Learn about our RFC process, Open RFC meetings & more.Join in the discussion! »

bunjil

1.0.4 • Public • Published

Bunjil

View on npm npm downloads Dependencies Build Status codecov NSP StatusKnown Vulnerabilities FOSSA Status

bunjil.js.org | Getting Started

Bunjil is a public facing GraphQL server.

It comes with Policy Based authorization, and hook for your own authentication (Passport.js, Auth0, database).

It’s purpose is to allow the stitching of one or more private GraphQL Schemas into a public one.

Getting Started

Documentation coming real soon.

Roadmap

  • [in progress] Documentation
  • Merge multiple GraphQL schemas into one public schema
  • Ability to hide Types
  • Ability to hide fields (masking)
  • Policy based authorization down to the field/edge level
  • Ability to deny access to fields based on roles with a policy
  • Caching, and caching policies down to the field level
  • Authentication hook
  • Authorization hook

Getting Started

yarn add bunjil

npm install bunjil

// Import Bunjil and the Policy Types
import { Bunjil, Policy, PolicyCondition, PolicyEffect } from "bunjil";
 
// Create a schema
 
const typeDefs: string = `
  type User {
    id: ID
    name: String
    password: String
    posts(limit: Int): [Post]
  }
 
  type Post {
    id: ID
    title: String
    views: Int
    author: User
  }
 
  type Query {
    author(id: ID): User
    topPosts(limit: Int): [Post]
  }
`;
 
// Resolvers are not shown in this example.
const schema = makeExecutableSchema({
    typeDefs,
    resolvers,
});
 
// Create a simple policy allowing public access to the data
const policies: Policy[] = [
    {
        id: "public:read-all",
        resources: ["Query::topPosts", "Post::*", "User::*"],
        actions: ["query"],
        effect: PolicyEffect.Allow,
        roles: ["*"],
    },
    {
        // Explicitly deny access to the password field.
        // This will superseed any other policy
        id: "deny:user::password",
        resources: ["User::password"],
        actions: ["query"],
        effect: PolicyEffect.Deny,
        roles: ["*"],
    },
];
 
// Create our bunjil server
const bunjil: Bunjil = new Bunjil({
    // Server config
    server: {
        hostname: `localhost`,
        protocol: `http`,
        port: 3000,
        tracing: true,
        cacheControl: true,
    },
    // Optionally in DEV you can enable the GraphQL playground
    playgroundOptions: {
        enabled: false,
    },
    // Set the endpoints where GraphQL is available at
    endpoints: {
        graphQL: "/graphql",
        subscriptions: "/graphql/subscriptions",
        playground: "/playground",
    },
    policies,
});
 
// Add our schema to the Bunjil instance
bunjil.addSchema({ schemas: [schema] });
 
// Now start Bunjil
await bunjil.start();

Usage

Running the tests

Use yarn tests or npm run tests.

Tests are written with ava, and we would strongly like tests with any new functionality.

Contributing

Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.

Versioning

We use SemVer for versioning. For the versions available, see the tags on this repository.

Authors

License

FOSSA Status

This project is licensed under the MIT License - see the LICENSE.md file for details

Acknowledgments

Keywords

none

Install

npm i [email protected]

Version

1.0.4

License

MIT

Unpacked Size

718 kB

Total Files

43

Last publish

Collaborators

  • avatar