neovis.js icon indicating copy to clipboard operation
neovis.js copied to clipboard

Published 20 hours ago verified publisher icon neo4j-contrib

how to use with data from a python server?

Open dcsan opened this issue 4 years ago • 3 comments

I'd like to use this but not putting my DB credentials right into client JS code 😱

  • If I provide a server REST API end point, what is the format I should send back the data?

  • I was planning to use a python server, can I just send a result.data() dictionary of the query result, or is there a specific format / datastructure required?

  • What is the API to load data client side, eg if the graph updates? eg if i do NOT give it my DB login info. The examples at top only state:

config
A configuration object that defines:
how to connect to Neo4j (required)

This library encourages newbies to neo4j to put their DB logins into client code.

dcsan avatar Jul 05 '21 22:07 dcsan

Currently neovis.js doesn't support any data that doesn't come from neo4j as it use the driver directly (unless you somehow manage to implement bolt protocol on your server which I guess you wouldn't 😅)

It's a calculated risk to open neo4j directly and it was discussed heavily in https://github.com/neo4j-contrib/neovis.js/issues/101 and https://github.com/neo4j-contrib/neovis.js/issues/109

I currently don't think about implementing it anyway because I can't see enough benefits on top of directly using vis.js in that case, if you see enough benefits in neovis that aren't in vis.js directly though I would be glad to hear and I'll consider adding it 😄

thebestnom avatar Jul 05 '21 22:07 thebestnom

for my use case, working with clients data, it's an absolute non-starter to expose DB creds in the wild, so I guess this isn't useful.

maybe for a POC running on my local machine, but then... I don't see the use case beyond that, and don't want to write myself into a dead-end.

Maybe inside some huge corporate private network but that's also a huge risk. I'm working with a cloud hosted neo4j instance so that's out too.

out of interest why did you decide to visualize based on bolt protocol and not some serialized data format? is it because you can handle any kind of arbitrary complex query? Or it started as an internal project somewhere?

reminds me of the whole mongoDB "insecure by design" debacle

dcsan avatar Jul 06 '21 00:07 dcsan

Bolt protocol is what neo4j is using, Ill be fair and say that I started maintaining this library after it was already written But I think that most people using this library is to give a way to have kind of neo4j web client in thier web client... (And I did use it in a private network) and yep, having the ability for complex query and query per node/relationship (in 1.x it's sizeCypher and we expended this to any property in 2.x) is part of the reason I used this I'm not aware of a useful features this library gives over vis.js when it comes to the part after the data is fetched (maybe group configs?) and as I said in my last comment if you find important one Ill do consider adding another data srouce

thebestnom avatar Jul 06 '21 04:07 thebestnom