⚡️ Pro Feature ⚡️ This feature is bundled with GraphQL-Pro.

Dashboard

GraphQL-Pro includes a web dashboard for monitoring Operation Store and subscriptions.

Installation

To hook up the Dashboard, add it to routes.rb

# config/routes.rb

# Include GraphQL::Pro's routing extensions:
using GraphQL::Pro::Routes

Rails.application.routes.draw do
  # ...
  # Add the GraphQL::Pro Dashboard
  # TODO: authorize, see below
  mount MySchema.dashboard, at: "/graphql/dashboard"
end

With this configuration, it will be available at /graphql/dashboard.

The dashboard is a Rack app, so you can mount it in Sinatra or any other Rack app.

Authorizing the Dashboard

You should only allow admin users to see /graphql/dashboard because it allows viewers to delete stored operations.

Rails Routing Constraints

Use Rails routing constraints to restrict access to authorized users, for example:

# Check the secure session for a staff flag:
STAFF_ONLY = ->(request) { request.session["staff"] == true }
# Only serve the GraphQL Dashboard to staff users:
constraints(STAFF_ONLY) do
  mount MySchema.dashboard, at: "/graphql/dashboard"
end

Rack Basic Authentication

Insert the Rack::Auth::Basic middleware, before the web view. This prompts for a username and password when visiting the dashboard.

graphql_dashboard = Rack::Builder.new do
  use(Rack::Auth::Basic) do |username, password|
    username == ENV.fetch("GRAPHQL_USERNAME") && password == ENV.fetch("GRAPHQL_PASSWORD")
  end

  run MySchema.dashboard
end
mount graphql_dashboard, at: "/graphql/dashboard"