const ObjectID = require("mongodb").ObjectID; const jwt = require('jsonwebtoken') const jwtSecret = 'CbymrfGfnB' const anonResolvers = ['login', 'createUser']; ;(async () => { const {Savable, slice, getModels} = await require('./models.js')('cb') class User extends Savable { //static get relations(){ //return { //events: "users" //} //} } Savable.addClass(User) const express = require('express'); const express_graphql = require('express-graphql'); const { buildSchema } = require('graphql'); const schema = buildSchema(` type Query { login(login: String!, password: String!): String events: [Event] event(eventId: String!): Event eventMoneysByEvent(eventId: String!): [EventMoney] eventMoneys: [EventMoney] } type Mutation { createUser(login: String!, password: String!): User changePassword(password: String!): User createEvent(name: String!, total: Float!):Event changeEvent(eventId:String!, name: String!, total: Float!):Event createEventMoney(eventId: String!, amount: Float):EventMoney } type User { _id: String login: String nick : String moneyEvents: [EventMoney] } type Event { _id: String name: String moneyEvents: [EventMoney] owner: String, total: Float, usersSum: Float, moneyDiff: Float, avg: Float } type EventMoney { _id: String user: User event: Event amount: Float owner: String avgDiff: Float } `); var app = express(); app.use(express.static('public')); const rootResolvers = { createUser:async function ({login, password}){ let user = await Savable.m.User.findOne({login, password}) if (user) return null; user = await (new User({login, password})).save() user.___owner = user._id.toString() user.___permissions = { read: ["owner", "user"] } return await user.save() }, login: async function({login, password}){ console.log(Savable.classes) const user = await Savable.m.User.findOne({login, password}) if (!user) return null; const token = jwt.sign({ sub: {id: user._id, login}}, jwtSecret); //подписывам токен нашим ключем return token }, changePassword:async function ({password}, {jwt: {id}, models: {SlicedSavable, User}} ){ id = new ObjectID(id) const user = await SlicedSavable.m.User.findOne({_id: id}) if (!user) return null; user.password = password; return await user.save() }, async createEvent({name, total}, {jwt: {id}, models: {Event}}){ return await (new Event({name, total})).save() }, async changeEvent({eventId, name, total}, {jwt: {id}, models: {SlicedSavable}}){ const event = await SlicedSavable.m.Event.findOne({_id: ObjectID(eventId)}) if (!event) return null; event.name = name event.total = total return await event.save() }, async events({}, {jwt: {id}, models: {SlicedSavable}}){ let events = [] for (let event of SlicedSavable.m.Event.find({})){ event = await event //const {_id, name, owner, moneyEvents, usersSum, moneyDiff, total} = event //event = {_id, name, owner, moneyEvents, usersSum: await event.usersSum, total} //console.log(event) events.push(event) } return events; }, async event({eventId}, {jwt: {id}, models: {SlicedSavable}}){ return await SlicedSavable.m.Event.findOne({_id: ObjectID(eventId)}); }, async createEventMoney({eventId, amount}, {jwt: {id}, models: {SlicedSavable, EventMoney, thisUser}}){ let eventMoney = await SlicedSavable.m.EventMoney.findOne({"user._id": ObjectID(id), "event._id": ObjectID(eventId)}) if (eventMoney){ eventMoney.amount = amount; return await eventMoney.save() } const event = await SlicedSavable.m.Event.findOne({_id: ObjectID(eventId)}) if (!event) return null; if (!thisUser) return null; console.log(thisUser, event, amount) return await (new EventMoney({user: thisUser, event, amount})).save() }, async eventMoneysByEvent({eventId}, {jwt: {id}, models: {SlicedSavable}}){ const event = await SlicedSavable.m.Event.findOne({_id: ObjectID(eventId)}); if (!event) return null const moneys = []; for (let money of event.moneyEvents){ try { await money console.log(money) } catch (e){ console.log('skip no access user' ,e) } moneys.push(money) console.log('in loop') } console.log('after loop') return moneys; }, async eventMoneys({}, {jwt: {id}, models: {SlicedSavable}}){ const me = await SlicedSavable.m.User.findOne({_id: ObjectID(id)}); if (!me) return null const moneys = []; for (let money of me.moneyEvents){ moneys.push(await money) } return moneys; }, } app.use('/graphql', express_graphql(async (req, res, gql) => { if (!gql.query){ return { schema: schema, rootValue: rootResolvers, graphiql: true, } } const operationMatch = gql.query.match(/\{\s*([a-zA-Z]+)\s*/) const operationName = gql.operationName || operationMatch[1] console.log('before oper', operationName) if ((!operationName) || anonResolvers.includes(operationName)){ return { schema: schema, rootValue: rootResolvers, graphiql: true, } } const authorization = req.headers.authorization console.log(authorization) if (authorization && authorization.startsWith('Bearer ')){ console.log('token provided') const token = authorization.substr("Bearer ".length) const decoded = jwt.verify(token, jwtSecret) if (decoded){ console.log('token verified', decoded) let slicedModels = await getModels(decoded.sub.id) return { schema: schema, rootValue: rootResolvers, graphiql: true, context: {jwt: decoded.sub, models: slicedModels} } } } console.log('bad end') })) app.listen(4000, () => console.log('Express GraphQL Server Now Running On localhost:4000/graphql')); })()