GitHub Repository has been updated.
Updates for GraphQL Authentication for SambaPOS 5.1.62+
GraphQL requires Authentication from Apps as of v5.1.62. This involves configuring an Application in:
Manage > Users > Applications
For GQL Modules you can identify the Application however you want, but you need the Client Id (
Identifier) in SambaPOS to match
GQLclientId variable in
SambaPOS Application Configuration
It is also important to note that GraphQL Authentication is able to determine if the App is trying to access the engine on the Local Network, or from another Network such as the Internet. So you need to properly set the Authorization Type in SambaPOS to coincide with the type of access you are trying to provide. Note in my previous screenshot for setting up the Application, I have the Auth Type set to All Functions. This means I can access GraphQL from an App (GQLModules) from outside the Local Network, that is, from a remote location on the Internet.
GQL Modules Configuration (
Set the variable for
config_auth.js so that it matches the Application
Identifier configured in SambaPOS. You can also set the
GQLsecret variable if you configured an App Secret for the Application in SambaPOS. The variable for
GQLappPassword should be left empty so that you will be prompted for this information using the Login Forms.
Configure an Application
User in SambaPOS
Create a User in SambaPOS that you will use for GraphQL Authentication. Be sure to have a strong Password for this User.
App Authentication and PIN Login
This update includes Login Forms to prompt the operator for the Username and Password to Authenticate the App, and it has a 2nd prompt for a User PIN to identify which SambaPOS User is using the GQLModules App. The PIN Login has nothing to do with GraphQL Authentication. These are separate things ...
Both the Application Authentication and PIN Login are cached in Browser Storage so the next time you open your Browser, the Authentication and PIN Login are "automatic" ...
Once you have performed App Authentication using the Username and Password, you should never need to do it again.
But there may be times when you want to switch the Registered User. For example, if you are using the POS Module, you might want to change the User on a Tablet so the Users Tickets are properly tracked. This can be done by Logging out, and you will be prompted for a PIN to register the User. Remember, this has nothing to do with GraphQL Authentication (that has already been done with a Username and Password); this is only to register the User of GQL Modules ...