Scott Moss
Superfilter AI
Advanced GraphQL, v2
3 hours, 25 minutes CC
Course Description
Become a GraphQL master by learning to build production-ready GraphQL APIs in Node.js and Apollo Server. Learn to secure your API with authentication, handle errors within resolvers, and add in integration and unit tests. You’ll also learn to access realtime data using subscriptions and expand on the capability and flexibility of GraphQL with custom directives!
This course and others like it are available as part of our Frontend Masters video subscription.
Preview
CloseCourse Details
Published: February 17, 2020
Learning Paths
Learn Straight from the Experts Who Shape the Modern Web
Your Path to Senior Developer and Beyond
- 200+ In-depth courses
- 18 Learning Paths
- Industry Leading Experts
- Live Interactive Workshops
Table of Contents
Introduction
Section Duration: 14 minutes
Scott Moss explains that the course will mainly cover advanced features of GraphQL APIs, and gives a refresher about the main parts of GraphQL, namely type definitions, resolvers, schema, data sources, queries, and mutations.
Scott reviews GraphQL fundamentals by live coding a GraphQL API from scratch using a schema, resolvers, and the Apollo Server.
Authentication
Section Duration: 37 minutes
Scott reviews the difference between authentication and authorization and how this relates to GraphQL. Authentication is used to identify a user, and authorization is used to determine if a user is allowed to perform specific operations on specific resources.
Scott gives an overview of the repository, and the various approaches to add authentication to GraphQL APIs.
Scott gives a tour of the course code repository, shows where to find the GraphQL server, and explains that the authentication system is already set up.
The students are instructed to write an authenticated helper. Scott gives a few hints regarding how to solve the exercise.
Scott live codes the solution to the authenticated helper exercise, and answers questions about data validation and authentication.
Subscriptions
Section Duration: 33 minutes
Scott explains that there are two ways to access real-time data: subscriptions or live queries. Subscriptions are well-supported GraphQL operations that are useful for notifying clients of events. Queries are extremely experimental.
Scott explains that subscriptions must be added to a schema like queries and mutations, and a pubsub protocol needs to be set up on the server side.
The students are instructed to add a subscription to new posts and to publish the subscription when a post is created, add authentication to the subscription, and using the subscription field.
Scott live codes the solution to the adding subscriptions exercise.
Errors & Testing
Section Duration: 40 minutes
Scott explains that errors will be caught by GraphQL, and an error property in the form of an array of errors will be returned. This differs from the usual error handling within the server: instead of giving a status code, GraphQL errors give more information through extensions.
Scott demonstrates how to use authentication error handlers, explains that error handling and messaging is flexible in GraphQL, and adds that the engineer can choose what errors to report when working with GraphQL.
Scott explains why it is easier to set up testing on the back-end, and gives a survey of what resolvers are, how to test them, along with how to test the schema and the serve.
Scott explains that in GraphQL, mocks will ignore the resolvers and create dummy data for the different tests. This feature gives front-end engineers a good way to run tests without needing to interact with the server.
The students are instructed to use Apollo error classes to handle errors and to create integration tests for queries and mutations.
Scott live codes the solution to the errors and testing exercise, and builds a mutation test in this first part of the solution.
Scott live codes the second part of the solution to the testing exercise, and builds the testing resolvers. GraphQL tests only function when testing simple queries and mutations, while Apollo tests directives too.
Directives
Section Duration: 51 minutes
Scott defines directives as identifiers that enable adding logic to metadata, schemas, queries or mutations, and demonstrates how to use the @deprecated directive. Directives give control down to the field level on TypeDefs, eliminate post processing on clients after a query, and are extendable.
Scott explains what client directives are and presents two kinds of parent directives on the client side. These directives allow users to either skip or include a field in a schema.
Scott live codes a custom directive after explaining that custom directives can be challenging to people new to GraphQL. They require a definition of the schema and logic to determine when the directive is used.
Scott explains that directives can take in arguments. Arguments explain why a directive was added to the schema. In the case of the log directive, the argument sends a message to the user when the user logs in. Directives with log arguments lead to cleaner code.
The students are instructed to create a custom date format directive for the fields that format timestamps, to write a field level authentication directive, and to add directives to the schema.
Scott live codes the first part of the solution to the custom directives exercise by adding a custom date format to the timestamp directive.
Scott live codes the second part of the solution to the custom directives exercise by adding authentication and authorization directives to the schema, and explains that using authorization directives can lead to cleaner code than if the code was written using subscriptions.
Deploy & Cache
Section Duration: 14 minutes
Scott demonstrates how to push a GraphQL application to production using a third party tool named render.
Scott recommends systematically running client-side caching, explains that in GraphQL application caching is preferred by most, but that popular opinion is moving over to HTTP caching, and recommends using HTTP caching.
Wrapping Up
Section Duration: 12 minutes
Scott wraps up the course, and thanks the audience. Questions are answered about the GraphQL federation, performance, caching strategy, how to limit query depth, and why using Apollo client for a greenfield project is the best option.
Learn Straight from the Experts Who Shape the Modern Web
- In-depth Courses
- Industry Leading Experts
- Learning Paths
- Live Interactive Workshops