如何配置 Graphene-Django 以处理持久化查询? [英] How to configure Graphene-Django to work with persisted queries?

问题描述

看起来我的公司将继续推进来自 Apollo Client 的持久查询，正如这里所讨论的:https://dev-blog.apollodata.com/persisted-graphql-queries-with-apollo-client-119fd7e6bba5

It looks like my company is going to move forward with Persisted Queries from the Apollo Client, as is discussed here: https://dev-blog.apollodata.com/persisted-graphql-queries-with-apollo-client-119fd7e6bba5

在这篇文章中提到需要对服务器上的中间件做一些事情.我一直无法找到有关需要使用 Graphene-Django 更改哪些内容的任何信息.

In this article there is mention that something needs to be done to the Middleware on the server. I have been unable to find any information as to what needs to be changed with Graphene-Django.

谁能给点建议?

罗伯特

推荐答案

持久化查询不是 GraphQL 规范的一部分，因此可以通过多种方式实现.以下是您可能希望如何在服务器上执行此操作的几个示例:

Persisted queries are not a part of the GraphQL spec and, as such, can be implemented in a wide variety of ways. Here are a few examples of how you might want to do this on your server:

提取查询

截至撰写本文时，您可以使用 Relay Modern、Apolo Client 和其他工具提取静态查询.它们都以类似的方式工作，因此我将使用 Apollo PersistGraphQL 作为示例.在您的构建中，您需要在 src 目录上运行 persistgraphql 命令以提取静态查询.此命令的结果将是一个 JSON 文件，其中包含查询、字符串和数字作为值.

As of the time of this writing, you can extract static queries with Relay Modern, the Apolo Client, and others. They all work in similar ways, so I'll use Apollo PersistGraphQL as an example. In your build, you will need to run the persistgraphql command over your src directory to extract your static queries. The result of this command will be a JSON file filled with queries, as strings, and a number as the value.

{
  "
  { 
    author {
      firstName
      lastName
    }
  }
  ": 9,
  "
  query otherQuery {
    person {
      firstName
      lastName
    }
  }
  ": 10
}

使用提取的查询

从这里，您有几个选择.一旦您的服务器知道所有可能的查询，它可以为 JSON 文件中提供的值提供一个接口，或者可以将它知道的查询列入白名单.如果您的服务器仅提供值的接口(myserver/api/9、myserver/api/10 在上面的示例中)，您需要确保您的客户端应用程序通过使用相同的 JSON 文件将其查询映射到那些商定的 ID.或者，您可以使用该文件来防止执行意外查询，而无需以任何方式修改客户端.

From here, you have a few options. Once your server is aware of all possible queries, it can either provide an interface to the values provided in the JSON file, or it can whitelist the queries it knows about. If your server only provides an interface to the values (myserver/api/9, myserver/api/10 in the example above), you would need to make sure that your client app maps it's queries to those agreed on IDs by having it consume the same JSON file. Alternatively, you could use that file to prevent unexpected queries from being executed without modifying the client in any way.

您如何专门设置服务器以使用此 JSON 文件取决于您.有些人会预先执行一组已知查询，并将它们放入像 Redis 这样的快速数据存储中.有些人严格使用它来防止未经授权的查询.至于这是如何用 Django-Graphene 完成的，我知道没有开箱即用的解决方案，但使用像上面那样提取的键/值存储应该为您的团队提供一堆好的选项.

How you specifically set up your server to consume this JSON file is up to you. Some people will pre-execute the set of known queries and put them into a fast data-store like Redis. Some people use it strictly for preventing unauthorized queries. As far as how this is done with Django-Graphene, there is no out-of-the-box solution that I'm aware of but consuming an extracted key/value store like the one above should provide your team with a bunch of good options.

这篇关于如何配置 Graphene-Django 以处理持久化查询?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！