ArtNattapat/nap

[WIP] NextJS + Apollo + PassportJS

nap

[WIP] NextJS/ApolloJS/PassportJS Build in Next JS for SSR, Apollo Client for GraphQL, Passport JS for authentication, Docker for development and production.

Overview

○ Docker
├─ ○ Docker Compose 3.1
│  ├─ Docker Swarm Stack
│  └─ Docker Flow Proxy
│
├─ ○ Nginx
│  ├─ ./nginx/certs   : /etc/nginx/certs
│  ├─ ./nginx/conf.d  : /etc/nginx/conf.d
│  ├─ ./nginx/log     : /var/log/nginx
│  └─ ./nginx/www     : /var/www
│
├─ ○ NodeJS 7.6, nodemon
│  ├─ ○ NextJS 2
│  │  ├─ ./pages      : /usr/app/pages
│  │  ├─ ./components : /usr/app/components
│  │  ├─ ./lib        : /usr/app/lib
│  │  ├─ ./routes     : /usr/app/routes
│  │  └─ ./server     : /usr/app/server
│  │
│  ├─ ○ Apollo GraphQL
│  │  └─ ./graphql    : /usr/app/graphql
│  │
│  └─ ○ PassportJS, Redis
│     └─ ./providers  : /usr/app/providers
│
├─ ○ Redis : redis://redis
│  └─ data            : /data
│
└─ ○ MongoDB : mongodb://mongo/graphql
   └─ data            : /data/db

Stacks

• next for SSR React.
• apollo for GraphQL client.
• passport for Express authentication.

Extras

• express for web framework.
• express-session for persist session via Redis.
• graphql-compose for build GraphQL types from Mongoose with resolvers.
• mongoose-role for manage user roles and user access levels
• nextjs-starter for basic authentication.
• modclean for smaller node_modules.
• mailgun for send email.
• passport-facebook-token for authenticating with Facebook access tokens.
• lusca for web application security middleware.
• platform for detect client platform.
• commitizen for commit formatting
• nginx for proxy.
• certbot for TLS.

---

Configurations

Copy from .env.example template and .env as you wish

cp .env.example .env

Develop

# To build and run docker compose (it take sometime for first build)
npm run up

# Try modify files and see the HMR result
open http://localhost:3000

# Try modify file in ./graphql and see the result via GraphiQL
open http://localhost:3000/graphql

Debug

• Server side : Use VSCode and press F5 to attach with nodejs
• Client side : Use Chrome Dev Tool

Addition

# To kill all and tear down
npm run down

# To dive in container
npm run in

Test

# Will need to run server for integration test (WIP)
npm run up

# To test all with Jest
npm run test

# To see coverage
npm run cover

---

GraphQL extend default fields

// Just modify ./graphql/custom.js
// To add `score` field as `Number` to `User` collection
exports.extraUserSchema = {
  score: Number
}

// To add `FCMToken` field as `String` to `Installation` collection
exports.extraInstallationSchema = {
  FCMToken: String
}

// To add `isVerified` field as `Boolean` to `Installation` collection
exports.extraInstallationSchema = {
  isVerified: Boolean
}

GraphQL examples

# For original graphql-compose examples
cp -r ./examples/schema-graphql-compose/ ./graphql/
open http://localhost:3000/graphql/user

# For Apollo style with graphql-tools
cp -r ./examples/schema-graphql-tools/ ./graphql/
open http://localhost:3000/graphql/apollo

# For original style
cp -r ./examples/schema-original/ ./graphql/
open http://localhost:3000/graphql/original

---

Passport (cookie)

Will need test after refactoring

• Facebook : http://localhost:3000/auth/facebook/
• Github : http://localhost:3000/auth/github/
• Twitter : http://localhost:3000/auth/twitter/
• Google : http://localhost:3000/auth/google/
• Email : http://localhost:3000/auth/signin
• Sign Out : http://localhost:3000/auth/signout/

Passport (token via GraphQL)

• Facebook

  Use with Ract Native after get access_token form Facebook, See nap-react-native

  # Login with Facebook access_token and device's info
  mutation loginWithFacebook($deviceInfo: String!, $accessToken: String!) {
    loginWithFacebook(deviceInfo: $deviceInfo, accessToken: $accessToken) {
      sessionToken
      user {
        _id
        name
      }
    }
    errors {
      code
      message
    }
  }
  
  # To get user profile
  {
    user {
      name
    }
    errors {
      code
      message
    }
  }
  
  # Logout with current bearer session token
  mutation {
    logout {
      isLoggedIn
    }
  }

• Log in with email

  Will to setup MailGun bofore use.

  MAILGUN_API_KEY=key-SOME_RANDOM_NUMBER_HERE
  MAILGUN_DOMAIN=foo.bar

  And optional modify email template at ./template/email-register.js Then log in with GraphQL
  Status should return as WAIT_FOR_EMAIL_VERIFICATION and VERIFIED_BY_EMAIL after visit verified link.

  mutation loginWithEmail($deviceInfo: String!, $email: String!) {
    loginWithEmail(deviceInfo: $deviceInfo, email: $email) {
      sessionToken
      user {
        _id
        status
      }
    }
    errors {
      code
      message
    }
  }
  

---

Client example

• Login/Logout with Facebook from React Native.
• Login/Logout with Facebook from NextJS.

DOING

• Link facebook-token with auth/facebook user.
• Link facebook-token with auth/email user.
• Unlink Facebook via React web.
• Handle cookies via React Native

TODO

• Add HOC to nap-react-native
• Create doc saparated from this README
• Add Swarm mode stack
• Add Nginx TLS container : https://github.com/rabbotio/nginx-certbot
• Add HTTPS : https://github.com/vfarcic/docker-flow-stacks/blob/master/ssl/README.md
• Grateful shutdown : https://github.com/heroku-examples/node-articles-nlp/blob/master/lib/server.js#L31
• Don't run as root : https://github.com/jdleesmiller/docker-chat-demo/blob/master/Dockerfile
• Separated Dockerfile : https://docs.docker.com/compose/compose-file/#build
• More secure with lusca
• Securing a Containerized Instance of MongoDB

TOTEST

• Redis fail test.
• MongoDB fail test.
• HTTP fail test.
• HTTPS fail test.
• Unit test graphql-compose.
• Basic signin test.
• Passport test.
• Sessions expire test.
• Chaos testing with pumba

TOCUSTOM

• Custom MongoDB replication docker exec -it node1 mongo --eval "rs.initiate()"
• Run Multiple Docker Environments (qa, stage, prod) from the Same docker-compose File.
• HTTPS with https://github.com/expressjs/session#cookiesecure
• Production vs Development. docker-compose -f docker-compose.yml -f production.yml up -d
• Container config e.g. restart policy, limits CPU/RAM.

  version: "3"
  services:
    web:
      image: web
      labels:
        com.example.description: "This label will appear on all containers for the web service"
      deploy:
        labels:
          com.example.description: "This label will appear on the web service"
        resources:
          limits:
            cpus: '0.001'
            memory: 50M
          reservations:
            cpus: '0.0001'
            memory: 20M
        mode: replicated
        replicas: 6
        update_config:
          parallelism: 2
          delay: 10s
        restart_policy:
          condition: on-failure
        placement:
          constraints:
            - node.role == manager
            - engine.labels.operatingsystem == ubuntu 14.04
  

TOHAVE

• Docker driver lvm-direct
• Notifications Support : https://pusher.com/docs/push_notifications/reference/architecture
• More logs. https://github.com/expressjs/morgan
• Use base-image? https://github.com/phusion/passenger-docker
• RabbitMQ?
• Notifications or maybe use vendors with webtask.
• GraphQL subscriptions :https://github.com/apollographql/graphql-subscriptions
• GraphQL advance examples.
• yarn? https://github.com/kriasoft/nodejs-api-starter/blob/master/docker-compose.yml#L18
• Fallback for Redis session store.
• Add MongoDB replica set/sharding? https://github.com/sisteming/mongodb-swarm
• Cache MongoDB with Redis https://www.npmjs.com/package/mongoose-redis-cache
• Cache MongoDB with mongoose-cache
• Add graphql-sequelize
• Admin Dashboard with SSH.
• Authen with mobile via Digits
• Cron with webtask.io.
• Backing Up and Restoring Data Volumes
• how-to-copy-docker-images-from-one-host-to-another-without-via-repository
• Back up and restore dockerized MongoDB
• Export Docker Mongo Data