Prisma1: Add option to limit access to endpoints to IP/host name

Created on 11 Sep 2017  路  9Comments  路  Source: prisma/prisma1

Add an option to the project settings to only allow request from certain IP or hosts.

picture kbrandwijk
👍7

All 9 comments

locking down access to trusted systems is an interesting topic.

I could also imagine other ways you might want to do this:

  • A special header that provides access on a level above the permission system.
  • VPN

Especially I am concerned that an ip based approach doesn't play well with serverless infrastructure such as API Gateway, Lambda, Zeit now.

sorenbs picture sorenbs on 12 Sep 2017

Regarding that last option, they would use server-to-server authentication with a PAT. I think the IP limitation would be more for public access, not for authenticated calls.

kbrandwijk picture kbrandwijk on 12 Sep 2017

This is becoming more important now when using a API Gateway. Any news on this?
I think a mandatory header might be a good first step.

kbrandwijk picture kbrandwijk on 30 Oct 2017
👍1

I think its really important to protect the schema download as it is fairly sensitive. A mandatory header with an auth token would be a good way to go about it.

mbiqbal picture mbiqbal on 31 Oct 2017

wanted to chime in and add my support for a feature of this nature. and really, i'm not sure if this should be called a feature rather than a necessity. i've only been developing in RN for maybe 5 months, and only discovered GC about 3 months ago. so my focus hasn't been security - i was just following docs and assuming that security was built in.

so i'm a little terrified to discover what's possible by having your endpoint exposed. i had no idea until i pasted it into a browser where i wasn't logged into the console. you may not be able to download the schema in a clean shot, but you can easily map it out by using the console suggestions.

and yes, i've added permissions to my types, but i didn't even get around to that until a couple weeks ago. how many new users tackle that before getting a handle on GC queries/mutations, apollo, etc? how many users forget to revisit even after they know what they're doing, or do it slightly wrong?

blaneyneil picture blaneyneil on 26 Dec 2017

From my standpoint it's a security problem not to have the option of protecting the schema from public access. I had been thinking that after having set up permissions the public schema querying wouldn't be available and, to my horror, it is. It's a really awesome feature and I love it, but not having an option to hide it from the wide public ... ?

Please, care about thinking adding behavior options at least for

  • not accessing the playground at all
  • accessing the playground but non auto-suggestion and not schema tab
  • accessing only for the permissions that do not require authentication

From an API standpoint it's completely understandable that it is default behavior. But for those who use GraphCool as their main database, exposing the design of the database is a security concern, or maybe GraphCool shouldn't be used for that purpose ?

Edit : Discussed here

oreglio picture oreglio on 11 Jan 2018

@sorenbs Any update on this?

mbiqbal picture mbiqbal on 22 Jan 2018

This issue has been moved to graphcool/graphcool-framework.

marktani picture marktani on 23 Jan 2018
😕1

^ Link above does not redirect to the actual issue.

Here you go: https://github.com/graphcool/graphcool-framework/issues/225

stnwk picture stnwk on 2 Mar 2018
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

nikolasburk picture nikolasburk  路  3Comments
marktani picture marktani  路  3Comments
schickling picture schickling  路  3Comments
tbrannam picture tbrannam  路  3Comments
hoodsy picture hoodsy  路  3Comments