PHP download

Download the PHP package valu/wp-graphql-lock without Composer

On this page you can find all versions of the php package valu/wp-graphql-lock. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

Table of contents
Download valu/wp-graphql-lock
More information about valu/wp-graphql-lock
Files in valu/wp-graphql-lock

Vendor valu
Package wp-graphql-lock
Short Description Query locking for wp-graphql
License GPL-2.0-or-later

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Example code of valu/wp-graphql-lock

Informations about the package wp-graphql-lock

🔒 WP GraphQL Lock

This plugin enables query locking for WPGraphQL by implementing persisted GraphQL queries.

Persisted GraphQL queries allow a GraphQL client to optimistically send a hash of the query instead of the full query; if the server has seen the query before, it can satisfy the request.

Once the server knowns all the possible queries the plugin can lock it down disallowing any unwanted queries that are possibly malicious. This can greatly improve the server security and can even protect against unpatched vulnerabilities in some cases.

Alternatively you can pre-generate the query IDs from your client source code with the GraphQL Code Generator plugin and load the IDs with the graphql_lock_load_query filter.

In addition to enabling query locking this saves network overhead and makes it possible to move to GET requests instead of POST. The primary benefit of GET requests is that they can be easily cached at the edge (e.g., with Varnish, nginx etc.).

This plugin requires WPGraphQL 0.2.0 or newer.

Compatibility

Apollo Client provides an easy implementation of persisted queries:

https://github.com/apollographql/apollo-link-persisted-queries#automatic-persisted-queries

This plugin aims to be compatible with that implementation, but will work with any client that sends a queryId alongside the query. Make sure your client also sends operationName with the optimistic request.

Implementation

When the client provides a query hash or ID, that query will be persisted in a custom post type. By default, this post type will be visible in the dashboard only to admins.

Query IDs are case-insensitive (i.e., MyQuery and myquery are equivalent).

Installation

If you use composer you can install it from packagist

composer require valu/wp-graphql-lock

Otherwise you can clone it from Github to your plugins using the stable branch

cd wp-content/plugins
git clone --branch stable https://github.com/valu-digital/wp-graphql-lock.git

Filters

`graphql_lock_load_query`

Load the queries from a custom location
The query ID is passed as the second parameter

Example:

Note: You should prefer using hidden directories / files to avoid exposing the lock file via your webserver.

`graphql_lock_post_type`

Default: 'graphql_query'
The custom post type used to persist queries. If empty, queries will not be persisted.

`graphql_lock_show_in_graphql`

Default: false
Whether the custom post type will itself be exposed via GraphQL. Enabling allows insight into which queries are persisted.

If you'd like to further customize the custom post type, filter register_post_type_args.

Lock mode

When it's active no new queries can be saved and only the saved ones can be used. This can greatly improve security as attackers cannot send arbitrary queries to the endpoint.

Lock mode can be activated by setting graphql_lock_locked option to true:

Settings

There's a settings screen for managing the option

settings

Acknowledgements

This plugin is based on the Quartz persisted Queries plugin.

Contributing

Read CONTRIBUTING.md

All versions of wp-graphql-lock with dependencies

PHP Build Version

Package Version

Version v0.1.4 Release 12. Jun 2020
create-project require 0 people choosed require and
0 people choosed create-project.

Download

Download latest version of wp-graphql-lock from vendor valu

No informations.

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package valu/wp-graphql-lock contains the following files

Loading the files please wait ....

Download the PHP package valu/wp-graphql-lock without Composer

FAQ

How can I use the PHP package after the download?

Do I need to create a project on this site?

When is it necessary to insert some auth.json content?

What is the advantage to use this site for my Composer projects?