From 7b269414d83363fc8ed415485a284f14998b1e74 Mon Sep 17 00:00:00 2001 From: NGPixel Date: Sun, 28 Jan 2018 00:40:25 -0500 Subject: [PATCH] fix: auth cookie set + graphQL http link --- client/js/app.js | 33 ++++++++++++++++++++++---- package.json | 3 +++ server/app/data.yml | 6 +++++ server/master.js | 4 ++++ yarn.lock | 57 +++++++++++++++++++++++++++++++++++++++++---- 5 files changed, 95 insertions(+), 8 deletions(-) diff --git a/client/js/app.js b/client/js/app.js index 283c7f67..03a5cb27 100644 --- a/client/js/app.js +++ b/client/js/app.js @@ -9,7 +9,9 @@ import VueResource from 'vue-resource' import VueClipboards from 'vue-clipboards' import VeeValidate from 'vee-validate' import { ApolloClient } from 'apollo-client' -import { HttpLink } from 'apollo-link-http' +import { ApolloLink } from 'apollo-link' +import { createApolloFetch } from 'apollo-fetch' +import { BatchHttpLink } from 'apollo-link-batch-http' import { InMemoryCache } from 'apollo-cache-inmemory' import store from './store' @@ -71,10 +73,33 @@ window.CONSTANTS = CONSTANTS // Initialize Apollo Client (GraphQL) // ==================================== +const graphQLEndpoint = window.location.protocol + '//' + window.location.host + siteConfig.path + 'graphql' + +const apolloFetch = createApolloFetch({ + uri: graphQLEndpoint, + constructOptions: (requestOrRequests, options) => ({ + ...options, + method: 'POST', + body: JSON.stringify(requestOrRequests), + credentials: 'include' + }) +}) + window.graphQL = new ApolloClient({ - link: new HttpLink({ - uri: window.location.protocol + '//' + window.location.host + siteConfig.path + 'graphql' - }), + link: ApolloLink.from([ + new ApolloLink((operation, forward) => { + operation.setContext({ + headers: { + 'Content-Type': 'application/json' + } + }) + + return forward(operation) + }), + new BatchHttpLink({ + fetch: apolloFetch + }) + ]), cache: new InMemoryCache(), connectToDevTools: (process.env.node_env === 'development') }) diff --git a/package.json b/package.json index 21fff9ef..88a15ba1 100644 --- a/package.json +++ b/package.json @@ -53,6 +53,7 @@ "connect-flash": "0.1.1", "connect-redis": "3.3.3", "cookie-parser": "1.4.3", + "cors": "2.8.4", "diff2html": "2.3.3", "dotize": "^0.2.0", "execa": "0.9.0", @@ -139,6 +140,8 @@ "@glimpse/glimpse": "0.22.15", "@panter/vue-i18next": "0.9.1", "apollo-client-preset": "1.0.6", + "apollo-fetch": "0.7.0", + "apollo-link-batch-http": "1.0.4", "autoprefixer": "7.2.5", "babel-cli": "6.26.0", "babel-core": "6.26.0", diff --git a/server/app/data.yml b/server/app/data.yml index 01044a63..dd3daecc 100644 --- a/server/app/data.yml +++ b/server/app/data.yml @@ -45,6 +45,12 @@ defaults: path: '' rtl: false title: Wiki.js + # System defaults + cors: + credentials: true + maxAge: 600 + methods: 'GET,POST' + origin: true configNamespaces: - auth - features diff --git a/server/master.js b/server/master.js index 1050a69d..36533eb8 100644 --- a/server/master.js +++ b/server/master.js @@ -22,6 +22,7 @@ module.exports = async () => { const bodyParser = require('body-parser') const compression = require('compression') const cookieParser = require('cookie-parser') + const cors = require('cors') const express = require('express') const favicon = require('serve-favicon') const flash = require('connect-flash') @@ -48,6 +49,9 @@ module.exports = async () => { // ---------------------------------------- app.use(mw.security) + app.use(cors(wiki.config.cors)) + app.options('*', cors(wiki.config.cors)) + app.enable('trust proxy') // ---------------------------------------- // Public Assets diff --git a/yarn.lock b/yarn.lock index 1339135f..8607530c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -432,6 +432,27 @@ apollo-client@^2.1.0: optionalDependencies: "@types/async" "2.0.46" +apollo-fetch@0.7.0, apollo-fetch@^0.7.0: + version "0.7.0" + resolved "https://registry.yarnpkg.com/apollo-fetch/-/apollo-fetch-0.7.0.tgz#63c255a0ccb1b4c473524d8f9b536d72438bd3e7" + dependencies: + cross-fetch "^1.0.0" + +apollo-link-batch-http@1.0.4: + version "1.0.4" + resolved "https://registry.yarnpkg.com/apollo-link-batch-http/-/apollo-link-batch-http-1.0.4.tgz#e958a418a40625943a6018df695cca0cf4527977" + dependencies: + apollo-fetch "^0.7.0" + apollo-link "^1.0.7" + apollo-link-batch "^1.0.4" + graphql "^0.12.0" + +apollo-link-batch@^1.0.4: + version "1.0.4" + resolved "https://registry.yarnpkg.com/apollo-link-batch/-/apollo-link-batch-1.0.4.tgz#ce0c3820ebd72a153a951017f71c252df51178b4" + dependencies: + apollo-link "^1.0.7" + apollo-link-dedup@^1.0.0: version "1.0.4" resolved "https://registry.yarnpkg.com/apollo-link-dedup/-/apollo-link-dedup-1.0.4.tgz#d3200804b8dc892794418f4ae2c40f7251e42b46" @@ -452,6 +473,14 @@ apollo-link@^1.0.0, apollo-link@^1.0.6: apollo-utilities "^1.0.0" zen-observable "^0.6.0" +apollo-link@^1.0.7: + version "1.0.7" + resolved "https://registry.yarnpkg.com/apollo-link/-/apollo-link-1.0.7.tgz#42cd38a7378332fc3e41a214ff6a6e5e703a556f" + dependencies: + "@types/zen-observable" "0.5.3" + apollo-utilities "^1.0.0" + zen-observable "^0.6.0" + apollo-server-core@^1.3.2: version "1.3.2" resolved "https://registry.yarnpkg.com/apollo-server-core/-/apollo-server-core-1.3.2.tgz#f36855a3ebdc2d77b8b9c454380bf1d706105ffc" @@ -2610,7 +2639,7 @@ core-util-is@1.0.2, core-util-is@~1.0.0: version "1.0.2" resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7" -cors@^2.7.1: +cors@2.8.4, cors@^2.7.1: version "2.8.4" resolved "https://registry.yarnpkg.com/cors/-/cors-2.8.4.tgz#2bd381f2eb201020105cd50ea59da63090694686" dependencies: @@ -2679,6 +2708,13 @@ cron@^1.3: dependencies: moment-timezone "^0.5.x" +cross-fetch@^1.0.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/cross-fetch/-/cross-fetch-1.1.1.tgz#dede6865ae30f37eae62ac90ebb7bdac002b05a0" + dependencies: + node-fetch "1.7.3" + whatwg-fetch "2.0.3" + cross-spawn@^3.0.0: version "3.0.1" resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-3.0.1.tgz#1256037ecb9f0c5f79e3d6ef135e30770184b982" @@ -3367,6 +3403,12 @@ encodeurl@~1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.1.tgz#79e3d58655346909fe6f0f45a5de68103b294d20" +encoding@^0.1.11: + version "0.1.12" + resolved "https://registry.yarnpkg.com/encoding/-/encoding-0.1.12.tgz#538b66f3ee62cd1ab51ec323829d1f9480c74beb" + dependencies: + iconv-lite "~0.4.13" + end-of-stream@^1.0.0, end-of-stream@^1.1.0: version "1.4.1" resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.4.1.tgz#ed29634d19baba463b6ce6b80a37213eab71ec43" @@ -4607,7 +4649,7 @@ graphql-tools@2.19.0: graphql-subscriptions "^0.5.6" uuid "^3.1.0" -graphql@0.12.3: +graphql@0.12.3, graphql@^0.12.0: version "0.12.3" resolved "https://registry.yarnpkg.com/graphql/-/graphql-0.12.3.tgz#11668458bbe28261c0dcb6e265f515ba79f6ce07" dependencies: @@ -4935,7 +4977,7 @@ iconv-lite@0.4.15: version "0.4.15" resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.15.tgz#fe265a218ac6a57cfe854927e9d04c19825eddeb" -iconv-lite@0.4.19: +iconv-lite@0.4.19, iconv-lite@~0.4.13: version "0.4.19" resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.19.tgz#f7468f60135f5e5dad3399c0a81be9a1603a082b" @@ -5449,7 +5491,7 @@ is-retry-allowed@^1.0.0: version "1.1.0" resolved "https://registry.yarnpkg.com/is-retry-allowed/-/is-retry-allowed-1.1.0.tgz#11a060568b67339444033d0125a61a20d564fb34" -is-stream@^1.0.0, is-stream@^1.1.0: +is-stream@^1.0.0, is-stream@^1.0.1, is-stream@^1.1.0: version "1.1.0" resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-1.1.0.tgz#12d4a3dd4e68e0b79ceb8dbc84173ae80d91ca44" @@ -7103,6 +7145,13 @@ node-emoji@^1.4.1: dependencies: lodash.toarray "^4.4.0" +node-fetch@1.7.3: + version "1.7.3" + resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-1.7.3.tgz#980f6f72d85211a5347c6b2bc18c5b84c3eb47ef" + dependencies: + encoding "^0.1.11" + is-stream "^1.0.1" + node-fingerprint@0.0.2: version "0.0.2" resolved "https://registry.yarnpkg.com/node-fingerprint/-/node-fingerprint-0.0.2.tgz#31cbabeb71a67ae7dd5a7dc042e51c3c75868501"