warning Warning This chapter applies only to the code first approach.
Query complexity allows you to define how complex certain fields are, and to restrict queries with a maximum complexity. The idea is to define how complex each field is by using a simple number. A common default is to give each field a complexity of
1. In addition, the complexity calculation of a GraphQL query can be customized with so-called complexity estimators. A complexity estimator is a simple function that calculates the complexity for a field. You can add any number of complexity estimators to the rule, which are then executed one after another. The first estimator that returns a numeric complexity value determines the complexity for that field.
@nestjs/graphql package integrates very well with tools like graphql-query-complexity that provides a cost analysis-based solution. With this library, you can reject queries to your GraphQL server that are deemed too costly to execute.
To begin using it, we first install the required dependency.
Once the installation process is complete, we can define the
For demonstration purposes, we specified the maximum allowed complexity as
20. In the example above, we used 2 estimators, the
simpleEstimator and the
simpleEstimator: the simple estimator returns a fixed complexity for each field
fieldExtensionsEstimator: the field extensions estimator extracts the complexity value for each field of your schema
info Hint Remember to add this class to the providers array in any module.
With this plugin in place, we can now define the complexity for any field by specifying the
complexity property in the options object passed into the
@Field() decorator, as follows:
Alternatively, you can define the estimator function:
@Mutation() decorators may have a
complexity property specified like so: