For a new project I’m working on, I had to code a GraphQL API with Laravel. I pulled in the Lighthouse GraphQL Server package, which was f and started to follow . While most things worked as I expected, I spent quite a lot of time debugging some that didn’t and weren’t documented anywhere, so after I figured them out, I thought this article could help others facing the same position. eatured on Laravel News some weeks ago the documentation Password length checking Imagine you have a createUser mutation to, uhhh, create users. It’s using the directive (provided by Lighthouse) to make our life easier: The code is as follows: @bcrypt type Mutation {createUser(name: String @rules(apply: ["required"])email: String @rules(apply: ["required", "email", "unique:users,email"])password: String @rules(apply: ["required", "string", "min:6", "max:255"]) @bcrypt): User @create(model: "App\\User")} You’d expect a password with two characters to throw an error, but it actually works. Apparently, the client hashes the password and then performs validation. As a workaround, you can move the migration’s logic to a controller by executing and then manually hashing and creating a User. php artisan lighthouse:mutation CreateUser **<?php**namespace App\Http\GraphQL\Mutations; use App\User;use GraphQL\Type\Definition\ResolveInfo;use Nuwave\Lighthouse\Support\Contracts\GraphQLContext; class CreateUser {public function resolve($rootValue, array $args, GraphQLContext $context = null, ResolveInfo $resolveInfo){return User::create(['username' => $args['username'],'email'    => $args['email'],'password' => bcrypt($args['password']),]);}} Policies Lighthouse features a directive to check if the user's authorized to perform the specified action, but it only works for generic models (meaning you can check if the user has permissions to create models, but you can't check permissions like deletion against a singular model). The workaround for this is, again, move your mutation/query to a controlling, and check for permission there. @can **<?php**namespace App\Http\GraphQL\Mutations; use App\SecureResource;use GraphQL\Type\Definition\ResolveInfo;use Nuwave\Lighthouse\Support\Contracts\GraphQLContext; class DoSecureStuff {public function resolve($rootValue, array $args, GraphQLContext $context = null, ResolveInfo $resolveInfo){abort_unless(request()->user()->can('update', SecretResource::find($args['id']));// do stuff}} Organizing routing If you’re using this library in a relatively-large project, your might be a +200 LOC mess. If you wanna tidy it up a little bit, you can divide it into smaller files like or and include them in your main schema: schema.graphql user.graphql pages.graphql #import user.graphql#import pages.graphql#import something-else.graphql But be careful! You can only have one and one type. You'll have to extend the others: Query Mutation extend type Query {    pages: [Page!]! @paginate(type: "paginator" model: "App\\Page")}

extend type Mutation {    deletePage( id: ID! @rules(apply: ["required"]) ): User @delete(model: "App\\Page")} Debugging GraphQL errors This library is exceptionally difficult to debug, because the GraphQL handler catches all the errors to avoid failing to the client, and returns instead of the result. To overcome this, you can update the configuration file for the package ( ): null lighthouse.php /*|--------------------------------------------------------------------------| Debug|--------------------------------------------------------------------------|| Control the debug level as described in | Debugging is only applied if the global Laravel debug config is set to true.|*/-    'debug' => Debug::INCLUDE_DEBUG_MESSAGE | Debug::INCLUDE_TRACE,+    'debug' => Debug::INCLUDE_DEBUG_MESSAGE | Debug::RETHROW_INTERNAL_EXCEPTIONS http://webonyx.github.io/graphql-php/error-handling/ Conclusion While it still needs some work, this package makes it incredibly easy to develop GraphQL APIs with Laravel. And, if you’re using this library in a project, I’d recommend you to spend five minutes of your time writing an appreciation note to . They’ll surely appreciate it! the collaborators Originally published in my blog .

Building a product in a week

How to get Laravel projects up-and-running locally

Generate audio versions of your articles with Blogcast

Read My Stories

Too Long; Didn't Read

Make resilience your competitive advantage

Laravel GraphQL Gotchas

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

Building a product in a week

10 GraphQL Dev Tools for Making API Building a Lot Easier

110 Stories To Learn About Graphql

2022 Noonies Programming Nominee Roy Derks on GraphQL, React, and More

2018 Web Development Predictions

Building a product in a week

10 GraphQL Dev Tools for Making API Building a Lot Easier

110 Stories To Learn About Graphql

2022 Noonies Programming Nominee Roy Derks on GraphQL, React, and More

2018 Web Development Predictions

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps