Coder Social home page Coder Social logo

melvinkcx / graphql-utilities Goto Github PK

View Code? Open in Web Editor NEW
19.0 3.0 1.0 56 KB

Oneshot middleware, query cost analysis, depth limiting, etc for graphql-core>=3.0 (formerly, graphql-core-next)

Home Page: https://graphql-utilities.readthedocs.io/

License: MIT License

Python 100.00%

graphql-utilities's Introduction

graphql-utilities

graphql-utilities tries to secure your GraphQL API from malicious queries and provides utilities to make using graphql-core easier.

  1. It comes with a custom configurable ExtendedExecutionContext class that is capable of performing:

    • query cost analysis: define the cost of your queries using the @cost() directive provided, graphql-utilities provides helper functions and custom execution context to protect you from overly complex queries.
    • depth limiting: limit the maximum depth of queries, it's especially useful with object types with recursive relationship

  2. It also ships decorators for:

    • resource-level/one-shot middleware: middleware in graphql-core is run at field-level, it is handly when you need your middleware to run only once, especially auth-related middleware.

Installation

pip install graphql-utilities

Alternatively, if you use pipenv:

pipenv install graphql-utilities

Examples

Operation-level middleware (One-shot middleware)

from graphql_utilities.decorators import run_only_once


class AuthMiddleware:
    @run_only_once
    def resolve(self, next_, root, info, *args, **kwargs):
        # middleware logic
        return next_(root, info, *args, **kwargs)

Limiting Query Depth

# import your schema
from graphql import execute, parse   # Requires `graphql-core>=3.0`
from graphql_utilities.execution import ExtendedExecutionContext


query = '{ field_1_str field_2_int field_3_obj { field_3_obj_sub_1 { xxx } } }'
graphql_sync(schema=schema, source=query,
               context_value={"depth_analysis": {
                   "max_depth": 2   # Maximum depth allowed
               }},
               execution_context_class=ExtendedExecutionContext     # Use the `ExtendedExecutionContext` provided in `graphql-utilities`
        )

Query Cost Analysis

See the documentation at https://graphql-utilities.readthedocs.io/en/latest/

Motivation

In recent projects, I ran into some problems with graphene and graphql-core including missing operation-level middleware (See issue here), etc. graphql-utilities is a compilation of utilities and custom execution context for depth analysis, etc targeting graphql-core>=3.0.

Contributing

Any form of contribution, feature requests, bug reports, pull requests are largely welcome.

Licenses

MIT Licensed. GraphQL logo is licensed under Facebook BSD.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.