
I'm looking forward to your future videos, especially on how to leverage DataLoader and how to add more authorization/permission logic.
Response Cookies Undefined
Hey!
So I am currently having the problem that within the resolvers file res.cookie('token', token, options...), I do not believe that the cookies are being set. I suspect this because within my index file, the req.cookies.token is empty.
My problem sorry!
Hi Ben.
I hope you are ok in these days.
i have a tiny problem with my school project. I want to make a user , post, comment with Graphql ,Express and Mongoose(Mongodb). I have wrote some code but i don't know why its not working. Can you please do me a favor and help me?
I can create user but when i want to create a post related to the user i get this error in playground:
ID cannot represent value: <Buffer 5e 9b f1 3e e9 49 61 38 fc 1a 6f 59>
these are my codes:
TypeDefs:
import { gql } from 'apollo-server-express';
export const typeDefs = gql`
type Query {
users: [User]
posts: [Post]
}
type Mutation {
createUser(name: String,email: String, age: Int): User!
createPost(title: String, body: String, published: Boolean, author: ID): Post!
}
type User {
id: ID!
name: String!
email: String!
age: Int
posts: [Post!]!
comments: [Comment!]!
}
type Post {
id: ID!
title: String!
body: String!
published: Boolean!
author: User!
comments: [Comment!]!
}
type Comment {
id: ID!
text: String!
author: User!
post: Post!
}
`
Resolvers:
import Users from './models/User';
import Posts from './models/Post';
import Comments from './models/Comment';
export const resolvers = {
Query: {
users: () => {
return Users.find();
},
posts: () => {
return Posts.find();
}
},
Mutation: {
createUser: async (parent, args, context, info) => {
const user = new Users(args);
await user.save();
return user;
},
createPost: async (parent, { title, body, published, author }, context, info) => {
const user = await Users.findById(author);
if (!user) {
console.log("User not found")
}
console.log(user)
const post = new Posts({ title, body, published, author: user.id });
await post.save();
user.posts.push(post);
await user.save();
return post;
}
}
}
UserSchema:
import mongoose, { mongo } from 'mongoose';
const userSchema = new mongoose.Schema({
name: {
type: String,
required: true
},
email: {
type: String,
required: true
},
age: {
type: Number,
required: false
},
posts: [
{
type: mongoose.Schema.Types.ObjectId,
ref: 'Post'
}
],
comments: [
{
type: mongoose.Schema.Types.ObjectId,
ref: 'Comment'
}
]
});
module.exports = mongoose.model('User',userSchema);
PostSchema:
import mongoose from 'mongoose';
const postSchema = new mongoose.Schema({
title: {
type: String,
required: true
},
body: {
type: String,
required: true
},
published: {
type: Boolean,
required: true
},
author: {
type: mongoose.Schema.Types.ObjectId,
ref: 'User'
},
comments: [
{
type: mongoose.Schema.Types.ObjectId,
ref: 'Comment'
}
]
});
module.exports = mongoose.model('Post',postSchema);
CommentSchema:
import mongoose from 'mongoose';
const commentSchema = new mongoose.Schema({
text: {
type: String,
required: true
},
author: {
type: mongoose.Schema.Types.ObjectId,
ref: 'User'
},
post: {
type: mongoose.Schema.Types.ObjectId,
ref: 'Post'
}
});
module.exports = mongoose.model('Comment',commentSchema);
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.