1

I was wondering: what is the best practice to create a connection to Neo4j through the neo4j-php-ogm library if I am using username and password authentication?

In the documentation it states that connections are created by following:

use GraphAware\Neo4j\OGM\EntityManager;
$manager = EntityManager::create('http://localhost:7474');

So I am using the same in my graph manager:

$client = Manager::create('http://username:password@localhost:7474');

I have a feeling that this is not the safest way because I am only using http and sending the credentials in the URL. What would be a better way to establish a connection including authentication?

Sidenote: The Manager::create instead of the EntityManager::create as noted in the documentation is because installing the library via composer gets an older version than currently on GitHub if im not mistaken.

Mfbaer
  • 465
  • 3
  • 15

1 Answers1

1

You can just provide them as part of the uri defined for your connection :

$manager = EntityManager::create('http://neo4j:password@localhost:7474');

Note that there are not sent as such for security reasons, instead the username and password are extracted with parse_url and provided as connection parameters.

For the second part, yes the current 1.0 branch reflects changes that are not tagged yet. I should make a new beta release this week.

Christophe Willemsen
  • 19,399
  • 2
  • 29
  • 36
  • Thanks Christophe for the fast answer! Maybe it would be a good idea to mention this (authentication) in the documentation? I have once again started an attempt to create a Neo4jUserBundle for Symfony using your new neo4j-php-ogm, if interested I will let you know when I have a working bundle. – Mfbaer Jun 06 '16 at 12:11
  • Thanks ! I think things will get easier for you know for the symfony bundle. – Christophe Willemsen Jun 06 '16 at 12:18
  • Please please let me know how it goes – Christophe Willemsen Jun 06 '16 at 12:18
  • @Joran I have released the 1.0.0-beta3 with some improvements and the EntityManager instead of Manager – Christophe Willemsen Jun 06 '16 at 20:53
  • Perfect! Now running as documented. FYI: Registration and login are working, now creating profile, password reset and so on. Two quick questions: Can I use "AND"/"OR" in "findOneBy()"/"findBy()"? Can I send raw cypher queries or should I use another library for this? I need to integrate Neo4j spatial in my project. – Mfbaer Jun 07 '16 at 09:09
  • @Joran Currently no OR/AND possible. You can use custom cypher queries in repositories with QueryResult classes, please open an issue on the repo or contact me by email christophe at graphaware dot com – Christophe Willemsen Jun 07 '16 at 10:21
  • Thank you for the information. I have now uploaded a bundle to GitHub (working for me): https://github.com/JoranBeaufort/Neo4jUserBundle. In the next few weeks I will try to add spatial functions to your OGM. Annotations like `@OGM\Property(type="point")` or `@OGM\Property(type="linestring")` might be the way to go... – Mfbaer Jun 13 '16 at 11:23
  • 1
    @Joran cool, this week I should work on lazy loaded relationships, so stay tuned ;-) – Christophe Willemsen Jun 13 '16 at 11:30