如何配置Graphene-Django与持久化查询一起使用? [英] How to configure Graphene-Django to work with persisted queries?

问题描述

我的公司似乎将继续使用Apollo客户端的持久查询，如此处所述:

It looks like my company is going to move forward with Persisted Queries from the Apollo Client, as is discussed here: https://dev-blog.apollodata.com/persisted-graphql-queries-with-apollo-client-119fd7e6bba5

在本文中，提到需要对服务器上的中间件进行某些操作.我无法找到有关需要使用Graphene-Django进行更改的任何信息.

In this article there is mention that something needs to be done to the Middleware on the server. I have been unable to find any information as to what needs to be changed with Graphene-Django.

任何人都可以提供任何建议吗?

Can anyone provide any advice?

罗伯特

推荐答案

持久查询不是GraphQL规范的一部分，因此可以以多种方式实现.以下是一些有关如何在服务器上执行此操作的示例:

Persisted queries are not a part of the GraphQL spec and, as such, can be implemented in a wide variety of ways. Here are a few examples of how you might want to do this on your server:

提取查询

在撰写本文时，您可以使用Relay Modern，Apolo Client等提取静态查询.它们的工作方式都相似，因此我将使用 Apollo PersistGraphQL 作为示例.在构建中，您将需要在src目录上运行persistgraphql命令以提取静态查询.该命令的结果将是一个填充有查询的JSON文件(字符串和数值作为值).

As of the time of this writing, you can extract static queries with Relay Modern, the Apolo Client, and others. They all work in similar ways, so I'll use Apollo PersistGraphQL as an example. In your build, you will need to run the persistgraphql command over your src directory to extract your static queries. The result of this command will be a JSON file filled with queries, as strings, and a number as the value.

{
  "
  { 
    author {
      firstName
      lastName
    }
  }
  ": 9,
  "
  query otherQuery {
    person {
      firstName
      lastName
    }
  }
  ": 10
}

使用提取的查询

从这里开始，您有几个选择.一旦服务器知道所有可能的查询，它就可以为JSON文件中提供的值提供接口，也可以将其知道的查询列入白名单.如果您的服务器仅提供值的接口(在上例中为myserver/api/9，myserver/api/10)，则需要确保客户端应用使用相同的JSON文件，以将其查询映射到ID上已达成一致的查询.另外，您可以使用该文件来阻止执行意外查询，而无需以任何方式修改客户端.

From here, you have a few options. Once your server is aware of all possible queries, it can either provide an interface to the values provided in the JSON file, or it can whitelist the queries it knows about. If your server only provides an interface to the values (myserver/api/9, myserver/api/10 in the example above), you would need to make sure that your client app maps it's queries to those agreed on IDs by having it consume the same JSON file. Alternatively, you could use that file to prevent unexpected queries from being executed without modifying the client in any way.

由您决定如何专门设置服务器以使用此JSON文件.有些人会预先执行一组已知查询，并将它们放入Redis这样的快速数据存储中.有些人严格使用它来防止未经授权的查询.至于如何使用Django-Graphene做到这一点，我没有一个开箱即用的解决方案，但是像上面那样使用一个提取的键/值存储可以为您的团队提供很多好处选项.

How you specifically set up your server to consume this JSON file is up to you. Some people will pre-execute the set of known queries and put them into a fast data-store like Redis. Some people use it strictly for preventing unauthorized queries. As far as how this is done with Django-Graphene, there is no out-of-the-box solution that I'm aware of but consuming an extracted key/value store like the one above should provide your team with a bunch of good options.

这篇关于如何配置Graphene-Django与持久化查询一起使用?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！