Security News
Oracle Drags Its Feet in the JavaScript Trademark Dispute
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
By Sarah Gooding - Feb 07, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
next-graphql
Advanced tools
Package version was removed
This package version has been unpublished, mostly likely due to security reasons
next-graphql
Drop dead simple GraphQL implementation for Next.js. Works with vanilla Next.js and Zeit Serverless Functions (see https://zeit.co/docs/v2/serverless-functions/introduction for more details).
Installation
yarn add next-graphql
or
npm i -s next-graphql
Example
# pages/api/graphql.js
import { createHandler } from "next-graphql"
let ITEMS = [
{ name: "First" }
]
const typeDefs = `
type Item {
name: String!
}
type Query {
getItems: [Item]!
}
type Mutation {
createItem(name:String!): Item!
}
`
const resolvers = {
Query: {
getItems: async () => {
return db
},
},
Mutation: {
createItem: async (obj, { name }) => {
const item = { name }
ITEMS.push(item)
return item
}
}
}
export default createHandler({
typeDefs,
resolvers,
})
createHandler
Options
| Param | Type | |
|---|---|---|
log | boolean | Log all GQL queries, default: false |
typeDefs | string | |
resolvers | object | |
directives | object | |
context | function | async (req) => ... |
JWT Auth example With directives and context
# pages/api/graphql.js
# Assumes that a `Authorization: $TOKEN` header is sent from the client.
import jwt from "jsonwebtoken"
import { createHandler } from "~/next-graphql"
const { SECRET } = process.env
if (!secret) throw new Error("Make sure to set SECRET in .env)
const typeDefs = `
type Auth {
token: String!
user: User!
}
type User {
name: String!
}
type Query {
me: User! @authenticate
}
type Mutation {
register(name: String!): Auth!
}
`
const resolvers = {
Query: {
me: async (obj, params, context) => {
return context.authUser
}
},
Mutation: {
register: async (obj) => {
const token = jwt.sign({
data: user.id
}, SECRET, { expiresIn: '1h' });
}
}
}
const directives = {
async authenticate(next, src, args, context) {
if (!context.authUser) throw new Error("Must be authenticated")
return next()
},
}
const loadAuth = async (req) => {
const authorization = req.headers.Authorization
if (!authorization) return null
const decoded = jwt.decode(authorization)
const userId = decoded.payload
return User.find(userId)
}
export default createHandler({
typeDefs,
resolvers,
directives,
context: async (req) => ({ authUser: await loadAuth(req) }),
})
FAQs
GraphQL for Next.js
The npm package next-graphql receives a total of 0 weekly downloads. As such, next-graphql popularity was classified as not popular.
We found that next-graphql demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 10 May 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Linux Foundation Warns Open Source Developers: Compliance with Sanctions Is Not Optional
The Linux Foundation is warning open source developers that compliance with global sanctions is mandatory, highlighting legal risks and restrictions on contributions.
By Sarah Gooding - Feb 06, 2025
Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
By Sarah Gooding - Feb 06, 2025