How to configure Graphene-Django to work with pers

2019-03-31 22:03发布

问题:

It looks like my company is going to move forward with Persisted Queries from the Apollo Client, as is discussed here: https://dev-blog.apollodata.com/persisted-graphql-queries-with-apollo-client-119fd7e6bba5

In this article there is mention that something needs to be done to the Middleware on the server. I have been unable to find any information as to what needs to be changed with Graphene-Django.

Can anyone provide any advice?

Robert

回答1:

Persisted queries are not a part of the GraphQL spec and, as such, can be implemented in a wide variety of ways. Here are a few examples of how you might want to do this on your server:

Extract Queries

As of the time of this writing, you can extract static queries with Relay Modern, the Apolo Client, and others. They all work in similar ways, so I'll use Apollo PersistGraphQL as an example. In your build, you will need to run the persistgraphql command over your src directory to extract your static queries. The result of this command will be a JSON file filled with queries, as strings, and a number as the value.

{
  "
  { 
    author {
      firstName
      lastName
    }
  }
  ": 9,
  "
  query otherQuery {
    person {
      firstName
      lastName
    }
  }
  ": 10
}

Use extracted queries

From here, you have a few options. Once your server is aware of all possible queries, it can either provide an interface to the values provided in the JSON file, or it can whitelist the queries it knows about. If your server only provides an interface to the values (myserver/api/9, myserver/api/10 in the example above), you would need to make sure that your client app maps it's queries to those agreed on IDs by having it consume the same JSON file. Alternatively, you could use that file to prevent unexpected queries from being executed without modifying the client in any way.

How you specifically set up your server to consume this JSON file is up to you. Some people will pre-execute the set of known queries and put them into a fast data-store like Redis. Some people use it strictly for preventing unauthorized queries. As far as how this is done with Django-Graphene, there is no out-of-the-box solution that I'm aware of but consuming an extracted key/value store like the one above should provide your team with a bunch of good options.



回答2:

You can check Persisted queries for Graphene Django

https://github.com/flavors/django-graphql-persist