feat(examples): Updated examples

maticzav · Apr 21, 2018 · b26433b · b26433b
1 parent 48d0062
commit b26433b
Show file tree

Hide file tree

Showing 5 changed files with 128 additions and 15 deletions.
diff --git a/examples/logging/README.md b/examples/logging/README.md
@@ -0,0 +1,38 @@
+# GraphQL Middleware - Logging example
+
+This example illustrates basic usage of GraphQL Middleware. The idea is to log every field that has been requested by user.
+
+## Code
+
+> Mind the following parts
+
+### Import
+
+This is where we import `graphql-middleware`.
+
+```js
+const { applyMiddleware } = require('graphql-middleware')
+```
+
+### Middleware
+
+Because we want every field of our schema to make a log once it's requested, we use `schema` wide middleware definition.
+
+```js
+const logMiddleware = async (resolve, parent, args, ctx, info) => {
+  console.log(args, info)
+  return resolve()
+}
+```
+
+### Applying middleware
+
+This is the part where we modify the schema to reflect the changed middleware introduce.
+
+```js
+const analysedSchema = applyMiddleware(schema, logMiddleware)
+```
+
+## License
+
+MIT
diff --git a/examples/logging/index.js b/examples/logging/index.js
@@ -35,4 +35,4 @@ const server = new GraphQLServer({
   context: req => ({ ...req }),
 })
 
-server.start(() => console.log('Server is running on localhost:4000'))
+server.start(() => console.log('Server is running on http://localhost:4000'))
diff --git a/examples/permissions/README.md b/examples/permissions/README.md
@@ -0,0 +1,59 @@
+# GraphQL Middleware - Permissions example
+
+This example illustrates how to use GraphQL Middleware to handle user permissions. Do take into consideration that this is a low level implementation with no optimizations. We recommend using `graphql-shield` for production usage.
+
+## Code
+
+> Mind the following parts
+
+### Import
+
+This is where we import `graphql-middleware`.
+
+```js
+const { applyMiddleware } = require('graphql-middleware')
+```
+
+### Permission function
+
+This is where we decide whether the user should or shouldn't access the information. The following implementation preassumes that the secret is passed as the query header using `Authorization: <token>` format.
+
+```js
+const isLoggedIn = async (resolve, parent, args, ctx, info) => {
+  // Include your agent code as Authorization: <token> header.
+  const permit = ctx.request.get('Authorization') === code
+
+  if (!permit) {
+    throw new Error(`Not authorised!`)
+  }
+
+  return resolve()
+}
+```
+
+### Middleware
+
+The following middleware implements one field-scoped and one type-scoped middleware. We use `field` scoped middleware with `secured` field to ensure only `secured` field of `Query` requires authorisation. Furthermore, we also use `type` middleware to make sure every field of `Me` type requires authorisation.
+
+There is no need to apply permissions to `me` field of `Query` as requesting any of type `Me` fields already requires authentication.
+
+```js
+const permissions = {
+  Query: {
+    secured: isLoggedIn,
+  },
+  Me: isLoggedIn,
+}
+```
+
+### Applying middleware
+
+This is the part where we modify the schema to reflect the changed middleware introduce.
+
+```js
+const protectedSchema = applyMiddleware(schema, permissions)
+```
+
+## License
+
+MIT
diff --git a/examples/permissions/index.js b/examples/permissions/index.js
@@ -10,31 +10,47 @@ const typeDefs = `
   type Query {
     open: String!
     secured: String!
+    me: Me!
+  }
+
+  type Me {
+    name: String!
+    surname: String!
+    age: Int!
   }
 `
 
 const resolvers = {
   Query: {
     open: () => `Open data, everyone's welcome!`,
     secured: () => `Personal diary - this is for my eyes only!`,
+    me: () => ({}),
+  },
+  Me: {
+    name: () => 'Ben',
+    surname: () => 'Cool',
+    age: () => 18,
   },
 }
 
-// Middleware
+// Middleware - Permissions
 
-const permissions = {
-  Query: {
-    secured: async (resolve, parent, args, ctx, info) => {
-      // Include your agent code as Authorization: <token> header.
-      const permit = ctx.request.get('Authorization') === code
+const isLoggedIn = async (resolve, parent, args, ctx, info) => {
+  // Include your agent code as Authorization: <token> header.
+  const permit = ctx.request.get('Authorization') === code
 
-      if (!permit) {
-        throw new Error(`Not authorised!`)
-      }
+  if (!permit) {
+    throw new Error(`Not authorised!`)
+  }
+
+  return resolve()
+}
 
-      return resolve()
-    },
+const permissions = {
+  Query: {
+    secured: isLoggedIn,
   },
+  Me: isLoggedIn,
 }
 
 // Server
@@ -47,4 +63,4 @@ const server = new GraphQLServer({
   context: req => ({ ...req }),
 })
 
-server.start(() => console.log('Server is running on localhost:4000'))
+server.start(() => console.log('Server is running on http://localhost:4000'))
diff --git a/examples/permissions/yarn.lock b/examples/permissions/yarn.lock
@@ -421,8 +421,8 @@ graphql-import@^0.5.0:
     lodash "^4.17.4"
 
 graphql-middleware@^1.0.3:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/graphql-middleware/-/graphql-middleware-1.0.3.tgz#13fe7c1a0a26bb4b3395abf190fabec71a6ac34f"
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/graphql-middleware/-/graphql-middleware-1.0.4.tgz#578be70026d7a53dbb9b67554adc0fd75d6ad612"
   dependencies:
     graphql-tools "^2.23.1"