add: auth Directive

Author: winverse

apps/book-server/package.json

@@ -24,11 +24,13 @@
   ],
   "license": "MIT",
   "dependencies": {
+    "@fastify/cookie": "^9.3.1",
     "@fastify/cors": "^8.3.0",
     "@fastify/mongodb": "^8.0.0",
     "@graphql-tools/graphql-file-loader": "^8.0.0",
     "@graphql-tools/load": "^8.0.0",
     "@graphql-tools/merge": "^9.0.0",
+    "@graphql-tools/utils": "^10.1.3",
     "@packages/database": "workspace:*",
     "@packages/library": "workspace:*",
     "@prisma/client": "^5.11.0",
@@ -40,6 +42,7 @@
     "fs-extra": "^11.2.0",
     "graphql": "^16.7.1",
     "graphql-scalars": "^1.22.2",
+    "graphql-tools": "^9.0.1",
     "ioredis": "^5.3.2",
     "mercurius": "^14.0.0",
     "mime": "^4.0.1",

apps/book-server/scripts/createMock.mts

@@ -3,6 +3,7 @@ import { MongoService } from '@lib/mongo/MongoService.mjs'
 import { getMockPages } from 'test/mock/mockBook.mjs'
 import { Writer } from '@packages/database/velog-book-mongo'
 import { faker } from '@faker-js/faker'
+import { urlAlphabet, random, customRandom } from 'nanoid'
 
 class Seeder {
   constructor(private readonly mongo: MongoService) {}
@@ -28,11 +29,20 @@ class Seeder {
       writer_id: writer.id,
       ...page,
     }))
+
+    const title = 'Learning bunJS is Fun!'
+    const urlSlug = `${title}-${customRandom(urlAlphabet, 10, random)().toLocaleLowerCase()}`
+
     const book = await this.mongo.book.create({
       data: {
         writer_id: writer.id,
-        title: 'Learning bunJS is Fun!',
+        title: title,
         thumbnail: faker.image.dataUri(),
+        description: faker.lorem.paragraph(2),
+        is_temp: false,
+        is_private: false,
+        is_published: true,
+        url_slug: urlSlug,
         pages: {
           createMany: {
             data: mockPages,

apps/book-server/src/app.mts

@@ -1,15 +1,20 @@
+import cookie from '@fastify/cookie'
 import Fastify from 'fastify'
 import corsPlugin from '@plugins/global/corsPlugin.mjs'
 import ipaddrPlugin from '@plugins/global/ipaddrPlugin.mjs'
 import mercuriusPlugin from '@plugins/global/mercuriusPlugin.mjs'
+import authPlugin from '@plugins/global/authPlugin.mjs'
+import { ENV } from '@env'
 
 const app = Fastify({
   logger: true,
   trustProxy: true,
 })
 
+app.register(cookie, { secret: ENV.cookieSecretKey })
 app.register(corsPlugin)
 app.register(ipaddrPlugin)
+app.register(authPlugin)
 app.register(mercuriusPlugin)
 
 export default app

apps/book-server/src/common/constants/HttpStatusConstants.mts

@@ -0,0 +1,19 @@
+const OK = 200
+const CREATED = 201
+const BAD_REQUEST = 400
+const UNAUTHORIZED = 401
+const FORBIDDEN = 403
+const NOT_FOUND = 404
+const CONFLICT = 409
+const INTERNAL_SERVER_ERROR = 500
+
+export const HttpStatus = {
+  OK,
+  CREATED,
+  BAD_REQUEST,
+  FORBIDDEN,
+  UNAUTHORIZED,
+  NOT_FOUND,
+  CONFLICT,
+  INTERNAL_SERVER_ERROR,
+}

apps/book-server/src/common/constants/HttpStatusMesageConstants.mts

@@ -0,0 +1,19 @@
+const OK = 'Ok'
+const CREATED = 'CREATED'
+const BAD_REQUEST = 'BAD_REQUEST'
+const UNAUTHORIZED = 'UNAUTHORIZED'
+const FORBIDDEN = 'FORBIDDEN'
+const NOT_FOUND = 'NOT_FOUND'
+const CONFLICT = 'CONFLICT'
+const INTERNAL_SERVER_ERROR = 'INTERNAL_SERVER_ERROR'
+
+export const HttpStatusMessage = {
+  OK,
+  CREATED,
+  BAD_REQUEST,
+  FORBIDDEN,
+  UNAUTHORIZED,
+  NOT_FOUND,
+  CONFLICT,
+  INTERNAL_SERVER_ERROR,
+}

apps/book-server/src/common/constants/TimeConstants.mts

@@ -0,0 +1,17 @@
+const ONE_MINUTE_IN_MS = 1000 * 60
+const ONE_HOUR_IN_MS = ONE_MINUTE_IN_MS * 60
+const ONE_DAY_IN_MS = ONE_HOUR_IN_MS * 24
+
+const ONE_MINUTE_IN_S = 60
+const ONE_HOUR_IN_S = ONE_MINUTE_IN_S * 60
+const ONE_DAY_IN_S = ONE_HOUR_IN_S * 24
+
+export const Time = {
+  ONE_MINUTE_IN_MS,
+  ONE_HOUR_IN_MS,
+  ONE_DAY_IN_MS,
+
+  ONE_MINUTE_IN_S,
+  ONE_HOUR_IN_S,
+  ONE_DAY_IN_S,
+}

apps/book-server/src/common/interfaces/graphql.mts

@@ -9,4 +9,5 @@ export type GraphQLContextBase = {
   request: FastifyRequest
   reply: FastifyReply
   ip: string | null
+  writer: { id: string } | null
 }

apps/book-server/src/common/plugins/global/authPlugin.mts

@@ -1,10 +1,38 @@
 import fp from 'fastify-plugin'
 import { FastifyPluginAsync } from 'fastify'
+import { WriterService } from '@services/WriterService/index.mjs'
+import { container } from 'tsyringe'
+import { CookieService } from '@lib/cookie/CookieService.mjs'
+import { JwtService } from '@lib/jwt/JwtService.mjs'
+import type { AccessTokenData } from '@packages/library/jwt'
 
 const authPlugin: FastifyPluginAsync = async (fastify) => {
-  fastify.decorateRequest('user', null)
-  fastify.addHook('preHandler', async (request) => {
+  fastify.decorateRequest('writer', null)
+  fastify.addHook('onRequest', async (request, reply) => {
     if (request.url.includes('/auth/logout')) return
+
+    const cookieService = container.resolve(CookieService)
+    try {
+      const writerService = container.resolve(WriterService)
+      const jwtService = container.resolve(JwtService)
+
+      let accessToken: string | undefined = request.cookies['access_token']
+      const authorization = request.headers['authorization']
+
+      if (!accessToken && !!authorization && typeof authorization === 'string') {
+        accessToken = authorization.split('Bearer ')[1]
+      }
+
+      if (!accessToken) return
+      const accessTokenData = await jwtService.decodeToken<AccessTokenData>(accessToken)
+      const writerId = await writerService.checkExistsWriter(accessTokenData.user_id)
+      if (!writerId) return
+      request.writer = { id: writerId }
+    } catch (error) {
+      console.log('auth Plugin error', error)
+      cookieService.clearCookie(reply, 'access_token')
+      cookieService.clearCookie(reply, 'refresh_token')
+    }
   })
 }
 

apps/book-server/src/common/plugins/global/corsPlugin.mts

@@ -1,9 +1,8 @@
 import fp from 'fastify-plugin'
-import { container } from 'tsyringe'
 import { FastifyPluginAsync } from 'fastify'
 import cors from '@fastify/cors'
 import { ForbiddenError } from '@errors/ForbiddenError.mjs'
-import { EnvService } from '@lib/env/EnvService.mjs'
+import { ENV } from '@env'
 
 const corsPlugin: FastifyPluginAsync = async (fastify) => {
   const corsWhitelist: RegExp[] = [
@@ -14,8 +13,7 @@ const corsPlugin: FastifyPluginAsync = async (fastify) => {
     /https:\/\/velog.graphcdn.app/,
   ]
 
-  const env = container.resolve(EnvService)
-  if (env.get('appEnv') === 'development') {
+  if (ENV.appEnv === 'development') {
     corsWhitelist.push(/^http:\/\/localhost/)
   }
 

apps/book-server/src/common/plugins/global/mercuriusPlugin.mts

@@ -5,38 +5,39 @@ import type { FastifyPluginAsync } from 'fastify'
 import { isHttpError } from '@errors/HttpError.mjs'
 import { container } from 'tsyringe'
 import { DiscordService } from '@lib/discord/DiscordService.mjs'
-import { EnvService } from '@lib/env/EnvService.mjs'
 import { MqService } from '@lib/mq/MqService.mjs'
 import { GraphQLContextBase } from '@interfaces/graphql.mjs'
+import { ENV } from '@env'
+import { schemaTransforms } from '@graphql/transformer/index.mjs'
 
 const mercuriusPlugin: FastifyPluginAsync = async (fastify) => {
-  const env = container.resolve(EnvService)
-  container.register<MqService>(MqService, {
-    useValue: new MqService({ host: env.get('redisHost'), port: 6379 }),
-  })
   const mqService = container.resolve(MqService)
 
   fastify.register(mercurius, {
     logLevel: 'error',
     schema,
     resolvers: resolvers,
-    graphiql: env.get('appEnv') !== 'production',
+    graphiql: ENV.appEnv !== 'production',
     subscription: {
       emitter: mqService.emitter,
       verifyClient: (info, next) => {
         // if (info.req.headers['x-fastify-header'] !== 'fastify is awesome !') {
         //   return next(false) // the connection is not allowed
         // }
-        next(true) // the connection is allowed
+
+        next(false)
+        // next(true) // the connection is allowed
       },
     },
     context: (request, reply): GraphQLContextBase => {
       return {
         request,
         reply,
         ip: request.ipaddr,
+        writer: request.writer,
       }
     },
+    schemaTransforms,
     errorHandler: (error, request) => {
       const { name, message, code, stack, errors, statusCode } = error
       const result = {
@@ -50,7 +51,7 @@ const mercuriusPlugin: FastifyPluginAsync = async (fastify) => {
           message: error.message,
         })),
       }
-      if (env.get('appEnv') === 'development') {
+      if (ENV.appEnv === 'development') {
         console.log('errorHandler')
         request.log.error(request, 'errorHandler')
       } else {

apps/book-server/src/env.mts

@@ -0,0 +1,75 @@
+import dotenv from 'dotenv'
+import { existsSync } from 'fs'
+import { dirname, join } from 'path'
+import { fileURLToPath } from 'url'
+import { z } from 'zod'
+
+type DockerEnv = 'development' | 'stage' | 'production'
+type AppEnvironment = 'development' | 'production'
+type EnvFiles = Record<DockerEnv, string>
+
+function resolveDir(dir: string): string {
+  const __filename = fileURLToPath(import.meta.url)
+  const splited = dirname(__filename).split('/src')
+  const cwd = splited.slice(0, -1).join('/src')
+  return join(cwd, dir)
+}
+
+const envFiles: EnvFiles = {
+  development: '.env.development',
+  production: '.env.production',
+  stage: '.env.stage',
+}
+
+if (!process.env.DOCKER_ENV && process.env.NODE_ENV !== undefined) {
+  console.error(
+    'Development environment was initiated, despite the absence of the Docker environment.',
+  )
+}
+
+const dockerEnv = (process.env.DOCKER_ENV as DockerEnv) || 'development'
+const appEnv: AppEnvironment = ['stage', 'production'].includes(dockerEnv)
+  ? 'production'
+  : 'development'
+
+const envFile = envFiles[dockerEnv]
+const prefix = './env'
+
+const configPath = resolveDir(`${prefix}/${envFile}`)
+
+if (!existsSync(configPath)) {
+  console.log(`Read target: ${configPath}`)
+  throw new Error('Not found environment file')
+}
+
+dotenv.config({ path: configPath })
+
+const env = z.object({
+  dockerEnv: z.enum(['development', 'production', 'stage']),
+  appEnv: z.enum(['development', 'production']),
+  port: z.number(),
+  mongoUrl: z.string(),
+  discordBotToken: z.string(),
+  discordErrorChannel: z.string(),
+  redisHost: z.string(),
+  redisPort: z.number(),
+  bookBucketName: z.string(),
+  bookBucketUrl: z.string(),
+  cookieSecretKey: z.string(),
+  jwtSecretKey: z.string(),
+})
+
+export const ENV = env.parse({
+  dockerEnv,
+  appEnv,
+  port: Number(process.env.PORT),
+  mongoUrl: process.env.MONGO_URL,
+  discordBotToken: process.env.DISCORD_BOT_TOKEN,
+  discordErrorChannel: process.env.DISCORD_ERROR_CHANNEL,
+  redisHost: process.env.REDIS_HOST,
+  redisPort: Number(process.env.REDIS_PORT),
+  bookBucketName: process.env.BOOK_BUCKET_NAME,
+  bookBucketUrl: process.env.BOOK_BUCKET_URL,
+  cookieSecretKey: process.env.COOKIE_SECRET_KEY,
+  jwtSecretKey: process.env.JWT_SECRET_KEY,
+})

apps/book-server/src/graphql/Base.gql

@@ -0,0 +1 @@
+directive @auth on FIELD_DEFINITION

apps/book-server/src/graphql/Book.gql

@@ -11,14 +11,14 @@ type Query {
 }
 
 type Mutation {
-  deploy(input: BookIDInput!): Void
-  build(input: BookIDInput!): Void
+  deploy(input: BookIDInput!): Void @auth
+  build(input: BookIDInput!): Void @auth
 }
 
 type Subscription {
-  bookBuildInstalled(input: BookIDInput!): SubScriptionPayload
-  bookBuildCompleted(input: BookIDInput!): SubScriptionPayload
-  bookDeployCompleted(input: BookIDInput!): SubScriptionPayload
+  bookBuildInstalled(input: BookIDInput!): SubScriptionPayload @auth
+  bookBuildCompleted(input: BookIDInput!): SubScriptionPayload @auth
+  bookDeployCompleted(input: BookIDInput!): SubScriptionPayload @auth
 }
 
 input BookIDInput {

apps/book-server/src/graphql/index.mts

@@ -1,4 +1,3 @@
-import { container } from 'tsyringe'
 import { GraphQLFileLoader } from '@graphql-tools/graphql-file-loader'
 import { loadSchemaSync } from '@graphql-tools/load'
 import { mergeResolvers } from '@graphql-tools/merge'
@@ -8,17 +7,15 @@ import { DateTimeISOResolver, VoidResolver, PositiveIntResolver } from 'graphql-
 import { IResolvers, MercuriusContext } from 'mercurius'
 import { basename, dirname, resolve } from 'path'
 import { fileURLToPath } from 'url'
-import { EnvService } from '@lib/env/EnvService.mjs'
+import { ENV } from '@env'
 
 async function resolverAutoLoader(): Promise<any[]> {
-  const env = container.resolve(EnvService)
-
   const __filename = fileURLToPath(import.meta.url)
   const __dirname = dirname(__filename)
   const resolverFolderPath = resolve(__dirname, 'resolvers')
 
   const promises = readdirSync(resolverFolderPath).map(async (resolverPath) => {
-    const suffix = env.get('appEnv') === 'development' ? '.mts' : '.mjs'
+    const suffix = ENV.appEnv === 'development' ? '.mts' : '.mjs'
     const resolvername = basename(resolverPath, suffix)
     const resolver = await import(`./resolvers/${resolvername}.mjs`)
     return resolver.default