Product
Introducing Enhanced Alert Actions and Triage Functionality
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.
express-graphql
Advanced tools
Readme
Create a GraphQL HTTP server with Express.
npm install --save express-graphql
Install express-graphql as middleware in your express server:
var graphqlHTTP = require('express-graphql');
var app = express();
app.use('/graphql', graphqlHTTP({ schema: MyGraphQLSchema, graphiql: true }));
The graphqlHTTP
function accepts the following options:
schema
: A GraphQLSchema
instance from graphql-js
.
A schema
must be provided.
context
: A value to pass as the context
to the graphql()
function from graphql-js
.
rootValue
: A value to pass as the rootValue
to the graphql()
function from graphql-js
.
pretty
: If true
, any JSON response will be pretty-printed.
formatError
: An optional function which will be used to format any
errors produced by fulfilling a GraphQL operation. If no function is
provided, GraphQL's default spec-compliant formatError
function will
be used.
validationRules
: Optional additional validation rules queries must
satisfy in addition to those defined by the GraphQL spec.
graphiql
: If true
, may present GraphiQL when loaded directly
from a browser (a useful tool for debugging and exploration).
During development, it's useful to get more information from errors, such as
stack traces. Providing a function to formatError
enables this:
formatError: error => ({
message: error.message,
locations: error.locations,
stack: error.stack
})
Once installed at a path, express-graphql
will accept requests with
the parameters:
query
: A string GraphQL document to be executed.
variables
: The runtime values to use for any GraphQL query variables
as a JSON object.
operationName
: If the provided query
contains multiple named
operations, this specifies which operation should be executed. If not
provided, a 400 error will be returned if the query
contains multiple
named operations.
raw
: If the graphiql
option is enabled and the raw
parameter is
provided raw JSON will always be returned instead of GraphiQL even when
loaded from a browser.
GraphQL will first look for each parameter in the URL's query-string:
/graphql?query=query+getUser($id:ID){user(id:$id){name}}&variables={"id":"4"}
If not found in the query-string, it will look in the POST request body.
If a previous middleware has already parsed the POST body, the request.body
value will be used. Use multer
or a similar middleware to add support
for multipart/form-data
content, which may be useful for GraphQL mutations
involving uploading files. See an example using multer.
If the POST body has not yet been parsed, graphql-express will interpret it depending on the provided Content-Type header.
application/json
: the POST body will be parsed as a JSON
object of parameters.
application/x-www-form-urlencoded
: this POST body will be
parsed as a url-encoded string of key-value pairs.
application/graphql
: The POST body will be parsed as GraphQL
query string, which provides the query
parameter.
In order to support advanced scenarios such as installing a GraphQL server on a dynamic endpoint or accessing the current authentication information, express-graphql allows options to be provided as a function of each express request, and that function may return either an options object, or a Promise for an options object.
This example uses express-session
to provide GraphQL with the currently
logged-in session as the context
of the query execution.
var session = require('express-session');
var graphqlHTTP = require('express-graphql');
var app = express();
app.use(session({ secret: 'keyboard cat', cookie: { maxAge: 60000 }}));
app.use('/graphql', graphqlHTTP(request => ({
schema: MySessionAwareGraphQLSchema,
context: request.session,
graphiql: true
})));
Then in your type definitions, access via the third "context" argument in your
resolve
function:
new GraphQLObjectType({
name: 'MyType',
fields: {
myField: {
type: GraphQLString,
resolve(parentValue, args, session) {
// use `session` here
}
}
}
});
FAQs
Production ready GraphQL HTTP middleware.
The npm package express-graphql receives a total of 254,841 weekly downloads. As such, express-graphql popularity was classified as popular.
We found that express-graphql demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
Security News
OpenSSF is warning open source maintainers to stay vigilant against reputation farming on GitHub, where users artificially inflate their status by manipulating interactions on closed issues and PRs.