Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Separate endpoint for GraphiQL #41

Open
tlinhart opened this issue Mar 5, 2018 · 4 comments
Open

Separate endpoint for GraphiQL #41

tlinhart opened this issue Mar 5, 2018 · 4 comments

Comments

@tlinhart
Copy link

tlinhart commented Mar 5, 2018

Hi,
wouldn't it make sense to have separate endpoints for GraphQL and GraphiQL? As per README, there should be two endpoints (/graphql and /graphiql), however only /graphql gets exposed. Let's say I would like to publish GraphiQL only to selected group of people (e.g. frontend developers) and protect it by authentication. Having a separate endpoint would make whole thing much easier.

@jonwarghed
Copy link

If you set your graphql endpoint to not expose graphql and then add an authenticated view as a second endpoint at /graphiql is that enough for your situation?

class AuthenticatedView(GraphQLView):
    decorators = [some_authentication_method]

app.add_url_rule(
    '/graphiql',
    view_func=AuthenticatedView.as_view(
        'graphiql',
        schema=schema,
        graphiql=True
    )
)

@tlinhart
Copy link
Author

tlinhart commented Mar 8, 2018

Hi Jon,

I know the issue could be solved in a similar fashion to what you propose. I just don't think it's a clean solution. Mixing access to API endpoint and standalone tool that way doesn't feel right. In my opinion it simply violates separation of concerns principle with all the consequences it brings (code readability and maintainability etc.) If I omit the implementation part, the usage also doesn't seem too intuitive.

In the project I'm working on, I've separated the two, resulting in much cleaner code and components that can be handled completely independently of each other.

@yanghg-basefx
Copy link

I have the same issue with you. So I just pass graphiql=False, copy the html templates comes from render_graphiql.py and change little codes:

...
var fetchURL = locationQuery(otherParams);
{% if requests_endpoint %}
  fetchURL = '{{ requests_endpoint }}' + fetchURL;
{% endif %}
...
@app.route('/graphiql', methods=['GET'])
def graphiql():
    return render_template_string(graphiql_template, graphiql_version='0.11.11', graphiql_html_title=None, result='null', params=GraphQLParams(None, None, None), requests_endpoint='/graphql')

@isakal
Copy link

isakal commented Jan 2, 2020

from flask import Blueprint, jsonify
from app import db
from app.models import *
from flask_graphql import GraphQLView
from app.schema import schema


api = Blueprint('api', __name__)


@api.route("/")
def home():
    user = User(username="saki2", fname="saki", surname="saki", email="[email protected]", password="saki")
    db.session.add(user)
    event = Event(title="idk", description="i don't know", organizer=User.query.filter_by(username="saki2").first())
    db.session.add(event)
    db.session.commit()
    return {"home": "page"}


# route for graphiql
api.add_url_rule(
    "/graphiql",
    "graphiql",
    view_func=GraphQLView.as_view(
        'graphql',
        schema=schema,
        graphiql=True
    )
)

# route for graphql without user interface (POST request)
api.add_url_rule(
    "/graphql",
    "graphql",
    view_func=GraphQLView.as_view(
        'graphql',
        schema=schema,
        batch=True
    )
)

This is what mine routes.py looks like for each endpoint

@api.route("/")
def home():

^^ This for adding users since i have not implemented mutations yet

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants