Examples on interacting with the GraphQL API for administration¶

Login¶

To login and fetch an API token for executing mutations in the database, use the login query.

This will return a token to be used for mutations and queries that require an authenticated user. Keep a copy of the generated token which is good by default for 7 days. After 7 days, you will need to login again to generate another token.

In [1]:

import requests
# This is the endpoint for the GraphQL API. On a production installation it might be http://<yourservername>/api .
API_URL = "http://localhost:4000/graphql"

import requests # This is the endpoint for the GraphQL API. On a production installation it might be http:///api . API_URL = "http://localhost:4000/graphql"

In [2]:

query = """ mutation {
  login(email: "admin@deepsea-ai.org", password: "gulpereel") {
    is_admin
    token
  }
}
"""

reply = (requests.post(API_URL, json={'query': query}).json())
print(reply)
AUTH_TOKEN = reply['data']['login']['token']
print(f'\nYour authentication token is:\n{AUTH_TOKEN}')

query = """ mutation { login(email: "admin@deepsea-ai.org", password: "gulpereel") { is_admin token } } """ reply = (requests.post(API_URL, json={'query': query}).json()) print(reply) AUTH_TOKEN = reply['data']['login']['token'] print(f'\nYour authentication token is:\n{AUTH_TOKEN}')

{'data': {'login': {'is_admin': True, 'token': 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjEsImlhdCI6MTY1NjAyMzU0NCwiZXhwIjoxNjU2NjI4MzQ0fQ.2unvV3c66VsJF2hfr7FMwXLjhWT1rouLXihNhVT3Bqc'}}}

Your authentication token is:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjEsImlhdCI6MTY1NjAyMzU0NCwiZXhwIjoxNjU2NjI4MzQ0fQ.2unvV3c66VsJF2hfr7FMwXLjhWT1rouLXihNhVT3Bqc

The returned token can be used in the GraphiQL section REQUEST HEADERS in the Bearer field

Get an authentication token¶

Users with administrative rights can generate API tokens for users that have no expiration. This is useful, for example, for automated loading.

In [3]:

def gen_authentication_token(login: str):
    query = """ mutation
        getAuth($login: String!) {
          generateAuthToken(login: $login)  {
            token
            success
            message
          }
        }
        """
    variables = {"login" : login }
    reply = (requests.post(API_URL, headers={'Authorization': f'Bearer {AUTH_TOKEN}'}, json={'query': query, 'variables': variables}).json())
    return reply

data = gen_authentication_token("dcline")

def gen_authentication_token(login: str): query = """ mutation getAuth($login: String!) { generateAuthToken(login: $login) { token success message } } """ variables = {"login" : login } reply = (requests.post(API_URL, headers={'Authorization': f'Bearer {AUTH_TOKEN}'}, json={'query': query, 'variables': variables}).json()) return reply data = gen_authentication_token("dcline")

In [4]:

data

data

Out[4]:

{'data': {'generateAuthToken': {'token': 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjE1LCJpYXQiOjE2NTYwMjM1NDQsImV4cCI6MTY1NjYyODM0NH0.8Ctj5rlkQdj5FUv9rCHXo3M7P9nN-KFPMGwKVTrGqzc',
   'success': True,
   'message': 'Generated authentication token for user dcline '}}}

Copyright (c) 2022, MBARI