feat: add apollo graphql armor (#1535)

politics-rewired · Jul 12, 2023 · 36a79c9 · 36a79c9
1 parent 3cee1d8
commit 36a79c9
Show file tree

Hide file tree

Showing 3 changed files with 307 additions and 1 deletion.
diff --git a/package.json b/package.json
@@ -71,6 +71,7 @@
     "@apollo/client": "^3.4.16",
     "@babel/runtime": "^7.9.2",
     "@babel/runtime-corejs3": "^7.9.2",
+    "@escape.tech/graphql-armor": "^1.4.0",
     "@google-cloud/storage": "^5.7.4",
     "@graphql-tools/mock": "^8.4.0",
     "@graphql-tools/schema": "^8.2.0",

diff --git a/src/server/routes/graphql.ts b/src/server/routes/graphql.ts
@@ -1,4 +1,5 @@
 /* eslint-disable import/prefer-default-export */
+import { ApolloArmor } from "@escape.tech/graphql-armor";
 import { addMocksToSchema } from "@graphql-tools/mock";
 import { makeExecutableSchema } from "@graphql-tools/schema";
 import { ApolloServerPluginLandingPageGraphQLPlayground } from "apollo-server-core";
@@ -49,6 +50,13 @@ export const createRouter = async () => {
     return err;
   };
 
+  const armor = new ApolloArmor({
+    maxDepth: {
+      n: 10
+    }
+  });
+  const protection = armor.protect();
+
   const plugins = config.isProduction
     ? []
     : [ApolloServerPluginLandingPageGraphQLPlayground()];
@@ -58,7 +66,8 @@ export const createRouter = async () => {
     formatError,
     debug: !config.isProduction,
     introspection: !config.isProduction,
-    plugins,
+    ...protection,
+    plugins: [...protection.plugins, ...plugins],
     context: async ({ req }) => contextForRequest(req)
   });