Lack of control of express application root
We've recently hit a few bumps in eLife xPub:
- We wanted to put some config dynamically into the client side app (not in the webpack bundle) by templating it into the
- We wanted to add NewRelic reporting of errors that caught by the top level express and Apollo error handlers
- We wanted to turn off the REST routes and GraphQL resolvers that we don't use in order to minimise our API surface area
Each of these would have been easy if we controlled the root of the express app. But since it is in
pubsweet-server, we have to find workarounds. In the last case, the workaround we have found is to have
() => false as our
authsome mode. It makes it easy to disable all built in routes and resolvers but it also makes it harder for us to use
authsome for other purposes.
I've been doing some on-boarding and handovers recently which has highlighted to me that the current system is somewhat confusing. The core of our application lives in a plugin which gets loaded by
pubsweet-server which also comes with a lot of unused (by us) functionality. Allowing PubSweet apps to own the express root would allow us to build up the server more naturally through composition of only the features we use. It would obviate the need for the current plugins system although this could be kept for future
pubsweet install X type functionality.