Table of Contents
IntroductionScott Moss explains that the course will mainly cover advanced features of GraphQL APIs, and gives a refresher about the main parts of GraphQL, namely type definitions, resolvers, schema, data sources, queries, and mutations.
Create a GraphQL ServerScott reviews GraphQL fundamentals by live coding a GraphQL API from scratch using a schema, resolvers, and the Apollo Server.
Auth in GraphQL OverviewScott reviews the difference between authentication and authorization and how this relates to GraphQL. Authentication is used to identify a user, and authorization is used to determine if a user is allowed to perform specific operations on specific resources.
GraphQL Auth ApproachesScott gives an overview of the repository, and the various approaches to add authentication to GraphQL APIs.
Code Base OverviewScott gives a tour of the course code repository, shows where to find the GraphQL server, and explains that the authentication system is already set up.
Authenticated Helper ExerciseThe students are instructed to write an authenticated helper. Scott gives a few hints regarding how to solve the exercise.
Authenticated Helper SolutionScott live codes the solution to the authenticated helper exercise, and answers questions about data validation and authentication.
Real-time SubscriptionsScott explains that there are two ways to access real-time data: subscriptions or live queries. Subscriptions are well-supported GraphQL operations that are useful for notifying clients of events. Queries are extremely experimental.
Adding SubscriptionsScott explains that subscriptions must be added to a schema like queries and mutations, and a pubsub protocol needs to be set up on the server side.
Adding Subscriptions ExerciseThe students are instructed to add a subscription to new posts and to publish the subscription when a post is created, add authentication to the subscription, and using the subscription field.
Adding Subscriptions SolutionScott live codes the solution to the adding subscriptions exercise.
Errors & Testing
Error HandlingScott explains that errors will be caught by GraphQL, and an error property in the form of an array of errors will be returned. This differs from the usual error handling within the server: instead of giving a status code, GraphQL errors give more information through extensions.
Formatting & Error CodesScott demonstrates how to use authentication error handlers, explains that error handling and messaging is flexible in GraphQL, and adds that the engineer can choose what errors to report when working with GraphQL.
Testing Resolvers, the Schema, & the ServerScott explains why it is easier to set up testing on the back-end, and gives a survey of what resolvers are, how to test them, along with how to test the schema and the serve.
Testing SetupScott explains that in GraphQL, mocks will ignore the resolvers and create dummy data for the different tests. This feature gives front-end engineers a good way to run tests without needing to interact with the server.
Errors & Testing ExerciseThe students are instructed to use Apollo error classes to handle errors and to create integration tests for queries and mutations.
Errors & Testing Solution: MutationScott live codes the solution to the errors and testing exercise, and builds a mutation test in this first part of the solution.
Errors & Testing Solution: ResolversScott live codes the second part of the solution to the testing exercise, and builds the testing resolvers. GraphQL tests only function when testing simple queries and mutations, while Apollo tests directives too.
DirectivesScott defines directives as identifiers that enable adding logic to metadata, schemas, queries or mutations, and demonstrates how to use the @deprecated directive. Directives give control down to the field level on TypeDefs, eliminate post processing on clients after a query, and are extendable.
Client Directives: skip & includeScott explains what client directives are and presents two kinds of parent directives on the client side. These directives allow users to either skip or include a field in a schema.
Custom DirectivesScott live codes a custom directive after explaining that custom directives can be challenging to people new to GraphQL. They require a definition of the schema and logic to determine when the directive is used.
Custom Directives ArgumentsScott explains that directives can take in arguments. Arguments explain why a directive was added to the schema. In the case of the log directive, the argument sends a message to the user when the user logs in. Directives with log arguments lead to cleaner code.
Custom Directives ExerciseThe students are instructed to create a custom date format directive for the fields that format timestamps, to write a field level authentication directive, and to add directives to the schema.
Custom Directives Solution: Date FormattingScott live codes the first part of the solution to the custom directives exercise by adding a custom date format to the timestamp directive.
Custom Directives Solution: Authorization & AuthenticationScott live codes the second part of the solution to the custom directives exercise by adding authentication and authorization directives to the schema, and explains that using authorization directives can lead to cleaner code than if the code was written using subscriptions.
Deploy & Cache
Deploy to RenderScott demonstrates how to push a GraphQL application to production using a third party tool named render.
CachingScott recommends systematically running client-side caching, explains that in GraphQL application caching is preferred by most, but that popular opinion is moving over to HTTP caching, and recommends using HTTP caching.