mentorenwahl/backend/src/backend/web/controllers/api_controller.cr

# Mentorenwahl: A fullstack application for assigning mentors to students based on their whishes.
# Copyright (C) 2022  Dominic Grimm
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <https://www.gnu.org/licenses/>.

require "http/headers"
require "baked_file_system"

module Backend
  module Web
    module Controllers
      @[ARTA::Route(path: "/")]
      # GraphQL API controller
      class ApiController < ATH::Controller
        {% if flag?(:playground) %}
          # Public folder virtual filesystem
          private module Public
            extend BakedFileSystem

            bake_folder "../../../../public"
          end

          @[ARTA::Get("")]
          def playground : ATH::Response
            ATH::StreamedResponse.new(headers: HTTP::Headers{"Content-Type" => "text/html", "Access-Control-Allow-Origin" => "*"}) do |io|
              IO.copy(Public.get("index.html"), io)
            end
          end
        {% else %}
          @[ARTA::Get("")]
          def playground : ATH::Exceptions::ServiceUnavailable
            ATH::Exceptions::ServiceUnavailable.new("GraphQL playground is disabled")
          end
        {% end %}

        # GraphQL query data
        struct GraphQLQuery
          include JSON::Serializable

          # Raw query
          getter query : String

          # Variables
          getter variables = {} of String => JSON::Any

          # Operation name
          getter operation_name : String?
        end

        @[ARTA::Post("")]
        def endpoint(request : ATH::Request) : ATH::Exceptions::BadRequest | ATH::Response
          return ATH::Exceptions::BadRequest.new("No request body given") unless request.body
          query = GraphQLQuery.from_json(request.body.not_nil!)

          ATH::StreamedResponse.new(
            headers: HTTP::Headers{
              "content-type"  => "application/json",
              "cache-control" => {"no-cache", "no-store", "max-age=0", "must-revalidate"},
            }
          ) do |io|
            Api::Schema::SCHEMA.execute(
              io,
              query.query,
              query.variables,
              query.operation_name,
              Api::Context.new(request.headers)
            )
          end
        end
      end
    end
  end
end