graphql: Added graphql support for the user

Author: OscarS05

api/src/graphql/resolvers.js

@@ -1,7 +1,24 @@
+const {
+  NameType,
+  PasswordType,
+} = require('./resolvers/custom-types/custom-types');
+const {
+  query: userQueries,
+  mutation: userMutations,
+} = require('./resolvers/user/index');
+
 const resolvers = {
   Query: {
     hello: () => 'Hello world!',
+
+    ...userQueries,
   },
+  Mutation: {
+    ...userMutations,
+  },
+
+  NameType,
+  PasswordType,
 };
 
 module.exports = { resolvers };

api/src/graphql/resolvers/custom-types/custom-types.js

@@ -0,0 +1,18 @@
+const { RegularExpression } = require('graphql-scalars');
+
+const NameType = new RegularExpression(
+  'NameType',
+  /^[a-zA-ZÀ-ÿ ]{3,80}$/,
+  'Name must contain only letters and spaces.',
+);
+
+const PasswordType = new RegularExpression(
+  'PasswordType',
+  /^(?=.*[A-Z])(?=.*\d)(?=.*[!@#$%^&*()_+\-=:|,.<>\\/?])[a-zA-Z0-9!@#$%^&*()_+\-=:|,.<>\\/?]{8,35}$/,
+  'Password must contain at least 1 capital, 1 number and 1 special character.',
+);
+
+module.exports = {
+  NameType,
+  PasswordType,
+};

api/src/graphql/resolvers/user/index.js

@@ -0,0 +1,18 @@
+const {
+  getAll: getAllUsers,
+  login,
+  getByEmail,
+  create: createUser,
+} = require('./user.resolvers');
+
+const query = {
+  users: getAllUsers,
+  user: getByEmail,
+};
+
+const mutation = {
+  signUp: createUser,
+  login,
+};
+
+module.exports = { query, mutation };

api/src/graphql/resolvers/user/user.resolvers.js

@@ -0,0 +1,37 @@
+const {
+  getAllUsers,
+  login: loginUser,
+  getUserByEmail,
+  createUser,
+} = require('../../../modules/user/user.service');
+const {
+  validateGraphQLSession,
+} = require('../../../middlewares/authentication');
+
+const getAll = async (_, __, context) => {
+  await validateGraphQLSession(context.req);
+
+  return getAllUsers();
+};
+
+const getByEmail = async (_, { email }, context) => {
+  await validateGraphQLSession(context.req);
+
+  const user = await getUserByEmail(email);
+  return user;
+};
+
+const create = async (_, { name, email, password }) => {
+  return createUser({ name, email, password });
+};
+
+const login = async (_, { email, password }) => {
+  return loginUser({ email, password });
+};
+
+module.exports = {
+  getAll,
+  getByEmail,
+  login,
+  create,
+};

api/src/graphql/schema.graphql

@@ -0,0 +1,29 @@
+type Query {
+  hello: String!
+
+  # User queries
+  users: [User!]!
+  user(email: EmailAddress!): User!
+}
+
+type Mutation {
+  # User mutations
+  signUp(name: NameType!, email: EmailAddress!, password: PasswordType!): User!
+  login(email: EmailAddress!, password: String!): LoginResponse!
+}
+
+type User {
+  id: UUID!
+  name: String!
+  email: EmailAddress!
+  role: String!
+  createdAt: Date!
+}
+
+type LoginResponse {
+  user: User!
+  accessToken: String!
+}
+
+scalar NameType
+scalar PasswordType

api/src/graphql/schemas/user.schema.graphql

@@ -15,29 +15,45 @@ const limiter = (limit, windowMs, message) =>
     legacyHeaders: false,
   });
 
-const validateSession = async (req, res, next) => {
+const handlerValidateSession = async (req) => {
+  let decodedAccessToken = null;
+  let accessToken = null;
+
   try {
-    const accessToken = req.cookies?.accessToken;
-    if (!accessToken) throw Boom.unauthorized('Access token was not provided');
+    if (req.cookies.accessToken) {
+      accessToken = req.cookies.accessToken;
+    } else if (req.headers.authorization) {
+      const authHeader = req.headers.authorization;
+      if (authHeader.startsWith('Bearer ')) {
+        [, accessToken] = authHeader.split(' ');
+      } else {
+        throw Boom.unauthorized('Invalid authorization header format');
+      }
+    }
 
-    let decodedAccessToken = null;
+    decodedAccessToken = jwt.verify(accessToken, config.jwtAccessSecret);
+  } catch (error) {
+    throw Boom.badRequest(`Error verifying the accessToken: ${error.message}`);
+  }
 
-    try {
-      decodedAccessToken = jwt.verify(accessToken, config.jwtAccessSecret);
-    } catch (error) {
-      throw Boom.badRequest(
-        `Error verifying the accessToken: ${error.message}`,
-      );
-    }
+  if (!decodedAccessToken?.sub) {
+    throw Boom.unauthorized('Access token has expired');
+  }
 
-    if (!decodedAccessToken?.sub)
-      throw Boom.unauthorized('Access token has expired');
+  const user = await userRepository.findOneToValidateSession(
+    decodedAccessToken.sub,
+    accessToken,
+  );
 
-    const user = await userRepository.findOneToValidateSession(
-      decodedAccessToken.sub,
-      accessToken,
-    );
-    if (!user?.id) throw Boom.unauthorized('Invalid access token');
+  if (!user?.id) throw Boom.unauthorized('Invalid access token');
+
+  return { user, decodedAccessToken, accessToken };
+};
+
+const validateSession = async (req, res, next) => {
+  try {
+    const { decodedAccessToken, accessToken } =
+      await handlerValidateSession(req);
 
     req.user = decodedAccessToken;
     req.tokens = { accessToken };
@@ -47,4 +63,13 @@ const validateSession = async (req, res, next) => {
   }
 };
 
-module.exports = { validateSession, limiter };
+const validateGraphQLSession = async (req) => {
+  try {
+    const { user } = await handlerValidateSession(req);
+    return user;
+  } catch (error) {
+    throw Boom.unauthorized('GraphQL session validation failed');
+  }
+};
+
+module.exports = { validateSession, limiter, validateGraphQLSession };