Reputation: 537
How to make a json request on a graphql endpoint built with graphene and flask
I have a flask app and I am using graphene to build some graphql endpoints. The following snippet is to build the metadata_by_config query.
engine = create_engine('postgres_url', convert_unicode=True)
db_session = scoped_session(sessionmaker(autocommit=False, autoflush=False, bind=engine))
Base = declarative_base()
Base.query = db_session.query_property()
class MetadataModel(Base):
__tablename__ = "metadata"
id = Column(Integer, primary_key=True, autoincrement=True)
created = Column(DateTime, nullable=False)
config = Column(String(255), unique=False, nullable=False)
def __init__(self, config, description):
self.created = datetime.datetime.now()
self.config = config
class Metadata(SQLAlchemyObjectType):
class Meta:
model = MetadataModel
interfaces = (relay.Node, )
# Query
class QueryID(graphene.ObjectType):
node = relay.Node.Field()
metadata_by_id = graphene.List(Metadata, id=graphene.String())
@staticmethod
def resolve_metadata_by_id(parent, info, **args):
q = args.get('id')
metadata_query = Metadata.get_query(info)
return metadata_query.filter(MetadataModel.id == q).all()
# schema
schema_id = graphene.Schema(query=QueryID, types=[Metadata])
app = Flask(__name__)
app.debug = True
app.add_url_rule(
'/graphql-id',
view_func=GraphQLView.as_view(
'graphql-id',
schema=schema_id,
graphiql=True
)
)
if __name__ == '__main__':
app.run(host='0.0.0.0')
This works fine when I do the request in the graph query language, following works:
q = """
{
metadataById (id: 1){
id
created
config
}
}
"""
resp = requests.post("http://localhost:5000/graphql-id", params={'query': q})
print(resp.text)
However, since it's graphene, there is no separate graphql server (code-first approach). Therefore I am trying to figure out if there is a way to abstract away the graph query language knowledge from the end-user where a user doesn't need to know gql or backend implementation details. The user should just be able to make JSON request like requests.post("http://localhost:5000/graphql-id", json={'id': 1}) as if its a rest API and then the server parse the JSON and prepare the appropriate query probably inside resolver method.
I was thinking to handle this scenario using the redirects (expososing another endpoint that talk to graphql endpoint) and have graphql-config endpoint accessible only on localhost by adding a condition on app.before_request something like following:
@app.before_request
def before_request():
if request.remote_addr != "127.0.0.1" and request.path == "/v1/graphql-config":
abort(403)
However, this seems a little hacky and vulnerable, is there any explicit or better way to handle this?
Upvotes: 0
Views: 873
Answers (1)
Reputation: 537
Ahh I didn't realize we can actually execute our schema and so we dont need to use GraphQLView of flask-graphql to create an endpoint. So I have implemented my endpoint as following:
@app.route('/getMetadata', methods=['GET'])
def getMetadata():
data = request.get_json()
MetaId = data["id"]
query = '{ metadataById (id: ' + f"\"{metaId}\"" '){id created config}}'
result = schema_id.execute(query)
return flask.make_response(result, 200)
Here the end user can just make the JSON request and doesn't need to know about the graphql query.
Upvotes: 1
Related Questions
- Python - how to get JSON from a GraphQL api?
- Retrieve GraphQL Introspection Schema as http response
- graphQL in python post request to get data
- Generating GraphQL json document from Flask graphene
- Integrate graphql into flask blueprint
- graphene schema for query input is list of dictionary / object
- Converting json to a graphene graphql response
- Test Graphql (Graphene) Schema
- How to hit external graphql URL using gql
- Graphene with Flask doesn't load schema