Tom.

It's just a default text field with the HTML Entity Encoder enabled.

Hello, I'm revisiting a project using this and I'm having some issues. In this example I'm using "job_title". From what I can tell everything is in place. For what reason am I receiving this error? @dadish

DELETED

Hi @dadish Would it be okay if you PM you regarding this? I would like to create a module to enable JWT auth. I have it working by modifying the source code but I would like to create it as a module so others can use it easily and I also don't want to miss out on any bug fixes or updates as I've modified the module.

Interesting, what would you do that for? I would be more than happy to implement the authentication flow above and ship with it? That would suit most peoples needs. It would make it more feature rich out of the box.

Hi @dadish, That may explain a lot, Chrome has very strict rules when it comes to CORS. I have been looking at different systems such as Strapi which is designed to be Headless and that uses this method: So it returns an Authorization code that could be stored in Local Storage then passed into future requests using the Authorization header. This could be implemented into ProcessWire with a custom field on the User page for jwt and generating a key if a successful login was made and returning it to the user. graphql.php could then check if the authorization header has been passed and if it finds a matching jwt code - force log them in before processing the query. Seems really simple to implement. I'm unsure whether it's worth shipping with that functionality or have people build it in? What do you think @dadish?

@dadish could you please get back to me on this?

Interesting, this is the exact same implementation that I'm using however it's not keeping the cookie. May I ask if you are using Node JS server? I believe this may be the reason it's not working as mine is apache with vanilla JavaScript. I could prefix any call I need to be authenticated with the login query, my only concern is that would require using localStorage to keep a session alive but it isn't secure to store the login password. Have you had any success using vanilla JavaScript running on Apache @dadish?

Shameless Bump ?

Didn't work for me, maybe it's an issue with Fetch API. What do you use to make your HTTP requests? EDIT: Better still, could you provide me with example code where you have CORs working through JavaScript requests? That would be super helpful as I've tried so many different things and really struggling with this. I do a request to login, but after that any other request is logged out. Are you meant to include the login request with every request? I'm struggling to understand the "cookie being include with every future request" as that part just doesn't seem to be happening for me. @dadish

I found out the issue, I also needed to add the parent to the list of templates exposed to the GraphQL API. Thank you for your help ? @dadish I'm currently struggling now with the authentication flow. I'm using JavaScript Fetch API (https://graphql.org/graphql-js/graphql-clients/? function graphQL(query) { const url = 'https://phpstack-389529-2027697.cloudwaysapps.com/graphql/'; return new Promise(resolve => { fetch(url, { method: 'POST', headers: { 'Content-Type': 'application/json', 'Accept': 'application/json' }, body: JSON.stringify({ query: query }) }).then(response => { console.log(response); resolve(response.json()); }); }); }; I'm then logging in, passing a query then logging out for user submission: // Login graphQL(`{ login(name: "api-user", pass: "api-pass123") { statusCode } }`).then(result => { // Submit Data graphQL(submitQuery).then(result => { // Logout graphQL(`{ logout { statusCode } }`); }); }); submitQuery is the follow: mutation { createEntry(page: { parent: "1044", title: "Test", name: "Test", address: "23 Common", link: "", manager_name: "twgew gweg gwe", manager_email:"wgwe@gwegwe.com", phone: "7547037473", cards: "20", offers: { add: [{ title: "ewwfeefwfwefew" },{ title: "eerefgger" },{ title: "eregrer" },{ title: "ergeregre" }] }, terms: "fewfewwfe" }){ manager_name } } Which is returning the error: message: "Schema is not configured for mutations." When using GraphiQL I can get that error by not logging in first, if I login then run it it works fine. I've checked the login and it does return 200 login successful. But from what I can tell it's not actually setting any cookie or anything so the second query fails. Do you know how to get this working @dadish EDIT: For now I've just done this on the graphql.php file which works, it's not ideal but I'm a tight deadline ? <?php namespace ProcessWire; header("Access-Control-Allow-Origin: *"); header("Access-Control-Allow-Headers: *"); header('Content-Type: application/json'); $session->login("api-user", "api-pass123"); echo json_encode($modules->get('ProcessGraphQL')->executeGraphQL(), true); $session->logout(); EDIT 2: Been doing some research and you have to include do the following with the fetch from what I understand: function graphQL(query) { const url = 'https://phpstack-389529-2027697.cloudwaysapps.com/graphql/'; return new Promise(resolve => { fetch(url, { method: 'POST', headers: { 'Content-Type': 'application/json', 'Accept': 'application/json' }, credentials: 'include', // INCLUDE CREDENTIALS body: JSON.stringify({ query: query }) }).then(response => { console.log(response); resolve(response.json()); }); }); }; I have corrected my cors headers so it doesn't return an error, but it's still not working. Have you had any success having the login work cross-origin? I imagine so as this is a pretty common use case for use an API cross-origin.

That's amazing, thank you. Also, I'm logged in as Admin (superuser) and I can't seem to use the mutation to "create" only "update" and I can't seem to find the reason why. How do I add the ability to create pages? Also is there an option to create pages but not edit them. It isn't possible with the permissions on ProcessWire, but I wouldn't want people exploiting the API and editing content, but I would like user submitted content. e.g. storing form submission data. Thanks, Tom EDIT: Type in the settings part under "me": "Adds me query field. Allows user to query her credentials." Should be "Allows user to query their credentials."

This is great! Having a play with it now. I'm still getting my head around things, but I can't figure out why this isn't working: <script> fetch('https://phpstack-389529-2027697.cloudwaysapps.com/graphql/', { method: 'POST', headers: { 'Content-Type': 'application/json', 'Accept': 'application/json' }, body: JSON.stringify({ query: `{ venue { list { title } } }` }) }) .then(r => r.json()) .then(data => console.log('data returned:', data)); </script> I have enabled CORS on the graphql.php file: <?php namespace ProcessWire; header("Access-Control-Allow-Origin: *"); header("Access-Control-Allow-Headers: *"); header('Content-Type: application/json'); echo json_encode($modules->get('ProcessGraphQL')->executeGraphQL(), true); But I'm getting the result: message: "Cannot query field \"venue\" on type \"Query\"." But I can use GraphiQL to do the same query and it works as intended: What am I doing wrong here? EDIT: Figured it out, I needed to give Guest permissions to access. I was wondering how do you do the login flow through JavaScript so I can make requests that only certain users could view, I like the fact that this uses ProcessWires permission system! Very clever.

Hello guys, I have updated a client website to V3 but now FormBuilder 0.2.2 is no longer functioning even though it states compatibility with V3. They had a freelance developer build the website so they aren't able to update it and neither am I. I can rollback the website, but they are wanting to use some modules that only support V3. I was wondering what the process would be? I have access to the licence key. Thanks, Tom EDIT: Was able to edit the source code and fix it.

Hello, I haven't actually used ProcessWire for a while as I've been using Webflow to build websites recently. I am actually looking at doing my own version of Udesly that interfaces with Webflow, so people can export from Webflow to make ProcessWire themes... Anyway. I was wondering why the example of Text Tags uses: $wire->addHook("/find-field_options/", function($e) { $q = $e->input->get("q", "text,selectorValue"); if(strlen($q) < 3) return []; return array_values($e->pages->findRaw("parent=/tags/, title%=$q, field=title")); }); I thought the correct way of using findRaw is: $e->pages->findRaw("parent=/tags/, title%=$q", "title")