Installation¶
Graphene-Django takes a few seconds to install and set up.
Installation¶
pip install graphene-django
We strongly recommend pinning against a specific version of Graphene-Django because new versions could introduce breaking changes to your project.
Add graphene_django to the INSTALLED_APPS in the settings.py file of your Django project:
INSTALLED_APPS = [
...
"django.contrib.staticfiles", # Required for GraphiQL
"graphene_django"
]
We need to add a graphql URL to the urls.py of your Django project:
For Django 1.11:
from django.conf.urls import url
from graphene_django.views import GraphQLView
urlpatterns = [
# ...
url(r"graphql", GraphQLView.as_view(graphiql=True)),
]
For Django 2.0 and above:
from django.urls import path
from graphene_django.views import GraphQLView
urlpatterns = [
# ...
path("graphql", GraphQLView.as_view(graphiql=True)),
]
(Change graphiql=True to graphiql=False if you do not want to use the GraphiQL API browser.)
Finally, define the schema location for Graphene in the settings.py file of your Django project:
GRAPHENE = {
"SCHEMA": "django_root.schema.schema"
}
Where path.schema.schema is the location of the Schema object in your Django project.
The most basic schema.py looks like this:
import graphene
class Query(graphene.ObjectType):
hello = graphene.String(default_value="Hi!")
schema = graphene.Schema(query=Query)
To learn how to extend the schema object for your project, read the basic tutorial.
CSRF exempt¶
If you have enabled CSRF protection in your Django app
you will find that it prevents your API clients from POSTing to the graphql endpoint. You can either
update your API client to pass the CSRF token with each request (the Django docs have a guide on how to do that: https://docs.djangoproject.com/en/3.0/ref/csrf/#ajax) or you can exempt your Graphql endpoint from CSRF protection by wrapping the GraphQLView with the csrf_exempt
decorator:
# urls.py
from django.urls import path
from django.views.decorators.csrf import csrf_exempt
from graphene_django.views import GraphQLView
urlpatterns = [
# ...
path("graphql", csrf_exempt(GraphQLView.as_view(graphiql=True))),
]