Slash GraphQL CLI opens browsers on the user's behalf. This breaks workflows

I have never successfully logged into Slash GraphQL using the CLI. This post explains why.

It may seem overly convoluted, but the core issue is that the CLI assumes too much of the user’s development environment.


I use multiple web browsers. The main reason for doing this is sandboxing websites with aggro tracking via pixels or other methods. So I use Chromium for sandboxing anything related to Google - gmail, G suite apps, etc. I use Firefox with different profiles for my everyday work and personal things that do not track heavily (like this discussion forum). I use Brave for everything else.

Firefox is set as my default browser. The default profile is the most restrictive - no JS enabled.

What slash-graphql login Does

When I type slash-graphql login, the open package is used to open a autogenerated URL. This of course, opens the URL in the most restrictive profiled Firefox (because open uses xdg-open on Linux).

I want to login to Slash GraphQL using Chromium (because I want to use the Login with Google option).

Unfortunately due to the deviceCode exchange thing (I assume some JWT black magic happens), I cannot simply copy the URL ( from one browser to the next. I simply get this error:

If I validate my device on one browser, and copy and paste the resulting URL ( into Chromium, I get greeted with a Slash login page. But upon clicking Login with Google, I get this error:

The Crux of The Matter

The slash-graphql CLI assumes that I want to open the URL in the default browser. This works for a vast majority of the population. However it doesn’t work for every case. This fails the generalization test.

A Better Solution

Leave the opening of the URL to the user! Most terminal emulators support auto-linking URLs. A program may print a URL to a terminal, and most terminal emulators would be able to automatically convert that into a link. Clicking that link is equivalent to using open to open the link. And for those who don’t want to click the link, they may just copy and paste the URL into a browser of choice.

1 Like

Isn’t there a way to give the CLI an admin API key?