Advanced GraphQL, v2

Advanced GraphQL, v2 Code Base Overview

Learning Paths:
Topics:
Scott Moss
Scott Moss
Netflix
Check out a free preview of the full Advanced GraphQL, v2 course:
The "Code Base Overview" Lesson is part of the full, Advanced GraphQL, v2 course featured in this preview video. Here's what you'd learn in this lesson:

Scott gives a tour of the course code repository, shows where to find the GraphQL server, and explains that the authentication system is already set up.

Get Unlimited Access Now

Transcript from the "Code Base Overview" Lesson

[00:00:00]
>> So if you didn't get a chance to pull the ripple down, pull it down. I'm just gonna give you a tour of what's happening. So if you're on the master branch, which you should, that's what we're gonna be starting. There's also a solution branch that has all the code that will be finishing for this curriculum.

[00:00:17] So you can always check that out for references, or if you just get to the point where you want to see how I did something, go check it out. There's no one way to do any of the stuff that we're doing today. There's many ways to do all the stuff we're doing today.

[00:00:30] So that's just a reference. Your invitation might also be pretty good, too. So anyway, walking into the source folder, you have a couple of files here. We have author js, you're gonna be im a lot of work in here for this exercise, we'll get to it. Directives, so we'll get to this later.

[00:00:46] Don't worry about what's in there. The index file, this is where we actually create our graph kill server. So the thing to note here is, we already have some type definitions, we have some resolvers. And we have this context object that's doing some authentication. So already have set up for you.

[00:01:03] And JWT based authentication system in the context objects. And basically, what I'm doing here, is I'm just grabbing the token, if there is a token from the authorization header, and I'm trying to see if I can straight that token for a user. And if I can, I pass it down on the context objects.

[00:01:20] That user may be null, this function handles any errors, if there is no token and there is no user, it won't break, it'll just set use it to Nolan. You just have a no user. So this doesn't block any execution from graph QL. This is only for authorization.

[00:01:36] It's trying to figure out if the user is who they say they are, and if they're not, its job is not to break the execution of graph QL, because our whole server would be locked down, and that's not what we want. We don't want our whole server to be locked down because the user isn't authorized.

[00:01:53] Because we might have things that we don't care if you authorize or not. So we don't wanna lock it down. We just wanna figure out who you are and pass it down. If you're nobody, we're gonna pass nobody down. That's basically what's happening here. So all this is given to you for free.

[00:02:05] Resolvers, these are all the resolvers that I already created for our server. Once you look at the type definitions, you'll understand. Basically, this server is going to be based on a social network. So we have users, we have posts, users have settings, we have a feed, things like that.

[00:02:24] And these are all the resolvers for that. You'll notice in here that most of the resolvers are gonna be using the user for doing any type of interaction with our, our mock database here that I'll get to in a little bit. And you'll see a little comment up here that saying, pretty much any query or mutation resolver using a user for a database query requires authentication.

[00:02:47] So first is one that doesn't, this public resolver function for the feed, this has no authentication, cuz it's a public feed of posts. So you wouldn't need to authenticate this. But for instance, if you wanted to get a user's settings, well, yeah, you might need to be authenticated to get your own settings.

[00:03:03] So, and you know that, because we're using the user ID inside the database. Type definitions, here's exactly what our API looks like. We have some up here. We have AI type user, because social networks have users. We have an authenticated user, which is a user with a JWT on it.

[00:03:21] We have a post that users can use to create post, settings which belongs to a user. We have an invite used to invite people if you're a certain role. And then, we have a whole bunch of queries and stuff. So for instance, the queries we have here is be able to get yourself with me.

[00:03:40] You can get all the posts, you can get one post, you can get gesture settings, and you can get the public feed. And then, for mutations, you can update your settings. You can create a post, update yourself, you can do an invite, and you can sign up and sign in.

[00:03:55] So a lot of things that are given to you for free, so this seems like a complete server to you. And you're like, what is this course about? Yeah, this is just the beginning. Everything else is gonna be on top of that. So this is all you know about graph kil do is how to do this.

[00:04:07] You're in the right course. And next thing here is we got this utils function. There's only one function here, and it's helpful for something later on today. It's formatting a date and stuff like that. And the last thing we'll talk about is the database. So I don't have a real database in here, because the dependency of that is just too crazy for this course.

[00:04:25] So I'm using something called the low db, which is low-database. And it's based of on a JSON file, so you have a JSON file here, that database rights to you synchronously. And then, I just went ahead and created some mock models very similar to what you have in an auditorium, like mongoose, or sequel, or something like that.

[00:04:44] That will basically give you all these methods. So find one, find Mini, update one, remove, create one, create Mini, stuff like that. So you'll have access to that models objects, which is basically this, models that settings, models that post, models not user, you have access to that, inside the context object, because I'm passing it down here.

[00:05:07] So all your resolvers will have access to DB and models. So you don't have to import any of that. I'm a big fan of trying to pass things down. To the resolvers, the concepts, as much as possible, without having an import them, cuz they're lot easier to test, cuz you can mark those things out by injecting things into the arguments, versus having to mark things out that you imported on top.

[00:05:29] Cool, that's the tour of the also there's some test in here, we'll get to test later, so you don't have to worry about that. As far as scripts package that JSON, if you run the yarn dev script, this will start the server and keep reloading it for you if you make changes, so you don't have to worry about anything.

[00:05:45] The start command is for production. And when we get the test, you have a test command that will run your test. But the command you interested in is gonna be Dev. So yarn dev or NPM run dev, cool. Any questions on the turning point? Yes.
>> So index js, he mentioned that the user, if it get used from token fails, if there's no token whatever user is passed down is no, but I noticed that in the resolvers, you reference user ID for it or user.id.

[00:06:17]
>> Yeah.
>> How does Apollo server handle get errors, [INAUDIBLE].
>> So after authentication, I'm sorry. Later today, we're gonna talk about error handling. But you're right, that will break. And what you're about to do right now is fix it. Cuz that's 100% gonna break. Yes, good question.