Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 2 additions & 8 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,10 +24,8 @@ I'm trying to improve the story on _issuing_ with stronger browser security in m
(from another terminal)
$ cd client; yarn; yarn start

- *Heads up!* When starting the frontend, CRA will open http://localhost:3000 which we don't want (CORS).

Please point your browser instead to http://localhost:4000

- When starting the frontend, CRA will open http://localhost:3000 requests to the postgraphile server will be proxied by the webpack dev server.

## "Stateless sessions"
Because JWTs are stateless, you may be able to drop centralized session storage (Redis/DB). This project pushes the token state out strictly to live on the client only. #war-on-state

Expand Down Expand Up @@ -97,10 +95,6 @@ So there you have it, `refresh_token` based auth for PostGraphile!
- If you want to revoke a user's token, ensure `generate_token_plaintext()` doesn't return a token for that user, and wait 15 minutes. That's it. (Deleting the user would do the trick, as could setting up some kind of eg. `active` flag if you wanted to keep the record.)
- In an emergency you could in theory rotate the JWT secret(s), just be aware this would impact all users.<a href="#note1" id="note1ref"><sup>1</sup></a>

## I'm getting errors
This project uses `http-proxy` to put everything into a single origin to punt on tedious CORS config.
*Make sure you're pulling up the FE via http://localhost:4000.*

## Useful operations to copypasta
```graphql
mutation RegisterPerson {
Expand Down
3 changes: 2 additions & 1 deletion client/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -32,5 +32,6 @@
"last 1 firefox version",
"last 1 safari version"
]
}
},
"proxy": "http://0.0.0.0:4000"
}
4 changes: 2 additions & 2 deletions client/src/Apollo.js
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ const requestLink = new ApolloLink(
);

const httpLink = new HttpLink({
uri: 'http://localhost:4000/graphql',
uri: '/graphql',
credentials: 'include'
});

Expand Down Expand Up @@ -70,7 +70,7 @@ const tokenLink = new TokenRefreshLink({
return false;
}
},
fetchAccessToken: () => fetch("http://localhost:4000/access_token", {
fetchAccessToken: () => fetch("/access_token", {
method: "POST",
credentials: "include"
}),
Expand Down
2 changes: 1 addition & 1 deletion client/src/useAuth.js
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ const useProvideAuth = () => {
useEffect(() => {
// intended to be called when <App /> mounts, normally init time.
// If a valid refresh_token is in the cookie, we fetch and store an access_token
fetch("http://localhost:4000/access_token", {
fetch("/access_token", {
method: "POST",
credentials: "include"
}).then(async response => {
Expand Down
1 change: 0 additions & 1 deletion server/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@
"@graphile-contrib/pg-simplify-inflector": "^6.1.0",
"cookie-parser": "^1.4.5",
"express": "^4.17.1",
"http-proxy": "^1.18.1",
"postgraphile": "^4.12.4"
},
"devDependencies": {
Expand Down
7 changes: 2 additions & 5 deletions server/src/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@ import { createServer } from 'http'
import installCookieJWT from './middlewares/installCookieJWT.js'
import installDatabasePools from './middlewares/installDatabasePools.js'
import installPostgraphile from './middlewares/installPostgraphile.js'
import installFrontendProxy from './middlewares/installFrontendProxy.js'

const main = async () => {
const app = express();
Expand All @@ -14,14 +13,12 @@ const main = async () => {
await installDatabasePools(app);
await installPostgraphile(app);
await installCookieJWT(app);
await installFrontendProxy(app);

app.listen(4000, () => {
console.log(`🚀 GraphQL endpoint ready at http://localhost:4000/graphql`);
console.log(`🚀 UI ready at http://localhost:4000/graphiql`);
console.log(`If you haven't already, please run the React FE from refresh-token-postraphile/client/, which will make...`);
console.log(`🚀 React FE ready at http://localhost:4000/`);
});
console.log(`If you haven't already, please run the React FE from refresh-token-postraphile/client/`);
});
}

main()
Expand Down
28 changes: 0 additions & 28 deletions server/src/middlewares/installFrontendProxy.js

This file was deleted.

24 changes: 0 additions & 24 deletions server/yarn.lock
Original file line number Diff line number Diff line change
Expand Up @@ -225,11 +225,6 @@ eventemitter3@^3.1.0:
resolved "https://registry.yarnpkg.com/eventemitter3/-/eventemitter3-3.1.2.tgz#2d3d48f9c346698fce83a85d7d664e98535df6e7"
integrity sha512-tvtQIeLVHjDkJYnzf2dgVMxfuSGJeM/7UCG17TT4EumTfNtF+0nebF/4zWOIkCreAbtNqhGEboB6BWrwqNaw4Q==

eventemitter3@^4.0.0:
version "4.0.7"
resolved "https://registry.yarnpkg.com/eventemitter3/-/eventemitter3-4.0.7.tgz#2de9b68f6528d5644ef5c59526a1b4a07306169f"
integrity sha512-8guHBZCwKnFhYdHr2ysuRWErTwhoN2X8XELRlrRwpmfeY2jjuUN4taQMsULKUVo1K4DvZl+0pgfyoysHxvmvEw==

express@^4.17.1:
version "4.17.1"
resolved "https://registry.yarnpkg.com/express/-/express-4.17.1.tgz#4491fc38605cf51f8629d39c2b5d026f98a4c134"
Expand Down Expand Up @@ -279,11 +274,6 @@ finalhandler@^1.0.6, finalhandler@~1.1.2:
statuses "~1.5.0"
unpipe "~1.0.0"

follow-redirects@^1.0.0:
version "1.14.4"
resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.14.4.tgz#838fdf48a8bbdd79e52ee51fb1c94e3ed98b9379"
integrity sha512-zwGkiSXC1MUJG/qmeIFH2HBJx9u0V46QGUe3YR1fXG8bXQxq7fLj0RjLZQ5nubr9qNJUZrH+xUcwXEoXNpfS+g==

forwarded@0.2.0:
version "0.2.0"
resolved "https://registry.yarnpkg.com/forwarded/-/forwarded-0.2.0.tgz#2269936428aad4c15c7ebe9779a84bf0b2a81811"
Expand Down Expand Up @@ -388,15 +378,6 @@ http-errors@~1.7.2:
statuses ">= 1.5.0 < 2"
toidentifier "1.0.0"

http-proxy@^1.18.1:
version "1.18.1"
resolved "https://registry.yarnpkg.com/http-proxy/-/http-proxy-1.18.1.tgz#401541f0534884bbf95260334e72f88ee3976549"
integrity sha512-7mz/721AbnJwIVbnaSv1Cz3Am0ZLT/UBwkC92VlxhXv/k/BBQfM2fXElQNC27BVGr0uwUpplYPQM9LnaBMR5NQ==
dependencies:
eventemitter3 "^4.0.0"
follow-redirects "^1.0.0"
requires-port "^1.0.0"

iconv-lite@0.4.24:
version "0.4.24"
resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.24.tgz#2022b4b25fbddc21d2f524974a474aafe733908b"
Expand Down Expand Up @@ -775,11 +756,6 @@ readable-stream@^3.0.0:
string_decoder "^1.1.1"
util-deprecate "^1.0.1"

requires-port@^1.0.0:
version "1.0.0"
resolved "https://registry.yarnpkg.com/requires-port/-/requires-port-1.0.0.tgz#925d2601d39ac485e091cf0da5c6e694dc3dcaff"
integrity sha1-kl0mAdOaxIXgkc8NpcbmlNw9yv8=

safe-buffer@5.1.2:
version "5.1.2"
resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d"
Expand Down