PRINCIPAL JOLLOF RICE ADVOCATE
4
A NIGERIAN MOUTH-WATERING DELICACY. TRY IT TODAY!
Slide 5
Slide 5 text
COMMUNITY DEVELOPER ADVOCATE
5
forloop Africa
Laravel Nigeria
Angular Nigeria
Slide 6
Slide 6 text
OPEN SOURCE ENGINEER / DEVELOPER ADVOCATE
6
@unicodeveloper
Slide 7
Slide 7 text
7
Look at all the data!
Where do I start from?
BuzzJS NYC 2018
Slide 8
Slide 8 text
How many clients will consume this data?
8
BuzzJS NYC 2018
Slide 9
Slide 9 text
9
BuzzJS NYC 2018
Slide 10
Slide 10 text
What’s an effective way to fetch this data?
10
REST
BuzzJS NYC 2018
Slide 11
Slide 11 text
11
REST is great but...
▰
▰
▰
▰
BuzzJS NYC 2018
Slide 12
Slide 12 text
How do we fetch data effectively & fast?
12
Okay Prosper, what will save us?
BuzzJS NYC 2018
Slide 13
Slide 13 text
13
BuzzJS NYC 2018
Source: https://goo.gl/AvC3Yg
Slide 14
Slide 14 text
What’s GraphQL?
14
▰
▰
▰
BuzzJS NYC 2018
Slide 15
Slide 15 text
15
BuzzJS NYC 2018 Build a Schema on the Server
Slide 16
Slide 16 text
16
BuzzJS NYC 2018 Construct a query on the client to fetch data
Fetch whatever
data you want at
once!
Slide 17
Slide 17 text
17
Data sent back to the Client
BuzzJS NYC 2018
Slide 18
Slide 18 text
18
BuzzJS NYC 2018
GraphQL Playground: Query your Schemas
Slide 19
Slide 19 text
“
19
19
Slide 20
Slide 20 text
Build the Schema & GraphQL Server with Apollo Server
20
Slide 21
Slide 21 text
Build the Schema & GraphQL Server
21
apollographql.com/docs/apollo-server/v2
Slide 22
Slide 22 text
“
22
22
Slide 23
Slide 23 text
Data Fetching With Apollo Client
23
Fetch data
declaratively
Slide 24
Slide 24 text
State Management with Apollo Link State
24
Slide 25
Slide 25 text
Manage local State
25
Request for
local data with
@client directive
github.com/apollographql/apollo-link-state
Slide 26
Slide 26 text
Use the Client to query efficiently
26
apollographql.com/docs/react
Slide 27
Slide 27 text
“
27
27
Slide 28
Slide 28 text
APOLLO ENGINE - New Relic for GraphQL
28
Slide 29
Slide 29 text
APOLLO ENGINE - QUERY & SCHEMA ANALYSIS
29
Slide 30
Slide 30 text
30
APOLLO ENGINE
apollographql.com/engine
apollographql.com/docs/engine
Slide 31
Slide 31 text
31
Slide 32
Slide 32 text
Authentication &
Authorization
32
BuzzJS NYC 2018
Slide 33
Slide 33 text
AUTHENTICATION & AUTHORIZATION
33
...DIFFERENT WAYS OF
GOING ABOUT THIS!
Slide 34
Slide 34 text
34
Typical REST API authentication middleware
Slide 35
Slide 35 text
AUTHENTICATION & AUTHORIZATION
35
...how can we achieve this in
GraphQL?
Slide 36
Slide 36 text
GENERAL: BUILD THE CONTEXT OBJECT
36
..build the context object with
info from the request
headers.
Slide 37
Slide 37 text
37
...now we have context.user
Slide 38
Slide 38 text
Context Object? Oh Yeah!
38
The context object is passed
to every single resolver at
every level.
Slide 39
Slide 39 text
Resolver Level Auth.
39
1
Slide 40
Slide 40 text
Resolver Level Auth.
40
Resolvers have the ability to check user roles
or scopes and make authorization decisions.
Slide 41
Slide 41 text
41
...Allow access for this particular user
Slide 42
Slide 42 text
Resolver Level Auth. Repetitive?
42
...the approach is great but imagine doing this
check for every resolver. Ah!
Slide 43
Slide 43 text
Resolver Level Auth. Abstract the code.
43
Write once, call it anywhere & everywhere.
Slide 44
Slide 44 text
44
Slide 45
Slide 45 text
▰
▰
▰
▰
Apollo Server 2.0 RC
Slide 46
Slide 46 text
More Info on Error Handling:
apollographql.com/docs/apollo-server/v2/feat
ures/errors.html
Slide 47
Slide 47 text
Auth. Delegation to Models
47
2
Slide 48
Slide 48 text
Recommendation
48
Clog your resolvers with data fetching
and mutation logic.
Move them to Models.
Slide 49
Slide 49 text
49
Slide 50
Slide 50 text
Recommendation
50
Go ahead and perform the
authorization inside the Model.
Slide 51
Slide 51 text
51
Slide 52
Slide 52 text
Auth via Custom Directives
52
3
Slide 53
Slide 53 text
Custom Directives
53
Custom directives can be used for a lot of
things: auth, error tracking, translation, etc
Slide 54
Slide 54 text
Custom Directives for Auth
54
Slide 55
Slide 55 text
Custom Directives for Auth
55
apollographql.com/docs/graphql-tools/
schema-directives.html
Implementation detail is a little bit complex, but more details
can be found in the link below.
Slide 56
Slide 56 text
Auth. outside GraphQL
56
4
Slide 57
Slide 57 text
Auth. outside GraphQL
57
If your REST API already has
authorization baked in, why bother
implementing on the GraphQL level?
Slide 58
Slide 58 text
58
...pass the request header, then….
Slide 59
Slide 59 text
59
…then pass the header to the model method.
Slide 60
Slide 60 text
GraphQL for the
next Billion Users
60
BuzzJS NYC 2018
Slide 61
Slide 61 text
GraphQL for the next Billion Users
61
GraphQL on the Edge
Slide 62
Slide 62 text
62
▰
▰
▰
Slide 63
Slide 63 text
GraphQL for the next Billion Users
63
Sign up for Early Access:
apollographql.com/edge
Slide 64
Slide 64 text
More Information on Auth.
64
GraphQL & Apollo:
apollographql.com/docs
JWT Book:
auth0.com/resources/ebooks/jwt-handbook
Authentication & Authorization:
auth0.com/blog