New: Proxy all the requests to the graphql server

Makefile

@@ -11,7 +11,7 @@ help:  ## display this help
 
 .PHONY: run
 run: build ## run application
-	@LOG_LEVEL=debug BLOCK_SCHEMA_INTROSPECTION=false JWT_ROLE_RATE_LIMIT=false JWT_ROLE_CLAIM_PATH="Hasura.x-hasura-default-role" JWT_USER_CLAIM_PATH="Hasura.x-hasura-user-id" HOST_GRAPHQL=https://hasura8.lan/v1/graphql ./graphql-proxy
+	@LOG_LEVEL=debug BLOCK_SCHEMA_INTROSPECTION=false JWT_ROLE_RATE_LIMIT=false JWT_ROLE_CLAIM_PATH="Hasura.x-hasura-default-role" JWT_USER_CLAIM_PATH="Hasura.x-hasura-user-id" HOST_GRAPHQL=https://hasura8.lan/ ./graphql-proxy
 
 .PHONY: build
 build: ## build the binary

README.md

@@ -1,66 +1,77 @@
 ## graphql monitoring proxy
 
-Creates a passthrough proxy to a graphql endpoint(s), allowing you for analysis of the queries and responses, producing the prometheus metrics at a fraction of the cost - because as we know - $0 is a fair price.
+Creates a passthrough proxy to a graphql endpoint(s), allowing you to analyse the queries and responses, producing the Prometheus metrics at a fraction of the cost - because, as we know - $0 is a fair price.
 
-This project is in active use by [telegram-bot.app](https://telegram-bot.app), and was tested with 30k queries per second on a single instance, consuming 10mb of RAM and 0.1% CPU.
+This project is in active use by [telegram-bot.app](https://telegram-bot.app), and was tested with 30k queries per second on a single instance, consuming 10 MB of RAM and 0.1% CPU.
 
 ![Example of monitoring dashboard](static/monitoring-at-glance.png?raw=true)
 
-You can find the example of the kubernetes manifest in the [example deployment](static/kubernetes-deployment.yaml) file.
+You can find the example of the Kubernetes manifest in the [example deployment](static/kubernetes-deployment.yaml) file.
 
 ### Why this project exists
 
-I wanted to monitor the queries and responses of our graphql endpoint, but we didn't want to pay the price of the graphql server itself ( and I will not point fingers and certain well-known project), as monitoring and basic security features should be a common, free functionality.
+I wanted to monitor the queries and responses of our graphql endpoint. Still, we didn't want to pay the price of the graphql server itself ( and I will not point fingers at a particular well-known project), as monitoring and basic security features should be a standard, free functionality.
 
 ### Endpoints
 
-* `:8080/v1/graphql` - the graphql endpoint
+* `:8080/*` - the graphql passthrough endpoint
 * `:9393/metrics` - the prometheus metrics endpoint
 * `:8080/healthz` - the healthcheck endpoint
 
 ### Features
 
-* MONITORING: Prometheus / VictoriaMetrics metrics
-* MONITORING: Extracting user id from JWT token and adding it as a label to the metrics
-* MONITORING: Extracting the query name and type and adding it as a label to the metrics
-* MONITORING: Calculating the query duration and adding it to the metrics
-* SPEED: Caching the queries
-* SECURITY: Blocking schema introspection
-* SECURITY: Rate limiting queries based on user role
+| Category   | Detail                                                                |
+|------------|-----------------------------------------------------------------------|
+| monitor    | Prometheus / VictoriaMetrics metrics                                  |
+| monitor    | Extracting user id from JWT token and adding it as a label to metrics |
+| monitor    | Extracting the query name and type and adding it as a label to metrics|
+| monitor    | Calculating the query duration and adding it to the metrics           |
+| speed      | Caching the queries, together with per-query cache and TTL            |
+| security   | Blocking schema introspection                                         |
+| security   | Rate limiting queries based on user role                              |
+| security   | Blocking mutations in read-only mode                                  |
+
 
 ### Configuration
 
-* `MONITORING_PORT` - the port to expose the metrics endpoint on (default: 9393)
-* `PORT_GRAPHQL` - the port to expose the graphql endpoint on (default: 8080)
-* `HOST_GRAPHQL` - the host to proxy the graphql endpoint to (default: `http://localhost/v1/graphql`)
-* `JWT_USER_CLAIM_PATH` - the path to the user claim in the JWT token (default: ``)
-* `JWT_ROLE_CLAIM_PATH` - the path to the role claim in the JWT token (default: ``)
-* `JWT_ROLE_RATE_LIMITING` - enable request rate limiting based on the role (default: `false`)
-* `ENABLE_GLOBAL_CACHE` - enable the cache (default: `false`)
-* `CACHE_TTL` - the cache TTL (default: `60s`)
-* `LOG_LEVEL` - the log level (default: `info`)
-* `BLOCK_SCHEMA_INTROSPECTION` - blocks the schema introspection (default: `false`)
-* `ENABLE_ACCESS_LOG` - enable the access log (default: `false`)
+| Parameter                 | Description                              | Default Value              |
+|---------------------------|------------------------------------------|----------------------------|
+| `MONITORING_PORT`         | The port to expose the metrics endpoint  | `9393`                     |
+| `PORT_GRAPHQL`            | The port to expose the graphql endpoint  | `8080`                     |
+| `HOST_GRAPHQL`            | The host to proxy the graphql endpoint   | `http://localhost/` |
+| `JWT_USER_CLAIM_PATH`     | Path to the user claim in the JWT token  | ``                         |
+| `JWT_ROLE_CLAIM_PATH`     | Path to the role claim in the JWT token  | ``                         |
+| `JWT_ROLE_FROM_HEADER`    | Header name to extract the role from     | ``                         |
+| `ROLE_RATE_LIMIT`         | Enable request rate limiting based on role| `false`                   |
+| `ENABLE_GLOBAL_CACHE`     | Enable the cache                        | `false`                    |
+| `CACHE_TTL`               | The cache TTL                           | `60`                       |
+| `LOG_LEVEL`               | The log level                           | `info`                     |
+| `BLOCK_SCHEMA_INTROSPECTION`| Blocks the schema introspection       | `false`                    |
+| `ENABLE_ACCESS_LOG`       | Enable the access log                   | `false`                    |
+| `READ_ONLY_MODE`          | Enable the read only mode               | `false`                    |
+
 
 ### Caching
 
-Cache engine is enabled in background as it does not use any additional resources.
-You can then start using the cache by setting the `ENABLE_GLOBAL_CACHE` environment variable to `true` - which will enable the cache for all queries, without introspection of the query. You can leave the global cache disabled and enable the cache for specific queries by adding the `@cached` directive to the query.
+The cache engine is enabled in the background by default, using no additional resources.
+You can then start using the cache by setting the `ENABLE_GLOBAL_CACHE` environment variable to `true` - which will enable the cache for all queries without introspection. You can leave the global cache disabled and enable the cache for specific queries by adding the `@cached` directive to the query.
 
-In case of the `@cached` you can add additional parameters to the directive which will set the cache for specific query to provided time.
-For example `query MyCachedQuery @cached(ttl: 90) ....` will set the cache for the query to 90 seconds.
+In the case of the `@cached` you can add additional parameters to the directive which will set the cache for specific queries to the provided time.
+For example, `query MyCachedQuery @cached(ttl: 90) ....` will set the cache for the query to 90 seconds.
 
-### Role based rate limiting
+### Role-based rate limiting
 
-You are able to rate limit requests using the `JWT_ROLE_RATE_LIMITING` environment variable. If enabled, the proxy will rate limit the requests based on the role claim in the JWT token. You can then provide the json file in following format to specify the limits.
-Default interval is `second`, but you can use other values as well. If you want to disable the rate limiting for specific role, you can set the `req` to `0`.
+You can rate limit requests using the `ROLE_RATE_LIMIT` environment variable. If enabled, the proxy will rate limit the requests based on the role claim in the JWT token. You can then provide the JSON file in the following format to specify the limits.
+The default interval is `second`, but you can use other values as well. If you want to disable the rate limiting for a specific role, you can set the `req` to `0`.
 
 Available values:
 `nano`, `micro`, `milli`, `second`, `minute`, `hour`, `day`
 
-To define path in JWT token where current user role is present use the `JWT_ROLE_CLAIM_PATH` environment variable.
+To define path in JWT token where the current user role is present, use the `JWT_ROLE_CLAIM_PATH` environment variable.
 
-*Default / sample configuration:*
+You can also set up the `ROLE_FROM_HEADER` environment variable to extract the role from the header instead of the JWT token. This is useful if you want to rate limit the requests for unauthenticated users. It's worth mentioning that `ROLE_FROM_HEADER` takes a priority over the `JWT_ROLE_CLAIM_PATH` environment variable and if its set, the proxy will not try to extract the role from the JWT token.
+
+*Default/sample configuration:*
 
 ```json
 {
@@ -85,6 +96,11 @@ If you'd like to change it - mount your configmap as `/app/ratelimit.json` file.
 Remember to include the `-` role, which is used for unauthenticated users or when claim can't be found for any reason.
 If rate limit has been reached - the proxy will return `429 Too Many Requests` error.
 
+
+### Read-only mode
+
+You can enable the read-only mode by setting the `READ_ONLY_MODE` environment variable to `true` - which will block all the `mutation` queries.
+
 ### Monitoring endpoint
 
 Example metrics produced by the proxy:

config/config.go

@@ -0,0 +1,6 @@
+package libpack_config
+
+var (
+	PKG_NAME    string = "not-specified"
+	PKG_VERSION string = "0.0.0-dev"
+)

details.go

@@ -6,7 +6,7 @@ import (
 	"strings"
 
 	"github.com/lukaszraczylo/ask"
-	libpack_monitoring "github.com/telegram-bot-app/libpack/monitoring"
+	libpack_monitoring "github.com/lukaszraczylo/graphql-monitoring-proxy/monitoring"
 )
 
 func extractClaimsFromJWTHeader(authorization string) (usr string, role string) {

go.mod

@@ -3,7 +3,9 @@ module github.com/lukaszraczylo/graphql-monitoring-proxy
 go 1.21
 
 require (
+	github.com/VictoriaMetrics/metrics v1.24.0
 	github.com/akyoto/cache v1.0.6
+	github.com/buger/jsonparser v1.1.1
 	github.com/gofiber/fiber/v2 v2.49.2
 	github.com/gookit/goutil v0.6.12
 	github.com/graphql-go/graphql v0.8.1
@@ -11,21 +13,18 @@ require (
 	github.com/lukaszraczylo/ask v0.0.0-20230927103145-2ff1123b4415
 	github.com/lukaszraczylo/go-ratecounter v0.1.8
 	github.com/lukaszraczylo/go-simple-graphql v1.1.31
+	github.com/rs/zerolog v1.31.0
 	github.com/stretchr/testify v1.8.4
-	github.com/telegram-bot-app/libpack v0.0.0-20231008100411-9f7f8bf94315
 )
 
 require (
-	dario.cat/mergo v1.0.0 // indirect
-	github.com/VictoriaMetrics/metrics v1.24.0 // indirect
 	github.com/andybalholm/brotli v1.0.5 // indirect
 	github.com/avast/retry-go/v4 v4.5.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/google/uuid v1.3.1 // indirect
 	github.com/gookit/color v1.5.4 // indirect
 	github.com/klauspost/compress v1.17.0 // indirect
-	github.com/kr/text v0.2.0 // indirect
-	github.com/lukaszraczylo/pandati v0.0.29 // indirect
+	github.com/kr/pretty v0.3.1 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.19 // indirect
 	github.com/mattn/go-runewidth v0.0.15 // indirect
@@ -33,19 +32,19 @@ require (
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/rivo/uniseg v0.4.4 // indirect
-	github.com/rs/zerolog v1.31.0 // indirect
-	github.com/telegram-bot-app/lib-logging v0.0.19 // indirect
+	github.com/rogpeppe/go-internal v1.11.0 // indirect
 	github.com/valyala/bytebufferpool v1.0.0 // indirect
 	github.com/valyala/fasthttp v1.50.0 // indirect
 	github.com/valyala/fastrand v1.1.0 // indirect
 	github.com/valyala/histogram v1.2.0 // indirect
 	github.com/valyala/tcplisten v1.0.0 // indirect
-	github.com/wI2L/jsondiff v0.4.0 // indirect
 	github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
+	golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect
 	golang.org/x/net v0.17.0 // indirect
 	golang.org/x/sync v0.4.0 // indirect
 	golang.org/x/sys v0.13.0 // indirect
 	golang.org/x/term v0.13.0 // indirect
 	golang.org/x/text v0.13.0 // indirect
+	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

go.sum

@@ -1,5 +1,3 @@
-dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk=
-dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
 github.com/VictoriaMetrics/metrics v1.24.0 h1:ILavebReOjYctAGY5QU2F9X0MYvkcrG3aEn2RKa1Zkw=
 github.com/VictoriaMetrics/metrics v1.24.0/go.mod h1:eFT25kvsTidQFHb6U0oa0rTrDRdz4xTYjpL8+UPohys=
 github.com/akyoto/cache v1.0.6 h1:5XGVVYoi2i+DZLLPuVIXtsNIJ/qaAM16XT0LaBaXd2k=
@@ -31,8 +29,11 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
 github.com/klauspost/compress v1.17.0 h1:Rnbp4K9EjcDuVuHtd0dgA4qNuv9yKDYKK1ulpJwgrqM=
 github.com/klauspost/compress v1.17.0/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE=
+github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/lukaszraczylo/ask v0.0.0-20230927103145-2ff1123b4415 h1:lvI8Wlbg4PxkRcg2f10wgoaRpfN19v+YdRek3+dLtlM=
@@ -41,8 +42,6 @@ github.com/lukaszraczylo/go-ratecounter v0.1.8 h1:ZYm6Wkn58ZAlFWRmC7PaD4oAYHWcu8
 github.com/lukaszraczylo/go-ratecounter v0.1.8/go.mod h1:TqXEOCtFJStk1i0tkipprv1kiDHGon1MVUisjSTBSKM=
 github.com/lukaszraczylo/go-simple-graphql v1.1.31 h1:UA3f8M1cV+XnO8UZlAqveW0qF/2NN512eB/gRqe+BHs=
 github.com/lukaszraczylo/go-simple-graphql v1.1.31/go.mod h1:MyftQ8jTdtkYImPXJpHoxz6+E53Ydv+7q9+Jr+eT8WU=
-github.com/lukaszraczylo/pandati v0.0.29 h1:WUEWm1+hWjE5KJbIL8OctG00x2dk4XKGJSlrjhxZ55k=
-github.com/lukaszraczylo/pandati v0.0.29/go.mod h1:+DyTWKFaXd+jIfe7GW5w2S5PyTko/RXxMyOa+Vl713A=
 github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
 github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
 github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
@@ -55,12 +54,14 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
 github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
+github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
 github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis=
 github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
+github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
 github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M=
 github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA=
 github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
@@ -70,10 +71,6 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
 github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
-github.com/telegram-bot-app/lib-logging v0.0.19 h1:zbyFr2ygeBY+yuaB9moXyOGk8dIBCn0jPJQjvx7YvLE=
-github.com/telegram-bot-app/lib-logging v0.0.19/go.mod h1:n8d29fRUTdgJhC4RZ8s4lP2RHiGCCRYEj2ENEClUGc8=
-github.com/telegram-bot-app/libpack v0.0.0-20231008100411-9f7f8bf94315 h1:gf+3gFgtdh48RQNmLNdK1IcGqpuTuj6RAdHxDMd/YPY=
-github.com/telegram-bot-app/libpack v0.0.0-20231008100411-9f7f8bf94315/go.mod h1:W2kWHcfNNS0r++dJ1T2XX/C4cTSxI3MsoiMbOtyqu+I=
 github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
 github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
 github.com/valyala/fasthttp v1.50.0 h1:H7fweIlBm0rXLs2q0XbalvJ6r0CUPFWK3/bB4N13e9M=
@@ -84,8 +81,6 @@ github.com/valyala/histogram v1.2.0 h1:wyYGAZZt3CpwUiIb9AU/Zbllg1llXyrtApRS815OL
 github.com/valyala/histogram v1.2.0/go.mod h1:Hb4kBwb4UxsaNbbbh+RRz8ZR6pdodR57tzWUS3BUzXY=
 github.com/valyala/tcplisten v1.0.0 h1:rBHj/Xf+E1tRGZyWIWwJDiRY0zc1Js+CV5DqwacVSA8=
 github.com/valyala/tcplisten v1.0.0/go.mod h1:T0xQ8SeCZGxckz9qRXTfG43PvQ/mcWh7FwZEA7Ioqkc=
-github.com/wI2L/jsondiff v0.4.0 h1:iP56F9tK83eiLttg3YdmEENtZnwlYd3ezEpNNnfZVyM=
-github.com/wI2L/jsondiff v0.4.0/go.mod h1:nR/vyy1efuDeAtMwc3AF6nZf/2LD1ID8GTyyJ+K8YB0=
 github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e h1:JVG44RsyaB9T2KIHavMF/ppJZNG9ZpyihvCd0w101no=
 github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e/go.mod h1:RbqR21r5mrJuqunuUZ/Dhy/avygyECGrLceyNeo4LiM=
 golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI=

graphql.go

@@ -2,11 +2,12 @@ package main
 
 import (
 	"strconv"
+	"strings"
 
 	fiber "github.com/gofiber/fiber/v2"
 	"github.com/graphql-go/graphql/language/ast"
 	"github.com/graphql-go/graphql/language/parser"
-	libpack_monitoring "github.com/telegram-bot-app/libpack/monitoring"
+	libpack_monitoring "github.com/lukaszraczylo/graphql-monitoring-proxy/monitoring"
 )
 
 var retrospection_queries = []string{
@@ -35,12 +36,13 @@ var retrospection_queries = []string{
 // Saving the introspection queries as a map O(1) operation instead of O(n) for a slice.
 var retrospectionQuerySet = make(map[string]struct{}, len(retrospection_queries))
 
-func parseGraphQLQuery(c *fiber.Ctx) (operationType, operationName string, cacheRequest bool, cache_time int, should_block bool) {
+func parseGraphQLQuery(c *fiber.Ctx) (operationType, operationName string, cacheRequest bool, cache_time int, should_block bool, should_ignore bool) {
+	should_ignore = true
 	m := make(map[string]interface{})
 	err := json.Unmarshal(c.Body(), &m)
 	if err != nil {
-		cfg.Logger.Error("Can't unmarshal the request", map[string]interface{}{"error": err.Error(), "body": string(c.Body())})
-		cfg.Monitoring.Increment(libpack_monitoring.MetricsFailed, nil)
+		cfg.Logger.Debug("Can't unmarshal the request", map[string]interface{}{"error": err.Error(), "body": string(c.Body())})
+		cfg.Monitoring.Increment(libpack_monitoring.MetricsSkipped, nil)
 		return
 	}
 	// get the query
@@ -58,10 +60,19 @@ func parseGraphQLQuery(c *fiber.Ctx) (operationType, operationName string, cache
 		return
 	}
 
+	should_ignore = false
 	operationName = "undefined"
 	for _, d := range p.Definitions {
 		if oper, ok := d.(*ast.OperationDefinition); ok {
 			operationType = oper.Operation
+			if strings.ToLower(operationType) == "mutation" && cfg.Server.ReadOnlyMode {
+				cfg.Logger.Warning("Mutation blocked", m)
+				cfg.Monitoring.Increment(libpack_monitoring.MetricsSkipped, nil)
+				c.Status(403).SendString("The server is in read-only mode")
+				should_block = true
+				return
+			}
+
 			if oper.Name != nil {
 				operationName = oper.Name.Value
 			} else {

logging/logging.go

@@ -0,0 +1,90 @@
+package libpack_logging
+
+import (
+	"io"
+	"os"
+	"time"
+
+	"github.com/gookit/goutil/envutil"
+	"github.com/rs/zerolog"
+)
+
+type LogConfig struct {
+	logger zerolog.Logger
+}
+
+var baseLogger zerolog.Logger
+
+func init() {
+	zerolog.TimeFieldFormat = time.RFC3339
+	zerolog.MessageFieldName = "short_message"
+	zerolog.TimestampFieldName = "timestamp"
+	zerolog.LevelFieldName = "level"
+	zerolog.LevelFatalValue = "critical"
+	baseLogger = zerolog.New(os.Stdout).With().Timestamp().Logger()
+}
+
+func NewLogger() *LogConfig {
+	switch logLevel := envutil.Getenv("LOG_LEVEL", "info"); logLevel {
+	case "debug":
+		baseLogger = baseLogger.Level(zerolog.DebugLevel)
+	case "warn":
+		baseLogger = baseLogger.Level(zerolog.WarnLevel)
+	case "error":
+		baseLogger = baseLogger.Level(zerolog.ErrorLevel)
+	default:
+		baseLogger = baseLogger.Level(zerolog.InfoLevel)
+	}
+
+	return &LogConfig{logger: baseLogger}
+}
+
+func (lw *LogConfig) log(w io.Writer, level zerolog.Level, message string, v map[string]interface{}) {
+	e := lw.logger.With().Logger()
+	e = e.Output(w)
+	event := e.WithLevel(level).CallerSkipFrame(3)
+	for k, val := range v {
+		switch v := val.(type) {
+		case string:
+			event.Str(k, v)
+		case int:
+			event.Int(k, v)
+		case float64:
+			event.Float64(k, v)
+		default:
+			event.Interface(k, val)
+		}
+	}
+	event.Msg(message)
+}
+
+func (lw *LogConfig) Debug(message string, v ...map[string]interface{}) {
+	lw.log(os.Stdout, zerolog.DebugLevel, message, mergeMaps(v))
+}
+
+func (lw *LogConfig) Info(message string, v ...map[string]interface{}) {
+	lw.log(os.Stdout, zerolog.InfoLevel, message, mergeMaps(v))
+}
+
+func (lw *LogConfig) Warning(message string, v ...map[string]interface{}) {
+	lw.log(os.Stdout, zerolog.WarnLevel, message, mergeMaps(v))
+}
+
+func (lw *LogConfig) Error(message string, v ...map[string]interface{}) {
+	lw.log(os.Stderr, zerolog.ErrorLevel, message, mergeMaps(v))
+}
+
+func (lw *LogConfig) Critical(message string, v ...map[string]interface{}) {
+	lw.log(os.Stderr, zerolog.FatalLevel, message, mergeMaps(v))
+	os.Exit(1)
+}
+
+func mergeMaps(maps []map[string]interface{}) map[string]interface{} {
+	result := make(map[string]interface{})
+	for _, m := range maps {
+		for k, v := range m {
+			result[k] = v
+		}
+	}
+	return result
+}

logging/logging_bench_test.go

@@ -0,0 +1,31 @@
+package libpack_logging
+
+import (
+	"os"
+	"testing"
+)
+
+func BenchmarkNewLogger(b *testing.B) {
+	for i := 0; i < b.N; i++ {
+		NewLogger()
+	}
+}
+
+func BenchmarkInfoLog(b *testing.B) {
+	oldEnv := os.Getenv("LOG_LEVEL")
+	os.Setenv("LOG_LEVEL", "info")
+	oldStdout := os.Stdout
+	oldStderr := os.Stderr
+	os.Stdout, _ = os.Open(os.DevNull)
+	os.Stderr, _ = os.Open(os.DevNull)
+	defer func() {
+		os.Stdout = oldStdout
+		os.Stderr = oldStderr
+		os.Setenv("LOG_LEVEL", oldEnv)
+	}()
+
+	testsLogger := NewLogger()
+	for i := 0; i < b.N; i++ {
+		testsLogger.Info("test", map[string]interface{}{"test": "test"})
+	}
+}

logging/logging_test.go

@@ -0,0 +1,373 @@
+package libpack_logging
+
+import (
+	"errors"
+	"io"
+	"os"
+	"reflect"
+	"testing"
+
+	"github.com/buger/jsonparser"
+	"github.com/stretchr/testify/suite"
+)
+
+type LoggingTestSuite struct {
+	suite.Suite
+}
+
+var (
+	testsLogger *LogConfig
+)
+
+type stdoutCapture struct {
+	oldStdout *os.File
+	readPipe  *os.File
+}
+
+func (sc *stdoutCapture) StartCapture() {
+	sc.oldStdout = os.Stdout
+	sc.readPipe, os.Stdout, _ = os.Pipe()
+}
+
+func (sc *stdoutCapture) StopCapture() (string, error) {
+	if sc.oldStdout == nil || sc.readPipe == nil {
+		return "", errors.New("StartCapture not called before StopCapture on Stdout")
+	}
+	os.Stdout.Close()
+	os.Stdout = sc.oldStdout
+	bytes, err := io.ReadAll(sc.readPipe)
+	if err != nil {
+		return "", err
+	}
+	return string(bytes), nil
+}
+
+type stderrCapture struct {
+	oldStderr *os.File
+	readPipe  *os.File
+}
+
+func (sc *stderrCapture) StartCapture() {
+	sc.oldStderr = os.Stderr
+	sc.readPipe, os.Stderr, _ = os.Pipe()
+}
+
+func (sc *stderrCapture) StopCapture() (string, error) {
+	if sc.oldStderr == nil || sc.readPipe == nil {
+		return "", errors.New("StartCapture not called before StopCapture on Stderr")
+	}
+	os.Stderr.Close()
+	os.Stderr = sc.oldStderr
+	bytes, err := io.ReadAll(sc.readPipe)
+	if err != nil {
+		return "", err
+	}
+	return string(bytes), nil
+}
+
+func (suite *LoggingTestSuite) SetupTest() {
+}
+
+func TestLoggingTestSuite(t *testing.T) {
+	suite.Run(t, new(LoggingTestSuite))
+}
+
+func (suite *LoggingTestSuite) TestLogConfig_AllHandlers() {
+	type args struct {
+		message string
+	}
+	tests := []struct {
+		name           string
+		args           args
+		wantLevel      string
+		wantMessage    string
+		envMinLogLevel string
+		loggerType     string
+		stdOutExpect   bool
+		stdErrExpect   bool
+	}{
+		{
+			name:       "Test log: Error",
+			loggerType: "Error",
+			args: args{
+				message: "This is a error message",
+			},
+			wantLevel:    "error",
+			wantMessage:  "This is a error message",
+			stdErrExpect: true,
+			stdOutExpect: false,
+		},
+		{
+			name:       "Test log: Warning",
+			loggerType: "Warning",
+			args: args{
+				message: "This is a warning message",
+			},
+			wantLevel:      "warn",
+			wantMessage:    "This is a warning message",
+			stdErrExpect:   false,
+			stdOutExpect:   true,
+			envMinLogLevel: "info",
+		},
+		{
+			name:       "Test log: Warning | Min level: Debug",
+			loggerType: "Warning",
+			args: args{
+				message: "This is a warning message",
+			},
+			wantLevel:      "warn",
+			wantMessage:    "This is a warning message",
+			stdErrExpect:   false,
+			stdOutExpect:   true,
+			envMinLogLevel: "debug",
+		},
+		{
+			name:       "Test log: Info",
+			loggerType: "Info",
+			args: args{
+				message: "This is a info message",
+			},
+			wantLevel:    "info",
+			wantMessage:  "This is a info message",
+			stdErrExpect: false,
+			stdOutExpect: true,
+		},
+		{
+			name:       "Test log: Info | Min level: Warn",
+			loggerType: "Info",
+			args: args{
+				message: "This is a info message",
+			},
+			wantLevel:      "",
+			wantMessage:    "",
+			stdErrExpect:   false,
+			stdOutExpect:   false,
+			envMinLogLevel: "warn",
+		},
+		{
+			name:       "Test log: Warning | Min level: Warn",
+			loggerType: "Warning",
+			args: args{
+				message: "This is a warning message",
+			},
+			wantLevel:      "warn",
+			wantMessage:    "This is a warning message",
+			stdErrExpect:   false,
+			stdOutExpect:   true,
+			envMinLogLevel: "warn",
+		},
+		{
+			name:       "Test log: Warning | Min level: Error",
+			loggerType: "Warning",
+			args: args{
+				message: "This is an error message",
+			},
+			wantLevel:      "",
+			wantMessage:    "",
+			stdErrExpect:   false,
+			stdOutExpect:   false,
+			envMinLogLevel: "error",
+		},
+		{
+			name:       "Test log: Debug | Min level: Debug",
+			loggerType: "Debug",
+			args: args{
+				message: "This is a debug message",
+			},
+			wantLevel:      "debug",
+			wantMessage:    "This is a debug message",
+			stdErrExpect:   false,
+			stdOutExpect:   true,
+			envMinLogLevel: "debug",
+		},
+	}
+
+	for _, tt := range tests {
+		suite.T().Run(tt.name, func(t *testing.T) {
+			if tt.envMinLogLevel != "" {
+				os.Setenv("LOG_LEVEL", tt.envMinLogLevel)
+				defer os.Unsetenv("LOG_LEVEL")
+			}
+			testsLogger = NewLogger()
+
+			captureStdout := stdoutCapture{}
+			captureStdout.StartCapture()
+			captureStderr := stderrCapture{}
+			captureStderr.StartCapture()
+
+			reflect.ValueOf(testsLogger).MethodByName(tt.loggerType).Call([]reflect.Value{reflect.ValueOf(tt.args.message)})
+
+			stdoutOut, err := captureStdout.StopCapture()
+			if err != nil {
+				suite.T().Fatal(err)
+			}
+
+			stderrOut, err := captureStderr.StopCapture()
+			if err != nil {
+				suite.T().Fatal(err)
+			}
+
+			if tt.stdErrExpect && !tt.stdOutExpect {
+				gotLvl, gotMsg, err := getResponseValues(stderrOut, "short_message")
+				suite.NoError(err, "Failed in [STDERR]: "+tt.name)
+				suite.Equal(tt.wantLevel, gotLvl, "Failed in [STDERR]: "+tt.name)
+				suite.Equal(tt.wantMessage, gotMsg, "Failed in [STDERR]: "+tt.name)
+				suite.Equal("", stdoutOut, "Failed in [STDERR]: "+tt.name)
+			}
+			if tt.stdOutExpect && !tt.stdErrExpect {
+				gotLvl, gotMsg, err := getResponseValues(stdoutOut, "short_message")
+				suite.NoError(err, "Failed in [STDOUT]: "+tt.name)
+				suite.Equal(tt.wantLevel, gotLvl, "Failed in [STDOUT]: "+tt.name)
+				suite.Equal(tt.wantMessage, gotMsg, "Failed in [STDOUT]: "+tt.name)
+				suite.Equal("", stderrOut, "Failed in [STDOUT]: "+tt.name)
+			}
+			if !tt.stdErrExpect && !tt.stdOutExpect {
+				suite.Equal("", stderrOut, "Failed in [NEITHER]: "+tt.name)
+				suite.Equal("", stdoutOut, "Failed in [NEITHER]: "+tt.name)
+			}
+			os.Unsetenv("LOG_LEVEL")
+		})
+	}
+}
+
+func (suite *LoggingTestSuite) TestFullMessage() {
+	type args struct {
+		extraFields map[string]interface{}
+		message     string
+	}
+	extraFields := make(map[string]interface{})
+	extraFields["_full_message"] = "full message"
+
+	tests := []struct {
+		args           args
+		name           string
+		wantLevel      string
+		wantMessage    string
+		envMinLogLevel string
+		loggerType     string
+		stdOutExpect   bool
+		stdErrExpect   bool
+	}{
+		{
+			name:       "Test log: Error",
+			loggerType: "Error",
+			args: args{
+				message:     "This is a error message",
+				extraFields: extraFields,
+			},
+			wantLevel:    "error",
+			wantMessage:  extraFields["_full_message"].(string),
+			stdErrExpect: true,
+			stdOutExpect: false,
+		},
+		{
+			name:       "Test log: Info",
+			loggerType: "Info",
+			args: args{
+				message:     "This is a info message",
+				extraFields: extraFields,
+			},
+			wantMessage:  extraFields["_full_message"].(string),
+			stdErrExpect: false,
+			stdOutExpect: true,
+		},
+	}
+
+	for _, tt := range tests {
+		suite.T().Run(tt.name, func(t *testing.T) {
+			if tt.envMinLogLevel != "" {
+				os.Setenv("LOG_LEVEL", tt.envMinLogLevel)
+				defer os.Unsetenv("LOG_LEVEL")
+			}
+			testsLogger = NewLogger()
+
+			captureStdout := stdoutCapture{}
+			captureStdout.StartCapture()
+			captureStderr := stderrCapture{}
+			captureStderr.StartCapture()
+
+			reflect.ValueOf(testsLogger).MethodByName(tt.loggerType).Call([]reflect.Value{
+				reflect.ValueOf(tt.args.message),
+				reflect.ValueOf(tt.args.extraFields),
+			})
+
+			stdoutOut, err := captureStdout.StopCapture()
+			if err != nil {
+				suite.T().Fatal(err)
+			}
+
+			stderrOut, err := captureStderr.StopCapture()
+			if err != nil {
+				suite.T().Fatal(err)
+			}
+
+			if tt.stdErrExpect && !tt.stdOutExpect {
+				_, gotMsg, err := getResponseValues(stderrOut, "_full_message")
+				suite.NoError(err, "Failed in [STDERR]: "+tt.name)
+				suite.Equal(tt.wantMessage, gotMsg, "Failed in [STDERR]: "+tt.name)
+			}
+			if tt.stdOutExpect && !tt.stdErrExpect {
+				_, gotMsg, err := getResponseValues(stdoutOut, "_full_message")
+				suite.NoError(err, "Failed in [STDOUT]: "+tt.name)
+				suite.Equal(tt.wantMessage, gotMsg, "Failed in [STDOUT]: "+tt.name)
+			}
+			os.Unsetenv("LOG_LEVEL")
+		})
+	}
+}
+
+func Test_getResponseValues(t *testing.T) {
+	type args struct {
+		sourceJson string
+	}
+	tests := []struct {
+		name       string
+		args       args
+		wantGotLvl string
+		wantGotMsg string
+		wantErr    bool
+	}{
+		{
+			name: "Test with json",
+			args: args{
+				sourceJson: `{"level": "debug", "short_message": "hello world"`,
+			},
+			wantGotLvl: "debug",
+			wantGotMsg: "hello world",
+			wantErr:    false,
+		},
+		{
+			name: "Test with json, wrong message field",
+			args: args{
+				sourceJson: `{"level": "debug", "message": "hello world"`,
+			},
+			wantGotLvl: "debug",
+			wantGotMsg: "",
+			wantErr:    true,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			gotGotLvl, gotGotMsg, err := getResponseValues(tt.args.sourceJson, "short_message")
+			if (err != nil) != tt.wantErr {
+				t.Errorf("getResponseValues() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if gotGotLvl != tt.wantGotLvl {
+				t.Errorf("getResponseValues() gotGotLvl = %v, want %v", gotGotLvl, tt.wantGotLvl)
+			}
+			if gotGotMsg != tt.wantGotMsg {
+				t.Errorf("getResponseValues() gotGotMsg = %v, want %v", gotGotMsg, tt.wantGotMsg)
+			}
+		})
+	}
+}
+
+func getResponseValues(sourceJson string, key string) (gotLvl, gotMsg string, err error) {
+	gotLvl, err = jsonparser.GetString([]byte(sourceJson), "level")
+	if err != nil {
+		return
+	}
+	gotMsg, err = jsonparser.GetString([]byte(sourceJson), key)
+	return
+}

main.go

@@ -3,8 +3,8 @@ package main
 import (
 	"github.com/gookit/goutil/envutil"
 	graphql "github.com/lukaszraczylo/go-simple-graphql"
-	libpack_config "github.com/telegram-bot-app/libpack/config"
-	libpack_logging "github.com/telegram-bot-app/libpack/logging"
+	libpack_config "github.com/lukaszraczylo/graphql-monitoring-proxy/config"
+	libpack_logging "github.com/lukaszraczylo/graphql-monitoring-proxy/logging"
 )
 
 var cfg *config
@@ -20,10 +20,11 @@ func parseConfig() {
 	var c config
 	c.Server.PortGraphQL = envutil.GetInt("PORT_GRAPHQL", 8080)
 	c.Server.PortMonitoring = envutil.GetInt("MONITORING_PORT", 9393)
-	c.Server.HostGraphQL = envutil.Getenv("HOST_GRAPHQL", "http://localhost/v1/graphql")
+	c.Server.HostGraphQL = envutil.Getenv("HOST_GRAPHQL", "http://localhost/")
 	c.Client.JWTUserClaimPath = envutil.Getenv("JWT_USER_CLAIM_PATH", "")
 	c.Client.JWTRoleClaimPath = envutil.Getenv("JWT_ROLE_CLAIM_PATH", "")
-	c.Client.JWTRoleRateLimit = envutil.GetBool("JWT_ROLE_RATE_LIMIT", false)
+	c.Client.RoleFromHeader = envutil.Getenv("ROLE_FROM_HEADER", "")
+	c.Client.RoleRateLimit = envutil.GetBool("ROLE_RATE_LIMIT", false)
 	c.Cache.CacheEnable = envutil.GetBool("ENABLE_GLOBAL_CACHE", false)
 	c.Cache.CacheTTL = envutil.GetInt("CACHE_TTL", 60)
 	c.Security.BlockIntrospection = envutil.GetBool("BLOCK_SCHEMA_INTROSPECTION", false)
@@ -31,6 +32,7 @@ func parseConfig() {
 	c.Client.GQLClient = graphql.NewConnection()
 	c.Client.GQLClient.SetEndpoint(c.Server.HostGraphQL)
 	c.Server.AccessLog = envutil.GetBool("ENABLE_ACCESS_LOG", false)
+	c.Server.ReadOnlyMode = envutil.GetBool("READ_ONLY_MODE", false)
 	cfg = &c
 	enableCache() // takes close to no resources, but can be used with dynamic query cache
 	loadRatelimitConfig()

monitoring.go

@@ -1,7 +1,7 @@
 package main
 
 import (
-	libpack_monitoring "github.com/telegram-bot-app/libpack/monitoring"
+	libpack_monitoring "github.com/lukaszraczylo/graphql-monitoring-proxy/monitoring"
 )
 
 func StartMonitoringServer() {

monitoring/defaults.go

@@ -0,0 +1,12 @@
+package libpack_monitoring
+
+func (ms *MetricsSetup) RegisterDefaultMetrics() {
+	ms.RegisterMetricsCounter(MetricsSucceeded, nil)
+	ms.RegisterMetricsCounter(MetricsFailed, nil)
+	ms.RegisterMetricsCounter(MetricsSkipped, nil)
+	ms.RegisterMetricsHistogram(MetricsDuration, nil)
+}
+
+func (ms *MetricsSetup) RegisterGoMetrics() {
+	// TODO: metrics.WriteProcessMetrics(ms.metrics_set)
+}

monitoring/helpers.go

@@ -0,0 +1,57 @@
+package libpack_monitoring
+
+import (
+	"fmt"
+	"strings"
+
+	libpack_config "github.com/lukaszraczylo/graphql-monitoring-proxy/config"
+)
+
+func (ms *MetricsSetup) get_metrics_name(name string, labels map[string]string) (complete_name string) {
+	if labels == nil {
+		labels = make(map[string]string)
+	}
+	labels["microservice"] = libpack_config.PKG_NAME
+
+	if ms.metrics_prefix != "" {
+		complete_name = ms.metrics_prefix + "_" + name
+	} else {
+		complete_name = name
+	}
+	if labels != nil {
+		complete_name += "{"
+		for k, v := range labels {
+			complete_name += k + "=\"" + v + "\","
+		}
+		complete_name = strings.TrimSuffix(complete_name, ",")
+		complete_name += "}"
+	}
+	return
+}
+
+// validate_metrics_name validates the name of the metric to adhere to the Prometheus naming conventions
+// https://prometheus.io/docs/practices/naming/
+func validate_metrics_name(name string) error {
+	// replace all spaces with underscores and remove all other non-alphanumeric characters
+	name_new := strings.ReplaceAll(name, " ", "_")
+	name_new = strings.Map(func(r rune) rune {
+		if (r >= 'a' && r <= 'z') || (r >= 'A' && r <= 'Z') || (r >= '0' && r <= '9') || r == '_' {
+			return r
+		}
+		return -1
+	}, name_new)
+	name_new = strings.ReplaceAll(name_new, "__", "_")
+	name_new = strings.Trim(name_new, "_")
+	if name_new != name {
+		return fmt.Errorf("Invalid metric name: %s, expected %s", name, name_new)
+	}
+	return nil
+}
+
+func compile_metrics_with_labels(name string, labels map[string]string) string {
+	metric_name := name
+	for k, v := range labels {
+		metric_name += "_" + k + "_" + v
+	}
+	return metric_name
+}

monitoring/monitoring.go

@@ -0,0 +1,129 @@
+// Package `libpack_monitoring` provides and easy way to add prometheus metrics to your application.
+// It also provides a way to add custom metrics to the already started prometheus registry.
+
+package libpack_monitoring
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/VictoriaMetrics/metrics"
+	"github.com/gofiber/fiber/v2"
+	"github.com/gookit/goutil/envutil"
+	logging "github.com/lukaszraczylo/graphql-monitoring-proxy/logging"
+)
+
+type MetricsSetup struct {
+	metrics_prefix string
+	metrics_set    *metrics.Set
+}
+
+var (
+	log *logging.LogConfig
+)
+
+func NewMonitoring() *MetricsSetup {
+	log = logging.NewLogger()
+	ms := &MetricsSetup{}
+	ms.metrics_set = metrics.NewSet()
+	go ms.startPrometheusEndpoint()
+	return ms
+}
+
+func (ms *MetricsSetup) startPrometheusEndpoint() {
+	app := fiber.New()
+	app.Get("/metrics", ms.metricsEndpoint)
+	err := app.Listen(fmt.Sprintf(":%d", envutil.GetInt("MONITORING_PORT", 9393)))
+	if err != nil {
+		fmt.Println("Can't start the service: ", err)
+	}
+}
+
+func (ms *MetricsSetup) metricsEndpoint(c *fiber.Ctx) error {
+	ms.metrics_set.WritePrometheus(c.Response().BodyWriter())
+	return nil
+}
+
+func (ms *MetricsSetup) AddMetricsPrefix(prefix string) {
+	ms.metrics_prefix = prefix
+	return
+}
+
+func (ms *MetricsSetup) ListActiveMetrics() []string {
+	return ms.metrics_set.ListMetricNames()
+}
+
+func (ms *MetricsSetup) RegisterMetricsGauge(metric_name string, labels map[string]string, val float64) *metrics.Gauge {
+	if validate_metrics_name(metric_name) != nil {
+		log.Critical("RegisterMetricsGauge() error", map[string]interface{}{"_error": "Invalid metric name", "_metric_name": metric_name})
+		return nil
+	}
+	return ms.metrics_set.GetOrCreateGauge(ms.get_metrics_name(metric_name, labels), func() float64 {
+		// get current value of the gauge and add val to it
+		return val
+	})
+}
+
+func (ms *MetricsSetup) RegisterMetricsCounter(metric_name string, labels map[string]string) *metrics.Counter {
+	if validate_metrics_name(metric_name) != nil {
+		log.Critical("RegisterMetricsCounter() error", map[string]interface{}{"_error": "Invalid metric name", "_metric_name": metric_name})
+		return nil
+	}
+	return ms.metrics_set.GetOrCreateCounter(ms.get_metrics_name(metric_name, labels))
+}
+
+func (ms *MetricsSetup) RegisterFloatCounter(metric_name string, labels map[string]string) *metrics.FloatCounter {
+	if validate_metrics_name(metric_name) != nil {
+		log.Critical("RegisterFloatCounter() error", map[string]interface{}{"_error": "Invalid metric name", "_metric_name": metric_name})
+		return nil
+	}
+	return ms.metrics_set.GetOrCreateFloatCounter(ms.get_metrics_name(metric_name, labels))
+}
+
+func (ms *MetricsSetup) RegisterMetricsSummary(metric_name string, labels map[string]string) *metrics.Summary {
+	if validate_metrics_name(metric_name) != nil {
+		log.Critical("RegisterMetricsSummary() error", map[string]interface{}{"_error": "Invalid metric name", "_metric_name": metric_name})
+		return nil
+	}
+	return ms.metrics_set.GetOrCreateSummary(ms.get_metrics_name(metric_name, labels))
+}
+
+func (ms *MetricsSetup) RegisterMetricsHistogram(metric_name string, labels map[string]string) *metrics.Histogram {
+	if validate_metrics_name(metric_name) != nil {
+		log.Critical("RegisterMetricsHistogram() error", map[string]interface{}{"_error": "Invalid metric name", "_metric_name": metric_name})
+		return nil
+	}
+	return ms.metrics_set.GetOrCreateHistogram(ms.get_metrics_name(metric_name, labels))
+}
+
+func (ms *MetricsSetup) Increment(metric_name string, labels map[string]string) {
+	ms.RegisterMetricsCounter(metric_name, labels).Inc()
+}
+
+func (ms *MetricsSetup) IncrementFloat(metric_name string, labels map[string]string, value float64) {
+	ms.RegisterFloatCounter(metric_name, labels).Add(value)
+}
+
+func (ms *MetricsSetup) Set(metric_name string, labels map[string]string, value uint64) {
+	ms.RegisterMetricsCounter(metric_name, labels).Set(value)
+}
+
+func (ms *MetricsSetup) Update(metric_name string, labels map[string]string, value float64) {
+	ms.RegisterMetricsHistogram(metric_name, labels).Update(value)
+}
+
+func (ms *MetricsSetup) UpdateDuration(metric_name string, labels map[string]string, value time.Time) {
+	ms.RegisterMetricsHistogram(metric_name, labels).UpdateDuration(value)
+}
+
+func (ms *MetricsSetup) UpdateSummary(metric_name string, labels map[string]string, value float64) {
+	ms.RegisterMetricsSummary(metric_name, labels).Update(value)
+}
+
+func (ms *MetricsSetup) RemoveMetrics(metric_name string, labels map[string]string) {
+	ms.metrics_set.UnregisterMetric(ms.get_metrics_name(metric_name, labels))
+}
+
+func (ms *MetricsSetup) PurgeMetrics() {
+	ms.metrics_set.UnregisterAllMetrics()
+}

monitoring/structs.go

@@ -0,0 +1,8 @@
+package libpack_monitoring
+
+const (
+	MetricsSucceeded = "requests_succesful"
+	MetricsFailed    = "requests_failed"
+	MetricsDuration  = "requests_duration"
+	MetricsSkipped   = "requests_skipped"
+)

proxy.go

@@ -5,7 +5,7 @@ import (
 
 	fiber "github.com/gofiber/fiber/v2"
 	"github.com/gofiber/fiber/v2/middleware/proxy"
-	libpack_monitoring "github.com/telegram-bot-app/libpack/monitoring"
+	libpack_monitoring "github.com/lukaszraczylo/graphql-monitoring-proxy/monitoring"
 )
 
 func proxyTheRequest(c *fiber.Ctx) error {
@@ -16,7 +16,7 @@ func proxyTheRequest(c *fiber.Ctx) error {
 		InsecureSkipVerify: true,
 	})
 
-	err := proxy.DoRedirects(c, cfg.Server.HostGraphQL, 3)
+	err := proxy.DoRedirects(c, cfg.Server.HostGraphQL+c.Path(), 3)
 	if err != nil {
 		cfg.Logger.Error("Can't proxy the request", map[string]interface{}{"error": err.Error()})
 		cfg.Monitoring.Increment(libpack_monitoring.MetricsFailed, nil)

ratelimit.go

@@ -32,10 +32,10 @@ func loadRatelimitConfig() error {
 		if err == nil {
 			return nil
 		}
-		cfg.Logger.Error("Failed to load config", map[string]interface{}{"path": path, "error": err})
+		cfg.Logger.Debug("Failed to load config", map[string]interface{}{"path": path, "error": err})
 	}
 
-	cfg.Logger.Debug("Rate limit config not found")
+	cfg.Logger.Error("Rate limit config not found")
 	return os.ErrNotExist
 }
 

server.go

@@ -8,7 +8,7 @@ import (
 	"github.com/gofiber/fiber/v2/middleware/cors"
 
 	jsoniter "github.com/json-iterator/go"
-	libpack_monitoring "github.com/telegram-bot-app/libpack/monitoring"
+	libpack_monitoring "github.com/lukaszraczylo/graphql-monitoring-proxy/monitoring"
 )
 
 var json = jsoniter.ConfigCompatibleWithStandardLibrary
@@ -21,7 +21,8 @@ func StartHTTPProxy() {
 		AllowOrigins: "*",
 	}))
 
-	server.Post("/v1/graphql", processGraphQLRequest)
+	server.Post("/*", processGraphQLRequest)
+	server.Get("/*", proxyTheRequest)
 
 	server.Get("/healthz", healthCheck)
 	err := server.Listen(fmt.Sprintf(":%d", cfg.Server.PortGraphQL))
@@ -54,8 +55,15 @@ func processGraphQLRequest(c *fiber.Ctx) error {
 		extractedUserID, extractedRoleName = extractClaimsFromJWTHeader(string(authorization))
 	}
 
+	if len(cfg.Client.RoleFromHeader) > 0 {
+		extractedRoleName = string(c.Request().Header.Peek(cfg.Client.RoleFromHeader))
+		if extractedRoleName == "" {
+			extractedRoleName = "-"
+		}
+	}
+
 	// Implementing rate limiting if enabled
-	if cfg.Client.JWTRoleRateLimit {
+	if cfg.Client.RoleRateLimit {
 		cfg.Logger.Debug("Rate limiting enabled", map[string]interface{}{"user_id": extractedUserID, "role_name": extractedRoleName})
 		if !rateLimitedRequest(extractedUserID, extractedRoleName) {
 			c.Status(429).SendString("Rate limit exceeded, try again later")
@@ -63,11 +71,16 @@ func processGraphQLRequest(c *fiber.Ctx) error {
 		}
 	}
 
-	opType, opName, cacheFromQuery, cache_time, shouldBlock := parseGraphQLQuery(c)
+	opType, opName, cacheFromQuery, cache_time, shouldBlock, should_ignore := parseGraphQLQuery(c)
 	if shouldBlock {
 		return nil
 	}
 
+	if should_ignore {
+		cfg.Logger.Debug("Request passed as-is - not a GraphQL")
+		return proxyTheRequest(c)
+	}
+
 	if cache_time > 0 {
 		cfg.Logger.Debug("Cache time set via query", map[string]interface{}{"cache_time": cache_time})
 		cache_time = cfg.Cache.CacheTTL

struct_config.go

@@ -3,8 +3,8 @@ package main
 import (
 	"github.com/akyoto/cache"
 	graphql "github.com/lukaszraczylo/go-simple-graphql"
-	libpack_logging "github.com/telegram-bot-app/libpack/logging"
-	libpack_monitoring "github.com/telegram-bot-app/libpack/monitoring"
+	libpack_logging "github.com/lukaszraczylo/graphql-monitoring-proxy/logging"
+	libpack_monitoring "github.com/lukaszraczylo/graphql-monitoring-proxy/monitoring"
 )
 
 // config is a struct that holds the configuration of the application.
@@ -18,12 +18,14 @@ type config struct {
 		PortMonitoring int
 		HostGraphQL    string
 		AccessLog      bool
+		ReadOnlyMode   bool
 	}
 
 	Client struct {
 		JWTUserClaimPath string
 		JWTRoleClaimPath string
-		JWTRoleRateLimit bool
+		RoleRateLimit    bool
+		RoleFromHeader   string
 		GQLClient        *graphql.BaseClient
 	}