javascript - 将 https 添加到由 webpack 代理的 graphql Express 端点

Question

我正在使用 webpack、express 和 graphql 构建一个应用程序。 Express 为express-graphql 端点提供服务，然后由 webpack-dev-server 代理。我想知道如何将 https 添加到该端点。

我没有 ssl 经验，对 Express 和 webpack 的经验也有限。我什至不确定问题是否是如何保护代理、express 服务器或express-graphql 端点的安全。

顺便说一句，我还使用 auth0 添加了用户身份验证，这似乎工作正常。

服务器.js

import express from 'express';
import graphQLHTTP from 'express-graphql';
import jwt from 'express-jwt';
import path from 'path';
import webpack from 'webpack';
import WebpackDevServer from 'webpack-dev-server';
import {Schema} from './data/schema';

const APP_PORT = process.env.PORT || 3000;
const GRAPHQL_PORT = 8080;
const AUTH0_ID = process.env.AUTH0_ID;
const AUTH0_SECRET = process.env.AUTH0_SECRET;

const authenticate = jwt({
  secret: new Buffer(AUTH0_SECRET, 'base64'),
  audience: AUTH0_ID,
});

// Expose a GraphQL endpoint
const graphQLServer = express();
graphQLServer.use('/', authenticate, graphQLHTTP(request => ({
  graphiql: true,
  pretty: true,
  schema: Schema,
  rootValue: { user: request.user },
})));
graphQLServer.listen(GRAPHQL_PORT, () => console.log(
  `GraphQL Server is now running on http://localhost:${GRAPHQL_PORT}`
));

// Serve the Relay app
...

const app = new WebpackDevServer(compiler, {
  contentBase: '/public/',
  proxy: {'/graphql': `http://localhost:${GRAPHQL_PORT}`},
  publicPath: '/app/',
  stats: {colors: true, chunks: false},
});

// Handle incoming routes
app.use('/', (req, res) => {
  res.sendFile(path.join(__dirname + '/public/index.html'));
});

app.listen(APP_PORT, () => {
  console.log(`App is now running on http://localhost:${APP_PORT}`);
});

Answer 1

我认为您希望保护面向公众的端点。在生产中使用 webpack 开发服务器并不是推荐的方法，但如果您确实需要使用 https，那么 webpack 开发服务器确实提供了 support for doing so .