Jump to content

GraphQL for ProcessWire


dadish

Recommended Posts

On 7/8/2021 at 1:24 PM, Tom. said:

I have corrected my cors headers so it doesn't return an error, but it's still not working. Have you had any success having the login work cross-origin? I imagine so as this is a pretty common use case for use an API cross-origin. 

Here is the CORS setup that works for me.

<?php

// https://github.com/dadish/ProcessGraphQL/blob/622c9db61cb7cf3ef998edb31e4e0e47b3c96669/test/server.php#L20-L43

function cors() {
  // Allow from any origin
  if (isset($_SERVER['HTTP_ORIGIN'])) {
      // Decide if the origin in $_SERVER['HTTP_ORIGIN'] is one
      // you want to allow, and if so:
      header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
      header('Access-Control-Allow-Credentials: true');
      header('Access-Control-Max-Age: 86400');    // cache for 1 day
  }

  // Access-Control headers are received during OPTIONS requests
  if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
      if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
          // may also be using PUT, PATCH, HEAD etc
          header("Access-Control-Allow-Methods: GET, POST, OPTIONS");         
      if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
          header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
      exit(0);
    }
}

Could you try it and let me know if it solves your problem with different domains?

Link to comment
Share on other sites

On 7/10/2021 at 9:56 PM, dadish said:

Here is the CORS setup that works for me.

<?php

// https://github.com/dadish/ProcessGraphQL/blob/622c9db61cb7cf3ef998edb31e4e0e47b3c96669/test/server.php#L20-L43

function cors() {
  // Allow from any origin
  if (isset($_SERVER['HTTP_ORIGIN'])) {
      // Decide if the origin in $_SERVER['HTTP_ORIGIN'] is one
      // you want to allow, and if so:
      header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
      header('Access-Control-Allow-Credentials: true');
      header('Access-Control-Max-Age: 86400');    // cache for 1 day
  }

  // Access-Control headers are received during OPTIONS requests
  if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
      if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
          // may also be using PUT, PATCH, HEAD etc
          header("Access-Control-Allow-Methods: GET, POST, OPTIONS");         
      if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
          header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
      exit(0);
    }
}

Could you try it and let me know if it solves your problem with different domains?

Didn't work for me, maybe it's an issue with Fetch API. What do you use to make your HTTP requests? 

 

EDIT: 
Better still, could you provide me with example code where you have CORs working through JavaScript requests? That would be super helpful as I've tried so many different things and really struggling with this. 

I do a request to login, but after that any other request is logged out. Are you meant to include the login request with every request? I'm struggling to understand the "cookie being include with every future request" as that part just doesn't seem to be happening for me. 

@dadish

Link to comment
Share on other sites

42 minutes ago, Tom. said:

Shameless Bump 😅

No problem. Sorry for not answering sooner.

On 7/16/2021 at 6:39 PM, Tom. said:

Didn't work for me, maybe it's an issue with Fetch API. What do you use to make your HTTP requests? 

I used fetch api. Just like you.

On 7/16/2021 at 6:39 PM, Tom. said:

Better still, could you provide me with example code where you have CORs working through JavaScript requests?

Sure. I created a sample app with create-react-app. Then I start the app with `npm start`. And here is my App.js file.

const query = async (query) => {
  const res = await fetch("https://skyscrapers.nurgulyashyrov.com/graphql/", {
    method: "POST",
    credentials: "include",
    headers: {
      "Content-Type": "application/json",
      Accept: "application/json",
    },
    body: JSON.stringify({ query }),
  });
  const json = await res.json();

  console.log("json", json);
};

const execute = async () => {
  await query(`{ logout { statusCode }}`);
  await query(`{ me { name }}`);
  await query(`{ login(name: "name", pass: "pass") { statusCode } }`);
  await query(`{ me { name }}`);
};

execute();

function App() {
  return null;
}

export default App;

Note that the app starts a server that runs on http://localhost:3000. If you are testing by simply opening a file in the browser then it will probably not work. So you need your browser address bar to start with http(s):// and not with file:///

EDIT: You will have to substitute the url with your own, of course. The graphql api is setup exactly as in my previous post. I assume you noticed that the CORS headers are inside the cors() function and that you have to call that function before final response.

  • Like 1
Link to comment
Share on other sites

On 7/22/2021 at 10:47 AM, dadish said:

No problem. Sorry for not answering sooner.

I used fetch api. Just like you.

Sure. I created a sample app with create-react-app. Then I start the app with `npm start`. And here is my App.js file.

const query = async (query) => {
  const res = await fetch("https://skyscrapers.nurgulyashyrov.com/graphql/", {
    method: "POST",
    credentials: "include",
    headers: {
      "Content-Type": "application/json",
      Accept: "application/json",
    },
    body: JSON.stringify({ query }),
  });
  const json = await res.json();

  console.log("json", json);
};

const execute = async () => {
  await query(`{ logout { statusCode }}`);
  await query(`{ me { name }}`);
  await query(`{ login(name: "name", pass: "pass") { statusCode } }`);
  await query(`{ me { name }}`);
};

execute();

function App() {
  return null;
}

export default App;

Note that the app starts a server that runs on http://localhost:3000. If you are testing by simply opening a file in the browser then it will probably not work. So you need your browser address bar to start with http(s):// and not with file:///

EDIT: You will have to substitute the url with your own, of course. The graphql api is setup exactly as in my previous post. I assume you noticed that the CORS headers are inside the cors() function and that you have to call that function before final response.

Interesting, this is the exact same implementation that I'm using however it's not keeping the cookie. May I ask if you are using Node JS server? I believe this may be the reason it's not working as mine is apache with vanilla JavaScript. I could prefix any call I need to be authenticated with the login query, my only concern is that would require using localStorage to keep a session alive but it isn't secure to store the login password. 

Have you had any success using vanilla JavaScript running on Apache @dadish

 

Link to comment
Share on other sites

Hi guys!

I really like this Module so far. One thing bothers me though:
the returned data from GraphQL is kinda "messy", e.g. if i have only one element returned from a list operation,
I don't want it to be returned as an array holding one element, but instead just return the one object instead.

I've written a quick and dirty JS function, which transforms the data I receive into the format described above.

transformGqlResponse (response, pagename) {
  const data = response.data[pagename]
  const content = data.list[0]

  for (const item in content) {
    if (Object.prototype.hasOwnProperty.call(content[item], 'list')) {
      content[item] = content[item].list[0]
    }
  }

  return content
}

Obviously this poses a problem for deeply nested list operations.

Is there a way to transform the data like that before it is returned to my frontend, like make the list operation return the object instead of an array when the list operation result only yields one item?

 

Also first post, LOL.

Link to comment
Share on other sites

  • 4 weeks later...

Hi Guys,

i want to get a hooked page property into my graphql schema. Does anybody know how i can configure/implement this?

/* the examble from https://processwire.com/docs/modules/hooks/#how-can-i-add-a-new-property-via-a-hook */
wire()->addHookProperty('Page::intro', function($event) {
  $page = $event->object;
  $intro = substr(strip_tags($page->body), 0, 255);
  $lastPeriodPos = strrpos($intro, '.');
  if($lastPeriod !== false) $intro = substr($intro, 0, $lastPeriodPos);
  $event->return = $intro;
});

I am playing around with the getQueryFields-Hook but I don't know what to do next:

wire()->addHookAfter('ProcessGraphQL::getQueryFields', function ($event) {

	$types = $event->return;
	foreach($types as $type) {
		if($type['name'] === 'mytype') {
			/** @var ObjectType $pageType */
			$pageType = $type['type']->getField('list')->getType()->getOfType();
			$fields = $pageType->getFields();
			
			// ????
			// and here i will add some fields
		}
	}

	$event->return = $types;
});

 

Link to comment
Share on other sites

11 hours ago, Neue Rituale said:

Hi Guys,

i want to get a hooked page property into my graphql schema. Does anybody know how i can configure/implement this?

Haven't tried it, but something like this should work. https://webonyx.github.io/graphql-php/getting-started/ Scroll down to the first example and see how fields are defined in GraphQL.

In your case it should look similar to this.

<?php

$fields[] = [
  'name' => 'intro',
  'type' => Type::string(),
  'resolve' => function ($page) {
    return $page->intro;
  }
];

Play around with it and you'll get there.

  • Like 1
Link to comment
Share on other sites

On 7/23/2021 at 11:24 AM, Tom. said:

May I ask if you are using Node JS server? I believe this may be the reason it's not working as mine is apache with vanilla JavaScript.

@dadish could you please get back to me on this?

Link to comment
Share on other sites

5 hours ago, Tom. said:

May I ask if you are using Node JS server? I believe this may be the reason it's not working as mine is apache with vanilla JavaScript.

Hey Tom. What do you mean "using Node JS server?" Do you mean where the JavaScript files coming from? If that's your question, then it should not matter. It does not matter where the javascript files are coming from.

I did a little research and found out that it works in Firefox but not in Chrome. I don't use Chrome, that's why I couldn't reproduce your issue. Have you tried the above JS code in Firefox? If not please try it out and tell me the results. If that works then we will work on fixing it for the Chrome browser.

 

  • Like 3
Link to comment
Share on other sites

On 7/25/2021 at 11:30 PM, zynth said:

Is there a way to transform the data like that before it is returned to my frontend, like make the list operation return the object instead of an array when the list operation result only yields one item?

You can do it manually on the ProcessWire side. Before returning the result to the client, simply do the JS trick that you posted in PHP and return the result to the client.

  • Like 2
Link to comment
Share on other sites

14 hours ago, dadish said:

Hey Tom. What do you mean "using Node JS server?" Do you mean where the JavaScript files coming from? If that's your question, then it should not matter. It does not matter where the javascript files are coming from.

I did a little research and found out that it works in Firefox but not in Chrome. I don't use Chrome, that's why I couldn't reproduce your issue. Have you tried the above JS code in Firefox? If not please try it out and tell me the results. If that works then we will work on fixing it for the Chrome browser.

 

Hi @dadish,

That may explain a lot, Chrome has very strict rules when it comes to CORS. I have been looking at different systems such as Strapi which is designed to be Headless and that uses this method:

image.png.c090ea0d2922d481c2a4e3069df8d212.png

So it returns an Authorization code that could be stored in Local Storage then passed into future requests using the Authorization header. This could be implemented into ProcessWire with a custom field on the User page for jwt and generating a key if a successful login was made and returning it to the user. graphql.php could then check if the authorization header has been passed and if it finds a matching jwt code - force log them in before processing the query. 

Seems really simple to implement. I'm unsure whether it's worth shipping with that functionality or have people build it in? What do you think @dadish?
 

Link to comment
Share on other sites

4 minutes ago, Tom. said:

Seems really simple to implement. I'm unsure whether it's worth shipping with that functionality or have people build it in? What do you think @dadish?

I would prefer people implement their own authenticaton/session flow. The thing you describe above should be simple to implement with the ProcessGraphQL::getMutationFields hook. I think I will remove the login(name: "name", pass: "pass") query field in the future and add a clear documentation/example on how you could implement your own authentication flow.

Thanks a lot for the idea @Tom.. I think it would be more flexible this way.

Link to comment
Share on other sites

1 hour ago, dadish said:

I think I will remove the login(name: "name", pass: "pass") query field in the future and add a clear documentation/example on how you could implement your own authentication flow.

Interesting, what would you do that for? I would be more than happy to implement the authentication flow above and ship with it? That would suit most peoples needs. It would make it more feature rich out of the box.

Link to comment
Share on other sites

2 minutes ago, Tom. said:

That would suit most peoples needs. It would make it more feature rich out of the box.

Or in other words, it would force people to use a predefined method of authentication, instead of allowing them to use their own preferred version. Some people may prefer JWT tokens, others might want cookie based auth or maybe people need to use third party authentication like AWS Incognito..., the list goes on.

Link to comment
Share on other sites

3 hours ago, dadish said:

Some people may prefer JWT tokens, others might want cookie based auth

Hi @dadish

Would it be okay if you PM you regarding this? I would like to create a module to enable JWT auth. I have it working by modifying the source code but I would like to create it as a module so others can use it easily and I also don't want to miss out on any bug fixes or updates as I've modified the module.

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Robin S
      This module lets you add some custom menu items to the main admin menu, and you can set the dropdown links dynamically in a hook if needed.
      Sidenote: the module config uses some repeatable/sortable rows for the child link settings, similar to the ProFields Table interface. The data gets saved as JSON in a hidden textarea field. Might be interesting to other module developers?
      Custom Admin Menus
      Adds up to three custom menu items with optional dropdowns to the main admin menu.
      The menu items can link to admin pages, front-end pages, or pages on external websites.
      The links can be set to open in a new browser tab, and child links in the dropdown can be given an icon.
      Requires ProcessWire v3.0.178 or newer.
      Screenshots
      Example of menu items

      Module config for the menus

      Link list shown when parent menu item is not given a URL

      Advanced
      Setting child menu items dynamically
      If needed you can set the child menu items dynamically using a hook.
      Example:
      $wire->addHookAfter('CustomAdminMenus::getMenuChildren', function(HookEvent $event) { // The menu number is the first argument $menu_number = $event->arguments(0); if($menu_number === 1) { $colours = $event->wire()->pages->findRaw('template=colour', ['title', 'url', 'page_icon']); $children = []; foreach($colours as $colour) { // Each child item should be an array with the following keys $children[] = [ 'icon' => $colour['page_icon'], 'label' => $colour['title'], 'url' => $colour['url'], 'newtab' => false, ]; } $event->return = $children; } }); Create multiple levels of flyout menus
      It's also possible to create multiple levels of flyout submenus using a hook.

      For each level a submenu can be defined in a "children" item. Example:
      $wire->addHookAfter('CustomAdminMenus::getMenuChildren', function(HookEvent $event) { // The menu number is the first argument $menu_number = $event->arguments(0); if($menu_number === 1) { $children = [ [ 'icon' => 'adjust', 'label' => 'One', 'url' => '/one/', 'newtab' => false, ], [ 'icon' => 'anchor', 'label' => 'Two', 'url' => '/two/', 'newtab' => false, 'children' => [ [ 'icon' => 'child', 'label' => 'Red', 'url' => '/red/', 'newtab' => false, ], [ 'icon' => 'bullhorn', 'label' => 'Green', 'url' => '/green/', 'newtab' => false, 'children' => [ [ 'icon' => 'wifi', 'label' => 'Small', 'url' => '/small/', 'newtab' => true, ], [ 'icon' => 'codepen', 'label' => 'Medium', 'url' => '/medium/', 'newtab' => false, ], [ 'icon' => 'cogs', 'label' => 'Large', 'url' => '/large/', 'newtab' => false, ], ] ], [ 'icon' => 'futbol-o', 'label' => 'Blue', 'url' => '/blue/', 'newtab' => true, ], ] ], [ 'icon' => 'hand-o-left', 'label' => 'Three', 'url' => '/three/', 'newtab' => false, ], ]; $event->return = $children; } }); Showing/hiding menus according to user role
      You can determine which menu items can be seen by a role by checking the user's role in the hook.
      For example, if a user has or lacks a role you could include different child menu items in the hook return value. Or if you want to conditionally hide a custom menu altogether you can set the return value to false. Example:
      $wire->addHookAfter('CustomAdminMenus::getMenuChildren', function(HookEvent $event) { // The menu number is the first argument $menu_number = $event->arguments(0); $user = $event->wire()->user; // For custom menu number 1... if($menu_number === 1) { // ...if user does not have some particular role... if(!$user->hasRole('foo')) { // ...do not show the menu $event->return = false; } } });  
      https://github.com/Toutouwai/CustomAdminMenus
      https://processwire.com/modules/custom-admin-menus/
    • By tcnet
      This module for ProcessWire sends a notification email for each failed login attempt. Similar modules exists already in the module directory of ProcessWire. However, this module is designed to notify, even if specified user doesn't exist.
      Settings
      The settings for this module are located in the menu Modules=>Configure=>LoginFailNotifier.
      Notification email
      Specifies the email address to which the notification emails should be sent.
        Email subject
      Specifies the subject line for the notification email.
        Post variables
      Specifies the $_POST variables to be included in the notification email. Each variable must be separated by a comma. For example: login_name,login_pass
        Server variables
      Specifies the $_SERVER variables to be included in the notification email. Each variable must be separated by a comma. For example: REMOTE_ADDR,HTTP_USER_AGENT
      Link to ProcessWire module directory:
      https://processwire.com/modules/login-fail-notifier/
      Link to github.com:
      https://github.com/techcnet/LoginFailNotifier
    • By Fokke
      ProcessWire 3.x markup module for rendering meta tags in HTML document head section. Note that this module is not a full-blown SEO solution, but rather a simple tool for rendering meta tags based on module configuration. Adding custom meta tags is also supported.
      Built-in meta tags
      The following meta tags are supported out-of-the-box:
      Document title consisting of page title and site name Character set Canonical Viewport Description Keywords Hreflang tags Open Graph og:title og:site_name og:type og:url og:description og:image og:image:width og:image:height Twitter meta tags twitter:card twitter:site twitter:creator twitter:title twitter:description twitter:image Facebook meta tags fb:app_id The full documentation with configurable options can be found here: https://github.com/Fokke-/MarkupMetadata
       
      Requirements:
      ProcessWire>=3.0.0 PHP >=7.1 Installation using Composer
      composer require fokke/markup-metadata Manual installation
      Download latest version from https://github.com/Fokke-/MarkupMetadata/archive/master.zip Extract module files to site/modules/MarkupMetadata directory.
    • By m.sieber
      ITRK-Service for ProcessWire
      Module for the automated transfer of imprint, data protection declaration and terms and conditions from IT-Recht Kanzlei to your ProcessWire installation
      What is ITRK Service for ProcessWire?
      ITRK-Service for ProcessWire is a free module for ProcessWire CMS. It provides an interface to the update service of IT-Recht Kanzlei, via which the legal texts of your online presence are automatically updated. In this way, the texts remain legally secure and warning-proof in the long term. Imprint, data protection declaration, revocation and general terms and conditions are currently supported.
      You can find our documentation (in german language) here: https://www.pupit.de/itrk-service-for-processwire/dokumentation/

      Download: https://www.pupit.de/itrk-service-for-processwire/
      Github: https://github.com/pupit-de/pwItrkServiceConnector
    • By LuisM
      Symprowire is a PHP MVC Framework based and built on Symfony using ProcessWire 3.x as DBAL and Service-Provider
      It acts as a Drop-In Replacement Module to handle the Request/Response outside the ProcessWire Admin. Even tough Symfony or any other mature MVC Framework could be intimidating at first, Symprowire tries to abstract Configuration and Symfony Internals away as much as possible to give you a quick start and lift the heavy work for you.
      The main Goal is to give an easy path to follow an MVC Approach during development with ProcessWire and open up the available eco-system.
      You can find the GitHub Repo and more Information here: https://github.com/Luis85/symprowire
      Documentation
      The Symprowire Wiki https://github.com/Luis85/symprowire/wiki How to create a simple Blog with Symprowire https://github.com/Luis85/symprowire/wiki/Symprowire-Blog-Tutorial Last Update
      16.07.2021 // RC 1 v0.6.0 centralized ProcessWire access trough out the Application by wrapping to a Service https://github.com/Luis85/symprowire/releases/tag/v0.6.0-rc-1 Requirements
      PHP ^7.4 Fresh ProcessWire ^3.0.181 with a Blank Profile Composer 2 (v1 should work, not recommended) The usual Symfony Requirements Features
      Twig Dependency Injection Monolog for Symprowire Support for .env YAML Configuration Symfony Console and Console Commands Symfony Webprofiler Full ProcessWire access inside your Controller and Services Webpack Encore support Caveats
      Symfony is no small Framework and will come with a price in terms of Memory Usage and added Overhead. To give you a taste I installed Tracy Debugger alongside to compare ProcessWire profiling with the included Symfony Webprofiler

      So in a fresh install Symprowire would atleast add another 2MB of Memory usage and around 40ms in response time, should be less in production due to the added overhead of the Webprofiler in dev env
       
×
×
  • Create New...