Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/profusion/apollo-federation-file-upload
Add file upload support to Apollo Federated services.
https://github.com/profusion/apollo-federation-file-upload
Last synced: 4 days ago
JSON representation
Add file upload support to Apollo Federated services.
- Host: GitHub
- URL: https://github.com/profusion/apollo-federation-file-upload
- Owner: profusion
- Created: 2020-02-21T19:35:54.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2023-07-10T18:50:05.000Z (over 1 year ago)
- Last Synced: 2024-04-27T01:22:07.013Z (8 months ago)
- Language: TypeScript
- Size: 471 KB
- Stars: 31
- Watchers: 21
- Forks: 27
- Open Issues: 11
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Apollo Federation file upload
This library makes it easier to support file uploads to your federated
micro-services. It uses the [Apollo](https://www.apollographql.com/docs/apollo-server/data/file-uploads/) server's solution.
It works by simply redirecting the file uploaded stream to the micro-service.
This package does not use third-party services to send the package to your
micro-services.## Apollo Federation V2 Support
Please, use version 4.0.0+. For Federation V1 use 3.0.0 or earlier.
## Using HTTP Transfer-Encoding: chunked
By default, the `FileUploadDataSource` uses chunked transfers; we
advise that you do not change this setup. However, for some reason
you can't support this kind of transfer, one can provide the `useChunkedTransfer`
option to the `FileUploadDataSource` constructor as `false` to not
use chunked transfer (See the example below on setting this property).
Be advised once again that this can lead to DDOS attacks.## Preventing CSRF attacks
This package uses `graphql-upload`, if you want to prevent a CSRF attack you should keep
the CSRF prevention feature enabled, and configure your upload clients to send a non-empty
`Apollo-Require-Preflight` header.You can take a look at [Apollo's security guide](https://www.apollographql.com/docs/apollo-server/security/cors/#preventing-cross-site-request-forgery-csrf) for more details.
#### How to enable CRSF Prevention
```javascript
import { ApolloServer } from 'apollo-server';const runServer = async () => {
const server = new ApolloServer({
/*
If activated it will request by default a header with ['x-apollo-operation-name', 'apollo-require-preflight']You can also change the allowed headers by passing them to csrfPrevention.requestHeaders
*/
csrfPrevention: true,
...
});
...
};...
```## Example
On your Gateway, you must add the `FileUploadDataSource` in order
to the micro-service be able to receive the uploaded file(s).```javascript
import { ApolloServer } from 'apollo-server';
import { ApolloGateway } from '@apollo/gateway';
import FileUploadDataSource from '@profusion/apollo-federation-upload';const runServer = async () => {
const server = new ApolloServer({
gateway: new ApolloGateway({
// Add this line in order to support file uploads.
buildService: ({ url }) => new FileUploadDataSource({ url, useChunkedTransfer: true }),
serviceList: [
/* The services ... */
],
})
});const { url } = await server.listen();
console.log(`🚀 Server ready at ${url}`);
};runServer().catch(error => {
console.error('💥 Failed to start server:', error);
process.exit(1);
});
```