Extend an existing Django REST Framework or Tastypie API with a GraphQL interface with a only a couple of lines of code.
Project description
GraphWrap
GraphWrap is a python library which, by adding only two lines of code to your django project, can extend an existing Django Rest Framework (or Tastypie) API with a GraphQL interface. This is achieved by leveraging Graphene-Django to dynamically build, at runtime, a GraphQL ObjectType for each Django REST (or tastypie) view in your API. These ObjectTypes are then glued together to form a GraphQL schema which has the same "shape" as your existing REST API. Note that GraphWrap is not designed to build a GraphQL schema to replace your existing REST API, but rather extend it to offer an additional fully compliant GraphQL-queryable interface.
Highlights:
-
The dynamic nature of the build of the GraphQL layer means that you can continue to develop your existing REST based API and know that the GraphQL schema will be kept up-to-date automatically.
-
Since the GraphQL layer is using the REST API under-the-hood, you can be sure that important things like serialization, authentication, authorization and filtering will be consistent between your REST view and the corresponding GraphQL type.
-
You no longer need to "over expose" fields from nested apis - the client can make use of the GraphQL layer to fetch data they need. This can lead to significant performance boosts in certain circumstances (One of the advantages of GraphQL queries is that they solve the n+1 problem which occurs with traditional REST-based APIs).
Which problems does GraphWrap address?
-
A common pattern for circumventing the n+1 problem on a REST API is to expose fields from "nested" serializers on a parent serializer. For example, here we expose fields from the
AuthorSerializer
on thePostViewSet
:class AuthorSerializer(serializers.ModelSerializer): class Meta: model = Author fields = ['name', 'active'] class PostSerializer(serializers.ModelSerializer): author = AuthorSerializer(source='author') class Meta: model = Post fields = ['author', 'content'] class PostViewSet(viewsets.ReadOnlyModelViewSet): queryset = Post.objects.all() serializer_class = PostSerializer
-
Whilst this solves n+1 problem, it creates a whole new class of problem. The issue now is that we're potentially over exposing the nested author fields: we may have one api client who is interested in these nested fields, but we may also have several for whom these fields are irrelevant and who do not appreciate the extra time it now takes to fetch and serialize this additional data. Unless we start building an API per client (which of course we do not want), we're a bit stuck.
-
Enter GraphQL: GraphQL is designed so that the client decides what info it receives from the server, not the other way around. Whilst many great packages exist to create a GraphQL API from scratch, migrating an mature production REST API to use one of these frameworks is not so simple. It may also be that our REST API has functionality which is not available on a GraphQL specific API.
-
This is where GrapWrap comes in: by adding two lines of code to your project, GraphWrap exposes a GraphQL schema which has the same "shape" as your existing REST API. With this new endpoint, we can now stop overexposing the
author
fields and instead simply exposeauthor
as a URL:class PostSerializer(serializers.ModelSerializer): author = serializers.HyperlinkedRelatedField( view_name='author-detail', read_only=True)
This keeps our clients who don't care about the nested author fields happy. Any client interested in retrieving the nested author fields can then do so via a query to the new
/graphql
endpoint:query { all_posts { content author { name active } } }
The important point here is that the above query will authentication, permissions and serialization coming from the corresponding Django REST Post and Author viewsets/serializers.
Limitations
Here are a few limitations of the GraphQL API produced by GraphWrap:
-
It can only accept GraphQL queries - mutations and subscriptions are not (yet) supported.
-
The schema is built only from Django REST Framework views which inherit from
ModelViewSet
(orReadOnlyModelViewSet
) and which are registered via a router which inherits from SimpleRouter. Alternatively, if you're using tastypie, the schema is only built from resources inheriting fromModelResource
. -
Will only work for APIs which use JSON serialization.
GraphWrap for the Django REST Framework
Quick start
Prerequisites
Before using this library, you must be using Python 3.6 (or later) and have the following installed:
Django >=2.2
djangorestframework>=3.0.0
Installing
pip install graph_wrap
Exposing the /graphql endpoint
GraphWrap exposes the GraphQL schema via a Django view graphql_view
. This view builds and exposes a GraphQL
queryable schema via a POST request to a /graphql
endpoint. The code snippet below demonstrates by example
how you can transform your DRF REST-API into a GraphQL schema by adding just two lines of code to your project:
from rest_framework import routers
from graph_wrap.django_rest_framework.graphql_view import graphql_view # Addition 1: import the graphql_view
from tests.django_rest_framework_api.api import (
AuthorViewSet, PostViewSet)
router = routers.SimpleRouter()
router.register(r'author', AuthorViewSet)
router.register(r'post', PostViewSet)
urlpatterns = [
path(r'', include(api.urls)),
path(r'/graphql/', view=graphql_view), # Addition 2: Register the view under the URL /graphql.
]
Documentation (by Example)
In this section we give a brief overview of how to use GraphWrap with Django REST Framework via examining a simple concrete example.
Set-up
Suppose we have the following basic django models and corresponding DRF API ( a fully executable (but more complex) version of this example can be found in graph_wrap.tests):
# models.py
class Media(models.Model):
name = models.TextField()
content_type = models.TextField(null=True)
size = models.BigIntegerField(null=True)
class Author(models.Model):
user = models.ForeignKey(User, on_delete=models.PROTECT, null=True)
name = models.TextField()
age = models.IntegerField(null=True)
active = models.BooleanField(default=True)
profile_picture = models.ForeignKey(
Media, null=True, on_delete=models.PROTECT)
def get_name(self):
# Use to test custom additional serialization
return self.name.upper()
class Post(models.Model):
content = models.TextField()
date = models.DateTimeField()
author = models.ForeignKey(
Author, null=True, on_delete=models.SET_NULL, related_name='entries')
files = models.ManyToManyField('Media')
rating = models.DecimalField(null=True, decimal_places=20, max_digits=40)
# api.py
class UserSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ['username', 'is_staff']
class AuthorSerializer(serializers.ModelSerializer):
user = UserSerializer()
entries = serializers.PrimaryKeyRelatedField(
many=True, queryset=Post.objects.all())
class Meta:
model = Author
fields = ['name', 'age', 'rating', 'profile_picture', 'user', 'entries']
class PostSerializer(serializers.ModelSerializer):
written_by = serializers.HyperlinkedRelatedField(
view_name='author-detail', read_only=True)
class Meta:
model = Post
depth = 3
fields = ['written_by', 'content', 'date', 'files']
class AuthorViewSet(viewsets.ModelViewSet):
queryset = Author.objects.all()
serializer_class = AuthorSerializer
class PostViewSet(viewsets.ReadOnlyModelViewSet):
queryset = Post.objects.all()
serializer_class = PostSerializer
filter_backends = [filters.SearchFilter, DjangoFilterBackend]
search_fields = ['content', 'author__name']
filterset_fields = ['author__name', 'content']
If we wish to layer our REST resources with a GraphQL interface, we can follow the instructions above in the
"Quickstart" guide where we import the graphql_view
and expose it via the /graphql
url:
from graph_wrap.django_rest_framework.graphql_view import graphql_view # Addition 1: import the graphql_view
from tests.django_rest_framework_api.api import (
AuthorViewSet, PostViewSet)
router = routers.SimpleRouter()
router.register(r'author', AuthorViewSet)
router.register(r'post', PostViewSet)
urlpatterns = [
path(r'', include(api.urls)),
path(r'/graphql/', view=graphql_view), # Addition 2: Register the view under the URL /graphql.
]
Understanding the Schema
With these simple changes, we can now query the /graphql
endpoint with GraphQL queries. The structure
queries can take, as with all GraphQL APIs, is dictated by the shape of the underlying schema
(which, in this case, is dictated by the shape of the Django REST Framework API). To see what the schema looks like, run the following:
>>> from graph_wrap.django_rest_framework import schema
>>> print(schema())
schema {
query: Query
}
type Query {
author(id: Int!): author_type
all_authors: [author_type]
post(id: Int!): post_type
all_posts(search: String, orm_filters: String): [post_type]
}
type author_type {
name: String!
age: Int
active: Boolean!
profile_picture: String
user: user_type!
entries: [String]!
}
type post_type {
written_by: author_type!
content: String!
date: String!
files: [post__files_type]!
rating: String
}
type post__files_type {
id: Int!
name: String!
content_type: String
size: Int
}
type user_type {
username: String!
is_staff: Boolean!
}
Important points to note about the schema produced by GraphWrap:
-
snake_case: As can be seen above, GraphWrap produces a schema in the
snake_case
convention. Whilst this is generally not favoured in GraphQL circles, it was chosen here as it would likely be more consistent with the field names on the underlying REST resources (which would use most often use the PEP8 recommended snake case convention). -
Root Query fields: For each DRF ModelViewSet in our API, GraphWrap adds to the Query type precisely two fields - one corresponding to the data accessible via a GET request to the 'list' endpoint of the resource, and one corresponding to the data accessible via a GET request to the 'detail' endpoint of the resource. If we take our AuthorViewSet as an example:
- the 'list' endpoint corresponds to the url
/author
. This maps to theall_authors
field on the Query type. Note that it is possible to change the naming convention of the list endpoint field by setting theLIST_ENDPOINT_RESOLVER_PREFIX
value insettings.py
. For example, settingLIST_ENDPOINT_RESOLVER_PREFIX = ''
will mean this list endpoint url corresponds to the nameauthors
. - the 'detail' endpoint corresponds to urls of the form '/author/{author_pk}'. This maps to the
author(id: Int!)
field on the Query type (where, in the usual GraphQL schema syntax,(id: Int!)
indicates that an integer author id must be supplied.)
- the 'list' endpoint corresponds to the url
-
ObjectType and ObjectType Field names:
- GraphWrap maps each model serializer in our DRF API to a GraphQL ObjectType (including dynamically build nested serializers.
- The naming convention of the resultant ObjectType depends from which serializer it was created:
- If the ObjectType corresponds to an explicit "non-nested" serializer, the name of the field can be
found by appending
_type
to the lowercase version name of the underlying serializer model. For example, theAuthorSerializer
corresponds to theauthor_type
in the above. - If the ObjectType comes from a dynamically created
NestedSerializer
, the name of the field follows the Django query notation:{parent_model}__{related_field}_type
. For example, in our API above thePostSerializer
is set to havedepth=3
. This creates aNestedSerializer
for thefiles
field, which corresponds to thepost__files_type
in the above.
- If the ObjectType corresponds to an explicit "non-nested" serializer, the name of the field can be
found by appending
-
Filtering (
orm_filters
andsearch
):- Currently, the
/graphql
endpoint produced by GraphWrap supports two types of filtering used by the Django REST Framework: Generic Filtering via the django_filtersDjangoFilterBackend
and SearchFilter. - When a DRF ViewSet allows filtering via the
DjangoFilterBackend
, the correspondingQuery
field on the GraphQL schema produced by GraphWrap will have an optionalorm_filters
argument. If we take ourPostViewSet
as an example, then the filtering done by the REST GET query/paul/?author__name=Paul
can be achieved via a POST request to/graphql
with the following query:
{ all_posts(orm_filters: "author__name=Paul") { content # or any fields belonging to post_type } }
- Similarly, when a DRF ViewSet allows filtering via the
SearchFilter
, the correspondingQuery
field on the GraphQL schema produced by GraphWrap will have an optionalsearch
argument. This can be used in a similar fashion.
- Currently, the
Authentication and Authorization of /graphql endpoint
The authentication/authorization applied
when querying /graphql
is the authentication/authorization defined on the resource corresponding to the root field
of the query applied. This is consistent with the way DRF handles authenticaiton/authorization.
So, for example, the following query would invoke whatever authentication/authorization
was defined on the AuthorViewSet
:
{
all_authors {
name
}
}
Making Queries: REST vs GraphQL
In this section we'll look at how various REST GET requests can be mapped to queries for the /graphql
endpoint. Again, we'll do this via examining our explicit concrete example (note that the queries
and requests pictured in this section were produced on the Insomnia
HTTP client, which has a integration with GraphQL). Some of the fields here might not match up exactly
with our example above, but hopefully the idea is clear:
'list' endpoint requests
- REST:
- GraphQL
'detail' endpoint requests
- REST
- GraphQL
Filtering
- REST
- GraphQL
Some fancier GraphQL query examples - see GraphQL queries for more
- Nesting
- Fragments
GraphWrap for Tastypie
Quick start
Core Requirements
Before using this library, the following requirements must be met:
- Your project is using
Python >= 3.6
andDjango >=2.2
.
Installing
pip install graph_wrap
Registering the GraphQL endpoint
GraphWrap exposes the GraphQL schema via a Django view graphql_view
. This view builds and exposes a GraphQL
queryable schema via a POST request to a /graphql
endpoint. The code snippet below demonstrates by example
how you can transform your Tastypie into a GraphQL schema by adding just three lines of code to your project:
# tests.urls.py
from graph_wrap.tastypie.graphql_view import graphql_view # add this line to your project
urlpatterns = [
...,
path(r'/graphql/', view=graphql_view), # Register the view under the URL /graphql.
]
In order for GraphQL to be able to build the GraphQL schema from the tastypie Api instance, it needs to know where that instance lives in your project. To allow GraphWrap to locate the Api instance, we can simply add the full path of the instance to our django settings module. For example:
# tests.settings.py
TASTYPIE_API_PATH = 'tests.urls.api'
Documentation (by Example)
In this section we give a brief overview of how to use GraphWrap via examining a simple concrete example.
Set-up
Suppose we have the following basic django models and corresponding tastypie resources ( a fully executable version of this example can be found in graph_wrap.tests):
# models.py
class Author(models.Model):
name = models.TextField()
age = models.TextField()
class Post(models.Model):
content = models.TextField()
date = models.DateTimeField()
author = models.ForeignKey(Author, null=True, on_delete=models.SET_NULL)
files = models.ManyToManyField('Media')
class Media(models.Model):
name = models.TextField()
content_type = models.TextField()
size = models.BigIntegerField()
# api.py
class AuthorResource(ModelResource):
posts = fields.ManyToManyField('tests.api.PostResource', attribute='post_set')
class Meta:
queryset = Author.objects.all()
resource_name = 'author'
filtering = {
'age': ('exact',),
'name': ('exact',),
}
class PostResource(ModelResource):
author = fields.ForeignKey(AuthorResource, attribute='author', null=True)
files = fields.ManyToManyField('tests.api.MediaResource', attribute='files')
date = fields.DateTimeField('date')
class Meta:
queryset = Post.objects.all()
resource_name = 'post'
class MediaResource(ModelResource):
class Meta:
queryset = Media.objects.all()
resource_name = 'media'
If we wish to layer our REST resources with a GraphQL interface, we can follow the instructions above in the "Quickstart" guide. Start by registering our GraphQLResource with the tastypie Api instance:
# urls.py
from django.contrib import admin
from django.urls import path, include
from tastypie.api import Api
from graph_wrap import GraphQLResource
from tests.api import AuthorResource, PostResource, MediaResource
api = Api('v1')
api.register(AuthorResource())
api.register(PostResource())
api.register(MediaResource())
api.register(GraphQLResource())
urlpatterns = [
path(r'', include(api.urls)),
path('admin/', admin.site.urls),
]
Next, add the TASTYPIE_API_PATH
to the django settings module so GraphWrap can locate the tastypie Api:
TASTYPIE_API_PATH = 'tests.urls.api'
Understanding the Schema
With these simple changes, we can now query the /graphql
endpoint with GraphQL queries. The structure
queries can take, as with all GraphQL APIs, is dictated by the shape of the underlying schema (which, in this case, is
dictated by the shape of the tastypie API). To see what the schema looks like, run the following:
>>> from graph_wrap import schema
>>> schema = schema()
>>> print(schema)
schema {
query: Query
}
type Query {
author(id: Int!): author_type
all_authors(orm_filters: String): [author_type]
post(id: Int!): post_type
all_posts(orm_filters: String): [post_type]
media(id: Int!): media_type
all_medias(orm_filters: String): [media_type]
}
type author_type {
resource_uri: String!
posts: [post_type]!
id: Int!
name: String!
age: String!
}
type media_type {
resource_uri: String!
id: Int!
name: String!
content_type: String!
size: Int!
}
type post_type {
resource_uri: String!
author: author_type
files: [media_type]!
date: String!
id: Int!
content: String!
}
Important points to note about the schema produced by GraphWrap:
-
snake_case: As can be seen above, GraphWrap produces a schema in the
snake_case
convention. Whilst this is generally not favoured in GraphQL circles, it was chosen here as it would likely be more consistent with the field names on the underlying REST resources (which would use most often use the PEP8 recommended snake case convention). -
Root Query field names: For each REST model-resource, GraphWrap adds to the Query type precisely two fields - one corresponding to the data accessible via a GET request to the 'list' endpoint of the resource, and one corresponding to the data accessible via a GET request to the 'detail' endpoint of the resource. If we take our AuthorResource as an example:
- the 'list' endpoint corresponds to the url
/author
. This maps to theall_authors
field on the Query type. - the 'detail' endpoint corresponds to urls of the form '/author/{author_pk}'. This maps to the
author(id: Int!)
field on the Query type (where, in the usual GraphQL schema syntax,(id: Int!)
indicates that an integer author id must be supplied.)
- the 'list' endpoint corresponds to the url
-
ObjectType and ObjectType Field names:
- GraphWrap maps each model-resource maps to a GraphQL
ObjectType. The name of the resultant ObjectType can be found by appending
_type
to the name of the corresponding resource. For example, theAuthorResource
, which has nameauthor
, maps to theauthor_type
GraphQL ObjectType. - The names of the fields on each ObjectType match those of the names of the fields on the corresponding resource.
- GraphWrap maps each model-resource maps to a GraphQL
ObjectType. The name of the resultant ObjectType can be found by appending
-
Filtering (
orm_filters
): Notice in the schema above that eachall_
field can be queried with an optionalorm_filters
argument. This is the GraphQL equivalent of the ORM filtering offered by tastypie on list endpoints. If we take our AuthorResource as an example (which has been defined withfiltering = {'age': ('exact',), 'name': ('exact',)})
, then the REST GET query/author/?name=Paul
can be achieved via a POST request to/graphql
with the following query:{ all_authors(orm_filters: "name=Paul") { name } }
Authentication and Authorization of GraphQLResource
The authentication/authorization applied
when querying /graphql
is the authentication/authorization defined on the resource corresponding to the root field
of the query applied. This is consistent with the way tastypie handles authenticaiton/authorization.
So, for example, the following query would invoke whatever authentication/authorization
was defined on the AuthorResource
:
{
all_authors(orm_filters: "name=Paul") {
name
}
}
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file graph-wrap-0.1.3.tar.gz
.
File metadata
- Download URL: graph-wrap-0.1.3.tar.gz
- Upload date:
- Size: 32.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.0 CPython/3.9.10
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 2c2bfa9bea464a469d49997f7ba876213548fb667a00e9448147e8513d6f334b |
|
MD5 | a2a12866341636f03492c91092ee73f9 |
|
BLAKE2b-256 | 43df78d7efd82b53be3d29a4eeed48459c98e18e2a7fff84fbdf39e5ceac1330 |
File details
Details for the file graph_wrap-0.1.3-py3-none-any.whl
.
File metadata
- Download URL: graph_wrap-0.1.3-py3-none-any.whl
- Upload date:
- Size: 33.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.0 CPython/3.9.10
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | c51542e9f3c987c670e0bbf8aee57c7826a044fbae6263cf9d51a5676ea87d45 |
|
MD5 | b846e6040d8574ebba2c2385c08be7dd |
|
BLAKE2b-256 | de47c11ed8cdfdb1da76de089aadb856b003ff5ace752ff56f6226d46e18164e |