Merge branch 'dev' into jd/deploy2

Author: jondeweydev

.travis.yml

@@ -2,7 +2,7 @@ language: node_js
 node_js:
     - 16
     - 17
-    - 18
+    # - 18  
 
 # run test for the above node versions for branches dev and main
 branches:
@@ -16,17 +16,13 @@ script:
     - 'npm run test'
     - 'npm run build'
 # specify a job to run 
-jobs:
-    include:
-        - stage: npm release
-            node_js: "17"
-            script: echo "Deploying to npm ..."
-            deploy:
-                on:
-                    branch: main
-                    tags: true
-                provider: npm
-                email: NPM_EMAIL_ADDRESS
-                api_key: NPM_API_KEY
+deploy:
+    on:
+        branch: main
+        tags: true
+    skip_cleanup: false
+    provider: npm
+    email: $NPM_EMAIL_ADDRESS
+    api_key: $NPM_API_KEY
 
 

README.md

@@ -117,49 +117,62 @@ For queries that return a list, the complexity can be determined by providing a
 
 1. Slicing arguments: lists must be bounded by one integer slicing argument in order to calculate the complexity for the field. This package supports the slicing arguments `first`, `last` and `limit`. The complexity of the list will be the value passed as the argument to the field.
 
-2. Directives: First, `@listCost` must be defined in your schema with `directive @listCost(cost: Int!) on FIELD_DEFINITION`. Then, on any unbounded list field, add `@listCost(cost: Int)` and replace `Int` with the complexity you want applied whenever the list is queried.
+2. Directives: To use directives, `@listCost` must be defined in your schema with `directive @listCost(cost: Int!) on FIELD_DEFINITION`. Then, on any field which resolves to an unbounded list, add `@listCost(cost: [Int])` where `[Int]` is the complexity for this field.
 
-(Note: Slicing arguments are preferred! `@listCost` is in place for any reason slicing arguments cannot be used.)
+(Note: Slicing arguments are preferred and will override the the `@listCost` directive! `@listCost` is in place as a fall back.)
+
+```graphql
+directive @listCost(cost: Int!) on FIELD_DEFINITION
+type Human {
+    id: ID!
+}
+type Query {
+    humans: [Human] @listCost(cost: 10)
+}
+```
 
 ## <a name="how-it-works"></a> How It Works
 
 Requests are rate-limited based on the IP address associated with the request.
 
-On server start, the GraphQL (GQL) schema is parsed to build an object that maps GQL types/fields to their corresponding weights. Type weights can be provided during <a href="typeWeights">initial configuration</a>. When a request is received, this object is used to cross reference the fields queried by the user and compute the complexity of each field. The total complexity of the request is the sum of these values.
+On startup, the GraphQL (GQL) schema is parsed to build an object that maps GQL types/fields to their corresponding weights. Type weights can be provided during <a href="typeWeights">initial configuration</a>. When a request is received, this object is used to cross reference the fields queried by the user and compute the complexity of each field. The total complexity of the request is the sum of these values.
 
 Complexity is determined, statically (before any resolvers are called) to estimate the upper bound of the response size - a proxy for the work done by the server to build the response. The total complexity is then used to allow/block the request based on popular rate-limiting algorithms.
 
 Requests for each user are processed sequentially by the rate limiter.
 
 Example (with default weights):
 
-```javascript
-query { //  1 (complexity)
-   hero (episode: EMPIRE) { // 1
-      name // 0
-      id // 0
-      friends (first: 3) { // 3
-         name // 0
-         id // 0
-      }
-   }
-   reviews(episode: EMPIRE, limit: 5) { // 5
-      stars // stars 0
-      commentary // commentary 0
-   }
-}
-// total complexity of 10
+```graphql
+query {
+    # 1 query
+    hero(episode: EMPIRE) {
+        # 1 object
+        name # 0 scalar
+        id # 0 scalar
+        friends(first: 3) {
+            # 3 objects
+            name # 0 scalar
+            id # 0 scalar
+        }
+    }
+    reviews(episode: EMPIRE, limit: 5) {
+        #   5 objects
+        stars # 0 scalar
+        commentary # 0 scalar
+    }
+} # total complexity of 10
 ```
 
 ## <a name="response"></a> Response
 
 1. <b>Blocked Requests</b>: blocked requests recieve a response with,
 
     - status of `429` for `Too Many Requests`
-    - `Retry-After` header with a value of the time to wait in seconds before the request would be approved (`Infinity` if the complexity is greater than rate-limiting capacity).
-    - A JSON response with the `tokens` available, `complexity` of the query, `depth` of the query, `success` of the query set to `false`, and the UNIX `timestamp` of the request
+    - `Retry-After` header indicating the time to wait in seconds before the request could be approved (`Infinity` if the complexity is greater than rate-limiting capacity).
+    - A JSON response with the remaining `tokens` available, `complexity` of the query, `depth` of the query, `success` of the query set to `false`, and the UNIX `timestamp` of the request
 
-2. <b>Successful Requests</b>: successful requests are passed onto the next function in the middleware chain with the following properties saved to `res.locals`
+2. <b>Successful Requests</b>: successful requests are passed on to the next function in the middleware chain with the following properties saved to `res.locals`
 
 ```javascript
 {
@@ -168,15 +181,15 @@ query { //  1 (complexity)
       tokens: number, // tokens available after request
       compexity: number, // complexity of the query
       depth: number, // depth of the query
-      timestamp: number, // ms
+      timestamp: number, // UNIX timestamp
    }
 }
 ```
 
 ## <a name="error-handling"></a> Error Handling
 
 -   Incoming queries are validated against the GraphQL schema. If the query is invalid, a response with status code `400` is returned along with an array of GraphQL Errors that were found.
--   To avoid disrupting server activity, errors thrown during the analysis and rate-limiting of the query are logged and the request is passed onto the next middleware function in the chain.
+-   To avoid disrupting server activity, errors thrown during the analysis and rate-limiting of the query are logged and the request is passed onto the next piece of middleware in the chain.
 
 ## <a name="future-development"></a> Future Development
 

package-lock.json

@@ -15,7 +15,7 @@
     },
     "repository": {
         "type": "git",
-        "url": "git+https://github.com/oslabs-beta/graph-beaver.git"
+        "url": "git+https://github.com/oslabs-beta/graphql-gate.git"
     },
     "keywords": [
         "graphql",
@@ -64,6 +64,7 @@
         "*.{js,ts,css,md}": "prettier --write --ignore-unknown"
     },
     "dependencies": {
+        "@graphql-tools/utils": "^8.8.0",
         "graphql": "^16.5.0",
         "ioredis": "^5.0.5"
     }

package.json

@@ -24,11 +24,13 @@ export interface RedisBucket {
     timestamp: number;
 }
 
-export interface RedisWindow {
+export interface FixedWindow {
     currentTokens: number;
-    previousTokens: number;
     fixedWindowStart: number;
 }
+export interface RedisWindow extends FixedWindow {
+    previousTokens: number;
+}
 
 export type RedisLog = RedisBucket[];
 

src/@types/rateLimit.d.ts

@@ -113,6 +113,25 @@ function parseObjectFields(
                     resolveTo: listType.toString().toLocaleLowerCase(),
                 };
             } else {
+                // if the @listCost directive is given for the field,
+                // apply the cost argument's value to the field's weight
+                const directives = fields[field].astNode?.directives;
+
+                if (directives && directives.length > 0) {
+                    directives.forEach((dir) => {
+                        if (dir.name.value === 'listCost') {
+                            if (dir.arguments && dir.arguments[0].value.kind === Kind.INT) {
+                                result.fields[field] = {
+                                    resolveTo: listType.toString().toLocaleLowerCase(),
+                                    weight: Number(dir.arguments[0].value.value),
+                                };
+                            }
+                            throw new SyntaxError(`@listCost directive improperly configured`);
+                        }
+                    });
+                }
+
+                // if no directive is supplied to list field
                 fields[field].args.forEach((arg: GraphQLArgument) => {
                     // If field has an argument matching one of the limiting keywords and resolves to a list
                     // then the weight of the field should be dependent on both the weight of the resolved type and the limiting argument.
@@ -145,14 +164,16 @@ function parseObjectFields(
                                     return multiplier * (selectionsCost + weight);
                                     // ? what else can get through here
                                 }
+
                                 // if there is no argument provided with the query, check the schema for a default
                                 if (arg.defaultValue) {
                                     return Number(arg.defaultValue) * (selectionsCost + weight);
                                 }
 
-                                // FIXME: The list is unbounded. Return the object weight for
+                                // if an unbounded list has no @listCost directive attached
                                 throw new Error(
-                                    `ERROR: buildTypeWeights: Unbouned list complexity not supported. Query results should be limited with ${KEYWORDS}`
+                                    `ERROR: buildTypeWeights: Use directive @listCost(cost: Int!) on unbounded lists, 
+                                            or limit query results with ${KEYWORDS}`
                                 );
                             },
                         };