File: dashboard.md

package info (click to toggle)
ruby-graphql 2.5.19-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 13,868 kB
  • sloc: ruby: 80,420; ansic: 1,808; yacc: 845; javascript: 480; makefile: 6
file content (85 lines) | stat: -rw-r--r-- 2,674 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
 
---
layout: guide
doc_stub: false
search: true
section: GraphQL Pro
title: Dashboard
desc: Installing GraphQL-Pro's Dashboard
index: 4
pro: true
---


[GraphQL-Pro](https://graphql.pro) includes a web dashboard for monitoring {% internal_link "Operation Store", "/operation_store/overview" %} and {% internal_link "subscriptions", "/subscriptions/pusher_implementation" %}.

<!-- TODO image -->

## Installation

To hook up the Dashboard, add it to `routes.rb`

```ruby
# config/routes.rb

# Include GraphQL::Pro's routing extensions:
using GraphQL::Pro::Routes

Rails.application.routes.draw do
  # ...
  # Add the GraphQL::Pro Dashboard
  # TODO: authorize, see below
  mount MySchema.dashboard, at: "/graphql/dashboard"
end
```

With this configuration, it will be available at `/graphql/dashboard`.

The dashboard is a Rack app, so you can mount it in Sinatra or any other Rack app.

#### Lazy-loading the schema

Alternatively, you can set up the dashboard to load the schema during the first request. To do that, initialize `GraphQL::Pro::Routes::Lazy` with a string that gives the fully-qualified name of your schema class, for example:

```ruby
Rails.application.routes.draw do
  # ...
  # Add the GraphQL::Pro Dashboard
  # TODO: authorize, see below
  lazy_routes = GraphQL::Pro::Routes::Lazy.new("MySchema")
  mount lazy_routes.dashboard, at: "/graphql/dashboard"
end
```

With this setup, `MySchema` will be loaded when the dashboard serves its first request. This can speed up your application's boot in development since it doesn't load the whole GraphQL schema when building the routes.

## Authorizing the Dashboard

You should only allow admin users to see `/graphql/dashboard` because it allows viewers to delete stored operations.

### Rails Routing Constraints

Use [Rails routing constraints](https://api.rubyonrails.org/v5.1/classes/ActionDispatch/Routing/Mapper/Scoping.html#method-i-constraints) to restrict access to authorized users, for example:

```ruby
# Check the secure session for a staff flag:
STAFF_ONLY = ->(request) { request.session["staff"] == true }
# Only serve the GraphQL Dashboard to staff users:
constraints(STAFF_ONLY) do
  mount MySchema.dashboard, at: "/graphql/dashboard"
end
```

### Rack Basic Authentication

Insert the `Rack::Auth::Basic` middleware, before the web view. This prompts for a username and password when visiting the dashboard.

```ruby
graphql_dashboard = Rack::Builder.new do
  use(Rack::Auth::Basic) do |username, password|
    username == ENV.fetch("GRAPHQL_USERNAME") && password == ENV.fetch("GRAPHQL_PASSWORD")
  end

  run MySchema.dashboard
end
mount graphql_dashboard, at: "/graphql/dashboard"
```