Skip to content

Commit

Permalink
feat: backend tenant graphql resolvers
Browse files Browse the repository at this point in the history
  • Loading branch information
njlie committed Jan 21, 2025
1 parent a8b7ca4 commit 23e34b2
Show file tree
Hide file tree
Showing 13 changed files with 2,593 additions and 73 deletions.
193 changes: 191 additions & 2 deletions localenv/mock-account-servicing-entity/generated/graphql.ts

Large diffs are not rendered by default.

51 changes: 41 additions & 10 deletions packages/backend/src/app.ts
Original file line number Diff line number Diff line change
Expand Up @@ -393,21 +393,52 @@ export class App {
)

let tenantApiSignatureResult: TenantApiSignatureResult
if (this.config.env !== 'test') {
koa.use(async (ctx, next: Koa.Next): Promise<void> => {
const result = await getTenantFromApiSignature(ctx, this.config)
if (!result) {
ctx.throw(401, 'Unauthorized')
} else {
const tenantSignatureMiddleware = async (
ctx: AppContext,
next: Koa.Next
): Promise<void> => {
const result = await getTenantFromApiSignature(ctx, this.config)
if (!result) {
ctx.throw(401, 'Unauthorized')
} else {
tenantApiSignatureResult = {
tenant: result.tenant,
isOperator: result.isOperator ? true : false
}
}
return next()
}

const testTenantSignatureMiddleware = async (
ctx: AppContext,
next: Koa.Next
): Promise<void> => {
if (ctx.headers['tenant-id']) {
const tenantService = await ctx.container.use('tenantService')
const tenant = await tenantService.get(
ctx.headers['tenant-id'] as string
)

if (tenant) {
tenantApiSignatureResult = {
tenant: result.tenant,
isOperator: result.isOperator ? true : false
tenant,
isOperator: tenant.apiSecret === this.config.adminApiSecret
}
} else {
ctx.throw(401, 'Unauthorized')
}
return next()
})
}
return next()
}

// For tests, we still need to get the tenant in the middleware, but
// we don't need to verify the signature nor prevent replay attacks
koa.use(
this.config.env !== 'test'
? tenantSignatureMiddleware
: testTenantSignatureMiddleware
)

koa.use(
koaMiddleware(this.apolloServer, {
context: async (): Promise<TenantedApolloContext> => {
Expand Down
Loading

0 comments on commit 23e34b2

Please sign in to comment.