peter.babic
/
demo-graphql-oauth
mirror of https://github.com/peterbabic/demo-graphql-oauth
0
0
Fork 0
Code Issues Projects Releases Wiki Activity

enable cors

Browse Source
master
Peter Babič 5 years ago
parent 835aaea901
commit 316d8c524f
Signed by: peter.babic
GPG Key ID: 4BB075BC1884BA40
2 changed files with 101 additions and 85 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 6
      src/server.spec.ts
  2. 12
      src/server.ts

6
src/server.spec.ts
Unescape View File

@ -21,6 +21,9 @@ describe("server should", () => {
const accessToken: string = accessTokenReponse.data.accessToken
const headers: Headers = accessTokenReponse.headers
const cookieHeader = headers.get("set-cookie") as string
const varyHeader = headers.get("vary") as string
const acacHeader = headers.get("access-control-allow-credentials") as string
const acaoHeader = headers.get("access-control-allow-origin") as string
const parsedCookie = cookie.parse(cookieHeader)
const refreshCookieExpires = dateInKiloSeconds(parsedCookie.Expires)
const refreshTokenPayload = verifiedRefreshTokenPayload(parsedCookie.rt)
@ -40,6 +43,9 @@ describe("server should", () => {
})
const jsonResponse = await refreshTokenResponse.json()
expect(varyHeader).toBe("Origin")
expect(acacHeader).toBe("true")
expect(acaoHeader).toMatch(/http:/)
expect(cookieHeader).toMatch(/HttpOnly/)
expect(parsedCookie.Path).toBe("/refresh_token")
expect(refreshTokenPayload.userId).toBe(userId)

12
src/server.ts
Unescape View File

@ -7,6 +7,7 @@ import {
verifiedRefreshTokenPayload,
} from "./server/userResolver/auth"
import cookie = require("cookie")
import cors = require("cors")
export const createServer = async (port: number) => {
const server = new ApolloServer({
@ -18,17 +19,26 @@ export const createServer = async (port: number) => {
})
const app = express()
app.use(
cors({
origin: "http://localhost:3000",
credentials: true,
})
)
app.post("/refresh_token", (req, res) => {
try {
const parsedCookie = cookie.parse(req.headers.cookie!)
const refreshPayload = verifiedRefreshTokenPayload(parsedCookie.rt)
const accessToken = accessTokenWithRefreshCookie(refreshPayload.userId, res)
res.json({ data: accessToken })
} catch (error) {
res.json({ data: null, errors: "Refresh failed: " + error })
}
})
server.applyMiddleware({ app })
server.applyMiddleware({ app, cors: false })
app.listen({ port })
return server

Write Preview
Loading…
Cancel
Save