Often we want our graphql endpoints to be behind header based authentication so that we can protect private data and identify the user. This becomes a problem when we wish to use the graphiql for development/testing/documentation because there is no way of setting the required authentication header.
I would like to be able to supply additional headers for graphiql to use when making requests to the graphql endpoint.
I was thinking that perhaps we could add a juniper::graphiql::graphiql_source_with_config or similar that takes the endpoint (as before) and a struct of options which (for now) has one field request_headers: Vec<(String, String)>.
These headers would then be added to the headers used in the graphiql fetcher
|
headers: { |
|
'Accept': 'application/json', |
|
'Content-Type': 'application/json', |
|
}, |
Each of the web frameworks would then need to be updated to expose a handler for this new graphiql function for developers to use.
I would be happy to contribute this change if it is likely to be merged.
Often we want our graphql endpoints to be behind header based authentication so that we can protect private data and identify the user. This becomes a problem when we wish to use the graphiql for development/testing/documentation because there is no way of setting the required authentication header.
I would like to be able to supply additional headers for graphiql to use when making requests to the graphql endpoint.
I was thinking that perhaps we could add a
juniper::graphiql::graphiql_source_with_configor similar that takes the endpoint (as before) and a struct of options which (for now) has one field request_headers:Vec<(String, String)>.These headers would then be added to the headers used in the graphiql fetcher
juniper/juniper/src/http/graphiql.rs
Lines 20 to 23 in 2ea7d9b
Each of the web frameworks would then need to be updated to expose a handler for this new graphiql function for developers to use.
I would be happy to contribute this change if it is likely to be merged.