
Research
Security News
The Growing Risk of Malicious Browser Extensions
Socket researchers uncover how browser extensions in trusted stores are used to hijack sessions, redirect traffic, and manipulate user behavior.
apollo-server-lambda
Advanced tools
This is the AWS Lambda integration of GraphQL Server. Apollo Server is a community-maintained open-source GraphQL server that works with many Node.js HTTP server frameworks. Read the docs. Read the CHANGELOG.
npm install apollo-server-lambda graphql
To deploy the AWS Lambda function we must create a Cloudformation Template and a S3 bucket to store the artifact (zip of source code) and template. We will use the AWS Command Line Interface.
In a file named graphql.js
, place the following code:
const { ApolloServer, gql } = require('apollo-server-lambda');
const { ApolloServerPluginLandingPageGraphQLPlayground } = require('apollo-server-core');
// Construct a schema, using GraphQL schema language
const typeDefs = gql`
type Query {
hello: String
}
`;
// Provide resolver functions for your schema fields
const resolvers = {
Query: {
hello: () => 'Hello world!',
},
};
const server = new ApolloServer({
typeDefs,
resolvers,
// By default, the GraphQL Playground interface and GraphQL introspection
// is disabled in "production" (i.e. when `process.env.NODE_ENV` is `production`).
//
// If you'd like to have GraphQL Playground and introspection enabled in production,
// install the Playground plugin and set the `introspection` option explicitly to `true`.
introspection: true,
plugins: [ApolloServerPluginLandingPageGraphQLPlayground()],
});
exports.handler = server.createHandler();
The bucket name must be universally unique.
aws s3 mb s3://<bucket name>
This will look for a file called graphql.js with the export graphqlHandler
. It creates one API endpoints:
/graphql
(GET and POST)In a file called template.yaml
:
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Resources:
GraphQL:
Type: AWS::Serverless::Function
Properties:
Handler: graphql.handler
Runtime: nodejs14.x
Events:
AnyRequest:
Type: Api
Properties:
Path: /graphql
Method: ANY
This will read and transform the template, created in previous step. Package and upload the artifact to the S3 bucket and generate another template for the deployment.
aws cloudformation package \
--template-file template.yaml \
--output-template-file serverless-output.yaml \
--s3-bucket <bucket-name>
This will create the Lambda Function and API Gateway for GraphQL. We use the stack-name prod
to mean production but any stack name can be used.
aws cloudformation deploy \
--template-file serverless-output.yaml \
--stack-name prod \
--capabilities CAPABILITY_IAM
apollo-server-lambda
is built on top of apollo-server-express
. It combines the HTTP server framework express
with a package called @vendia/serverless-express
that translates between Lambda events and Express requests. By default, this is entirely behind the scenes, but you can also provide your own express app with the expressAppFromMiddleware
option to createHandler
:
const { ApolloServer } = require('apollo-server-lambda');
const express = require('express');
exports.handler = server.createHandler({
expressAppFromMiddleware(middleware) {
const app = express();
app.use(someOtherMiddleware);
app.use(middleware);
return app;
}
});
Your ApolloServer's context
function can read information about the current operation from both the original Lambda data structures and the Express request and response created by @vendia/serverless-express
. These are provided to your context
function as event
, context
, and express
options.
The event
object contains the API Gateway event (HTTP headers, HTTP method, body, path, ...). The context
object (not to be confused with the context
function itself!) contains the current Lambda Context (Function Name, Function Version, awsRequestId, time remaining, ...). express
contains req
and res
fields with the Express request and response. The object returned from your context
function is provided to all of your schema resolvers in the third context
argument.
const { ApolloServer, gql } = require('apollo-server-lambda');
// Construct a schema, using GraphQL schema language
const typeDefs = gql`
type Query {
hello: String
}
`;
// Provide resolver functions for your schema fields
const resolvers = {
Query: {
hello: () => 'Hello world!',
},
};
const server = new ApolloServer({
typeDefs,
resolvers,
context: ({ event, context, express }) => ({
headers: event.headers,
functionName: context.functionName,
event,
context,
expressRequest: express.req,
}),
});
exports.graphqlHandler = server.createHandler();
To enable CORS the response HTTP headers need to be modified. To accomplish this use the cors
option.
const { ApolloServer, gql } = require('apollo-server-lambda');
// Construct a schema, using GraphQL schema language
const typeDefs = gql`
type Query {
hello: String
}
`;
// Provide resolver functions for your schema fields
const resolvers = {
Query: {
hello: () => 'Hello world!',
},
};
const server = new ApolloServer({
typeDefs,
resolvers,
});
exports.handler = server.createHandler({
expressGetMiddlewareOptions: {
cors: {
origin: '*',
credentials: true,
}
},
});
To enable CORS response for requests with credentials (cookies, http authentication) the allow origin header must equal the request origin and the allow credential header must be set to true.
const { ApolloServer, gql } = require('apollo-server-lambda');
// Construct a schema, using GraphQL schema language
const typeDefs = gql`
type Query {
hello: String
}
`;
// Provide resolver functions for your schema fields
const resolvers = {
Query: {
hello: () => 'Hello world!',
},
};
const server = new ApolloServer({
typeDefs,
resolvers,
});
exports.handler = server.createHandler({
expressGetMiddlewareOptions: {
cors: {
origin: true,
credentials: true,
}
},
});
The options correspond to the express cors configuration with the following fields(all are optional):
origin
: boolean | string | string[]methods
: string | string[]allowedHeaders
: string | string[]exposedHeaders
: string | string[]credentials
: booleanmaxAge
: numberGraphQL Server is built with the following principles in mind:
Anyone is welcome to contribute to GraphQL Server, just read CONTRIBUTING.md, take a look at the roadmap and make your first PR!
FAQs
Production-ready Node.js GraphQL server for AWS Lambda
The npm package apollo-server-lambda receives a total of 62,569 weekly downloads. As such, apollo-server-lambda popularity was classified as popular.
We found that apollo-server-lambda demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover how browser extensions in trusted stores are used to hijack sessions, redirect traffic, and manipulate user behavior.
Research
Security News
An in-depth analysis of credential stealers, crypto drainers, cryptojackers, and clipboard hijackers abusing open source package registries to compromise Web3 development environments.
Security News
pnpm 10.12.1 introduces a global virtual store for faster installs and new options for managing dependencies with version catalogs.