feat: disable introspection via validation rules property

Introduce a new setting to disable introspection. Introspection remains enabled in dev/test environments, but disabled in production.
projectcaluma · Jan 30, 2024 · 18a313b · 18a313b
1 parent d04282b
commit 18a313b
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 0 deletions.
diff --git a/caluma/caluma_user/views.py b/caluma/caluma_user/views.py
@@ -8,6 +8,7 @@
 from django.http.response import HttpResponse
 from django.utils.encoding import force_bytes, smart_str
 from django.utils.module_loading import import_string
+from graphene.validation import DisableIntrospection
 from graphene_django.views import GraphQLView, HttpError
 from rest_framework.authentication import get_authorization_header
 
@@ -19,6 +20,9 @@ class HttpResponseUnauthorized(HttpResponse):
 
 
 class AuthenticationGraphQLView(GraphQLView):
+    if settings.DISABLE_INTROSPECTION:  # pragma: no cover
+        validation_rules = (DisableIntrospection,)
+
     def get_bearer_token(self, request):
         auth = get_authorization_header(request).split()
         header_prefix = "Bearer"

diff --git a/caluma/settings/caluma.py b/caluma/settings/caluma.py
@@ -52,6 +52,12 @@ def default(default_dev=env.NOTSET, default_prod=env.NOTSET):
     "RELAY_CONNECTION_MAX_LIMIT": None,
 }
 
+# If you set DISABLE_INTROSPECTION to True, any GQL client will not be able to
+# query the types and connections, making crafting queries much harder (but not
+# impossible, and this is an Open Source product, so they can still go check
+# the source).
+DISABLE_INTROSPECTION = env.bool("DISABLE_INTROSPECTION", default=default(False, True))
+
 # OpenID connect
 
 OIDC_USERINFO_ENDPOINT = env.str("OIDC_USERINFO_ENDPOINT", default=None)