Skip to content

Commit

Permalink
Pre-fill the admin auth token in dev environments to speed up testing (
Browse files Browse the repository at this point in the history 
…#890)

* Pre-fill the admin auth token in dev environments for speeding up testing, fix example query

* One more check
  • Loading branch information
@realmayus
realmayus authored Dec 28, 2023
1 parent 294d636 commit 8286792
Showing 1 changed file with 43 additions and 45 deletions.
88 changes: 43 additions & 45 deletions graphql/playground.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,17 @@ import { ApolloServerPluginLandingPageGraphQLPlayground } from 'apollo-server-co
import { isDev } from '../common/util/environment';

const userHeader = { authorization: 'Bearer <somerandombearer>' };
const adminHeader = { authorization: "Basic <btoa('admin' + password)>" };
const adminHeader = { authorization: `Basic ${isDev ? btoa('admin:' + process.env.ADMIN_AUTH_TOKEN) : 'btoa<admin:$ADMIN_AUTH_TOKEN>'}` };

const endpoint = '/apollo';

const loginQuery = `mutation {
# Place some random Bearer token in the tab HTTP Headers, then log in using one of these mutations:
# Token Login:
# Token Login:
loginToken(token: "authtokenP1") # Log in as Pupil 1
# loginToken(token: "authtokenS1") # Log in as Student 1
# Password Login:
# loginPassword(email: "[email protected]" password: "test")
# loginPassword(email: "[email protected]" password: "test")
Expand All @@ -21,50 +21,50 @@ const loginQuery = `mutation {
const meQuery = `query {
# Once a session is authenticates (use the same Bearer Token for this query) a user can query their own data through the me query:
# The roles assigned to this session:
# The roles assigned to this session:
myRoles
# All users (except for ADMIN and other technical accounts) can query their data through me:
me {
me {
# The userID is unique across all users, and looks like "student/{student.id}"
userID
# Some data is available for all users:
firstname
lastname
email
# All users can receive notifications:
# To limit the number of data received from the backend, we use pagination with 'take' and 'skip':
concreteNotifications(take: 10 skip: 0) {
sentAt
notification { description }
}
# All users can log in using different secrets (the thing used in loginToken or loginPassword):
secrets {
secrets {
type
description
expiresAt
lastUsed
}
# Every user has appointments:
appointments(take: 10 skip: 0) {
appointments(take: 10 skip: 0) {
start
duration
title
}
# Most data is actually stored depending on the user type, these edges are null if the user is not a pupil or student:
# Role PUPIL
pupil {
pupil {
state
schooltype
subjectsFormatted { name mandatory }
grade
aboutMe
# ... explore other fields here
# Course Participants (Role PARTICIPANT):
subcoursesJoined {
# To check whether users can do something, we use queries prefixed with 'can...' to get this info from the backend
Expand All @@ -74,51 +74,51 @@ const meQuery = `query {
course { name }
}
subcoursesWaitingList { course { name }}
# Match Tutees (Role TUTEE):
openMatchRequestCount
matches {
matches {
student { firstname lastname aboutMe }
dissolved
dissolvedAt
}
# Before matching we ask(ed) pupils to confirm their interest ...
tutoringInterestConfirmation { status }
# ... or they are screened and need to join a meeting:
screenings { status invalidated }
}
# Helpers, historically called Students:
# Role STUDENT
student {
student {
subjectsFormatted { name grade { min max }}
state
university
languages
# Before doing stuff at Lern-Fair, we talk to each helper,
# these screenings were historically done per role
tutorScreenings {
tutorScreenings {
jobStatus
knowsCoronaSchoolFrom
success
}
instructorScreenings {
instructorScreenings {
jobStatus
knowsCoronaSchoolFrom
success
}
# We require a certifciate of conduct from each helper, and deactivate their account if not:
certificateOfConductDeactivationDate
certificateOfConduct { dateOfInspection dateOfIssue criminalRecords }
# Course Instructors (Role INSTRUCTOR):
canCreateCourse { allowed reason }
# Courses are templates for multiple 'Subcourses':
coursesInstructing {
coursesInstructing {
id
name
description
Expand All @@ -127,29 +127,29 @@ const meQuery = `query {
image
allowContact
}
subcoursesInstructing {
subcoursesInstructing {
course { id }
minGrade
maxGrade
maxParticipants
joinAfterStart
appointments { start duration title }
participants { firstname lastname }
}
# Match Tutor (Role TUTOR):
matches {
matches {
pupil { firstname lastname aboutMe }
dissolved
dissolvedAt
}
}
}
}`;

Expand All @@ -158,17 +158,15 @@ const adminQuery = `query {
# (1) Start the backend with ADMIN_AUTH_TOKEN=admin npm run web
# (2) calculate "Basic " + btoa("admin:" + ADMIN_AUTH_TOKEN), i.e. "Basic YWRtaW46YWRtaW4="
# (3) Place the Basic Auth Token into the 'authorization' header
# Then just execute any query that fetches any data, i.e. this one to find a specific user
query {
students(where: { email: { contains: "@lern-fair.de" }} take: 100) {
email
firstname
lastname
matches {
active
pupil { firstname lastname }
}
students(where: { email: { contains: "@lern-fair.de" }} take: 100) {
email
firstname
lastname
matches {
dissolved
pupil { firstname lastname }
}
}
}`;
Expand Down

0 comments on commit 8286792

Please sign in to comment.