Comments (2)
IronSinew
commented on July 20, 2024
4
I was able to solve this, by the way.
config/lighthouse.php
change 'gate' => null to 'gate' => 'sanctum'
Add EnsureFrontendRequestsAreStateful::class to the route.middleware config
config/graphql-playground.php
route.middleware I added the auth middleware to this, just so that I wouldn't have to get a CSRF cookie / manage login on the playground view. Obviously this could be adjusted to your needs.
Make sure you add this code to GraphQLPlayground.init as documented in the other CSRF protection docs:
settings: {
'request.credentials': 'same-origin',
},
headers: {
'X-CSRF-TOKEN': document.querySelector('meta[name="csrf-token"]').content
}
from laravel-graphql-playground.
junioro12
commented on July 20, 2024
Interested in this as well...it seems that the graphql requests don't send the "Referer" header, which Sanctum relies on to authenticate. If we inject the header in middleware, then it does authenticate, but that isn't secure. Wondering if there is a way to get the playground graphql calls to send the "Referer" which would seem to solve this.
from laravel-graphql-playground.
Related Issues (20)
- Add setting for weboscket to subscription HOT 3
- Add a documentation to explain how to add default request headers HOT 2
- Laravel 5.8 Support - Problem with Route HOT 3
- How to enable the multi env side panel? HOT 1
- Include table name on where directive HOT 1
- JavaScript Error when clicking "copy curl" HOT 2
- Suggestion: consider a debug tab HOT 2
- Publish package under different tag name HOT 1
- is there any file picker or way to upload files? HOT 2
- Not support for laravel 8 HOT 3
- Method signature issues in GraphQLPlaygroundServiceProvider#loadRoutesFrom HOT 2
- Add functionality to provide the subscription endpoint. HOT 3
- Update headers HOT 3
- Exclude mutation from playground HOT 1
- Laravel GraphQl getting Could not connect to websocket endpoint error HOT 2
- Announcement "Retiring Graphql Playground" HOT 6
- playground over https
- Couldn`t open schema and docs tabs on production server (infinitely loading content) HOT 6
- laravel 10 support HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from laravel-graphql-playground.