The Tracker API is exclusively focused on serving data, rather than HTML. It is a GraphQL API, chosen because of its composability, legibility and for the way it enables both security and security automation. It is built with the Express webserver using the express-graphql middleware, and follows the Relay specifications for pagination.
npm install
In accordance with the 12Factor app philosophy, the server draws it's config from the environment. It does based on a .env
file that should exist in the root of the API folder which can be created with the following command, obviously modifying the test values shown to suit your setup.
cat <<'EOF' > test.env
DB_PASS=test
DB_URL=http://localhost:8529
DB_NAME=track_dmarc
AUTHENTICATED_KEY=12341234
REFRESH_KEY=12341234
SIGN_IN_KEY=12341234
AUTH_TOKEN_EXPIRY=60
REFRESH_TOKEN_EXPIRY=7
LOGIN_REQUIRED=true
NOTIFICATION_API_KEY=asdf1234
NOTIFICATION_API_URL=https://api.notification.alpha.canada.ca
NOTIFICATION_AUTHENTICATE_EMAIL_ID=test_id
NOTIFICATION_AUTHENTICATE_TEXT_ID=test_id
NOTIFICATION_TWO_FACTOR_CODE_EN=test_id
NOTIFICATION_TWO_FACTOR_CODE_FR=test_id
NOTIFICATION_VERIFICATION_EMAIL_EN=test_id
NOTIFICATION_VERIFICATION_EMAIL_FR=test_id
DEPTH_LIMIT=15
COST_LIMIT=10000
SCALAR_COST=1
OBJECT_COST=1
LIST_FACTOR=1
CIPHER_KEY=1234averyveryveryveryverylongkey
TRACING_ENABLED=false
HASHING_SALT=secret-salt
NATS_URL=nats://nats:4222
NOTIFICATION_ORG_INVITE_BILINGUAL=test_id
NOTIFICATION_ORG_INVITE_CREATE_ACCOUNT_BILINGUAL=test_id
NOTIFICATION_ORG_INVITE_REQUEST_BILINGUAL=test_id
NOTIFICATION_PASSWORD_RESET_BILINGUAL=test_id
[email protected]
EOF
With that defined you can start the server with these commands.
# Compile the scripts
npm run build
# Run the server
npm start
An online IDE will be accessible at localhost:4000/graphql allowing you to explore the API.
npm install
npm run dev
The tests require a copy of ArangoDB to be running locally. ArangoDB should have it's own .env file, and the value of the root password should align with the value of DB_PASS
in the APIs test.env
file.
# Write the arango test credentials into an env file:
echo ARANGO_ROOT_PASSWORD=test > arangodb.env
# Run a detached arangodb container using the root password from the env:
docker run -d -p=8529:8529 --env-file arangodb.env --name=arango arangodb
The tests also requires a copy of Redis to be running locally.
docker run -d -p=6379:6379 --name=redis redis
With the databases running, we need create the environment variables the application needs, but with some test appropriate values. We can do that by creating test.env
in the API root directory with the following command.
cat <<'EOF' > test.env
DB_PASS=test
DB_URL=http://localhost:8529
DB_NAME=track_dmarc
AUTHENTICATED_KEY=12341234
REFRESH_KEY=12341234
SIGN_IN_KEY=12341234
AUTH_TOKEN_EXPIRY=60
REFRESH_TOKEN_EXPIRY=7
LOGIN_REQUIRED=true
NOTIFICATION_API_KEY=asdf1234
NOTIFICATION_API_URL=https://api.notification.alpha.canada.ca
NOTIFICATION_AUTHENTICATE_EMAIL_ID=test_id
NOTIFICATION_AUTHENTICATE_TEXT_ID=test_id
NOTIFICATION_TWO_FACTOR_CODE_EN=test_id
NOTIFICATION_TWO_FACTOR_CODE_FR=test_id
NOTIFICATION_VERIFICATION_EMAIL_EN=test_id
NOTIFICATION_VERIFICATION_EMAIL_FR=test_id
DEPTH_LIMIT=15
COST_LIMIT=10000
SCALAR_COST=1
OBJECT_COST=1
LIST_FACTOR=1
CIPHER_KEY=1234averyveryveryveryverylongkey
TRACING_ENABLED=false
HASHING_SALT=secret-salt
NATS_URL=nats://nats:4222
NOTIFICATION_ORG_INVITE_BILINGUAL=test_id
NOTIFICATION_ORG_INVITE_CREATE_ACCOUNT_BILINGUAL=test_id
NOTIFICATION_ORG_INVITE_REQUEST_BILINGUAL=test_id
NOTIFICATION_PASSWORD_RESET_BILINGUAL=test_id
[email protected]
EOF
Finally, run the tests.
npm test
npm run test-coverage
npm run lint
npm run prettier