|
|
@@ -20,16 +20,20 @@ import { HardenPluginOptions } from '../types';
|
|
|
export class QueryComplexityPlugin implements ApolloServerPlugin {
|
|
|
constructor(private options: HardenPluginOptions) {}
|
|
|
|
|
|
- async requestDidStart({ schema }: GraphQLRequestContext<any>): Promise<GraphQLRequestListener<any>> {
|
|
|
+ async requestDidStart(context: GraphQLRequestContext<any>): Promise<GraphQLRequestListener<any>> {
|
|
|
const maxQueryComplexity = this.options.maxQueryComplexity ?? 1000;
|
|
|
return {
|
|
|
didResolveOperation: async ({ request, document }) => {
|
|
|
- if (isAdminApi(schema)) {
|
|
|
+ if (isAdminApi(context.schema)) {
|
|
|
// We don't want to apply the cost analysis on the
|
|
|
// Admin API, since any expensive operations would require
|
|
|
// an authenticated session.
|
|
|
return;
|
|
|
}
|
|
|
+ if (await this.options.skip?.(context)) {
|
|
|
+ // Given skip function tells use we should not check this request for complexity
|
|
|
+ return;
|
|
|
+ }
|
|
|
const query = request.operationName
|
|
|
? separateOperations(document)[request.operationName]
|
|
|
: document;
|
|
|
@@ -41,7 +45,7 @@ export class QueryComplexityPlugin implements ApolloServerPlugin {
|
|
|
);
|
|
|
}
|
|
|
const complexity = getComplexity({
|
|
|
- schema,
|
|
|
+ schema: context.schema,
|
|
|
query,
|
|
|
variables: request.variables,
|
|
|
estimators: this.options.queryComplexityEstimators ?? [
|
Martijn