graphqlite
graphqlite copied to clipboard
thecodingmachine
Get Context inside AuthenticatorService....
I'm using graphqlite in a standalone server process (currently reactphp, maybe switching to swoole) and therefore I cant use global variables, so I took my meta data from the request into the context variable passed to executeQuery.
Is there any way to get the context variable inside the AuthenticationServiceInterface/AuthorizationServiceInterface without using a dirty debug_backtrace() hack?
Ouch, excellent question.
Currently, there is no way, but you are completely right, we need to be able to do this.
Do you think we should pass the context variable, or maybe directly a PSR-7 Request object?
I don't have to much time to work on this right now, but I would gladly accept a pull request!
I tested a little bit - at current state the auth function is just called once (cached). Because of this, I need to create the schema for each request new.
So we need either remove the cache (maybe a flag) or cache by a pseudo unique identifier, like a session id which has to be passed in some way. For my case, disable Authentication Cache is enough, the Authorization Cache can be easily mapped by the user object returned by Authentication Service.
To answer your question. Passing the context to every function after executeQuery should be done. The programmer itself is free to add there the Request in his own format or as PSR 7 request.
Damn, I did not think about the caching, you are completely right!
Caching happens here:
https://github.com/thecodingmachine/graphqlite/blob/master/src/Middlewares/AuthorizationFieldMiddleware.php#L60-L62
The authentication is done only once and if it succeeds, the field is part of the schema.
What we could do is use the same strategy as the "@Security" annotation:
https://github.com/thecodingmachine/graphqlite/blob/master/src/Middlewares/SecurityFieldMiddleware.php#L86-L92
Here, the resolver is wrapped into another resolver that is called each time a field is resolved. That would solve your issue.
Otherwise, :+1: for passing the context. It makes sense.
Hello ! Any news on this, if you was able to achieve this, can you provide an example? Thanks !
@fezfez there have been some more recent efforts to get GraphQLite working with a long running server by eliminating immutability. Please see: https://github.com/thecodingmachine/graphqlite/pull/584
Is this your objective, or are you specifically referring to accessing the Context?
Yep a was trying to use swoole in my apps, this is the last step to go in production.
There was some conversation around getting more lazy loading around authentication for this purpose I believe. I don't really recall the full status on those efforts. There are some PRs that need to be merged and some other efforts. I believe @oprypkhantc was working on these.
It'd be nice for it to get PRs reviewed @oojacoboo :) But yes, besides my changes there are other things to be done - like using a new context instance for every request, and possibly making that accessible throughout GraphQLite. That's not as easy as it sounds though.
