Open
Description
Hi,
wouldn't it make sense to have separate endpoints for GraphQL and GraphiQL? As per README, there should be two endpoints (/graphql
and /graphiql
), however only /graphql
gets exposed. Let's say I would like to publish GraphiQL only to selected group of people (e.g. frontend developers) and protect it by authentication. Having a separate endpoint would make whole thing much easier.
Activity
jonwarghed commentedon Mar 8, 2018
If you set your graphql endpoint to not expose graphql and then add an authenticated view as a second endpoint at /graphiql is that enough for your situation?
tlinhart commentedon Mar 8, 2018
Hi Jon,
I know the issue could be solved in a similar fashion to what you propose. I just don't think it's a clean solution. Mixing access to API endpoint and standalone tool that way doesn't feel right. In my opinion it simply violates separation of concerns principle with all the consequences it brings (code readability and maintainability etc.) If I omit the implementation part, the usage also doesn't seem too intuitive.
In the project I'm working on, I've separated the two, resulting in much cleaner code and components that can be handled completely independently of each other.
yanghg-basefx commentedon Oct 19, 2018
I have the same issue with you. So I just pass graphiql=False, copy the html templates comes from render_graphiql.py and change little codes:
isakal commentedon Jan 2, 2020
This is what mine routes.py looks like for each endpoint
^^ This for adding users since i have not implemented mutations yet