Getting started with GraphQL in Rails
Vložit
- čas přidán 11. 06. 2024
- Learn how to set up a GraphQL server using Rails and the graphql-ruby gem. We’ll create mutations for login and register and a query to fetch the currently authenticated user account.
Chapters:
0:00 Intro
0:27 Installing GraphQL
2:19 Generate GraphQL Types
3:29 Login mutation
6:13 Register mutation
8:18 Creating the auth token
11:42 Current logged in account query
13:25 Wrapping up
You'll find the docs for the graphql-ruby gem here:
graphql-ruby.org
All of the code for this tutorial is available on GitHub:
- If you want to follow along you’ll find the project at the beginning of the video on this branch:
github.com/phawk/coinfusion/t...
- And the completed graphql example is here:
github.com/phawk/coinfusion/t...
---
Has this video helped you out? Consider buying me a coffee to say thanks and support future content like this, thanks!
app.payhere.co/rapid-ruby/buy...
You can also find more content like this, including premium courses and exclusive community and mentorship to help you level-up! Head over to rapidruby.com and use the code RRCZcams for a discount! - Věda a technologie
![Eminem - Houdini [Official Music Video]](http://i.ytimg.com/vi/22tVWwmTie8/mqdefault.jpg)
Thanks for this video.
You have good teaching skills.
That was awesome.
nice! thanks!
please make a fully playlist for GraphQL with rails with apollo client
Hey Somesh, I’m definitely planning more GraphQL content, I’ve a video on testing that will be out later this week. Are you using Apollo client with react? Or what front end framework?
1:37 - What url did you enter to see "graphiql"? i already found it but as a general suggestion for the future use chrome so we can see your full url. This guide also does not work until i create a user model and specify a session store, if you run this on barebones rails api, graphicl doesnt even load.
Hi Kirill, thanks for the feedback! Ah yes, I generally find rails API mode doesn’t work out of the box with a lot of the third party gems I use, so I usually don’t bother with it, I’ll usually have a front end in rails + graphql. I’ll try and be more clear with the URLs, thanks again!
Do you think globalID can be used as part of an authentication system, or was it just an easy way to store and decode the data for the purposes of this demo?
It’s very similar to JWTs which nobody seems to have a problem using for authentication, very widely used. I would use it, if you aren’t for example a bank, or something at high risk of being hacked. Hope that makes sense, anyone else let me know if I am very wrong :)
and how can i filter ratings according to date range start date and end date as a params in graphql
The same way we pass inputs to the login/register mutations, we can pass Params to queries, so you would just make a param for ‘page’ or ‘search’ etc. I’ll maybe try and cover this in a future video!
9:20 Setting an attr_accessor for the token like that is not thread-safe. It might work in dev mode but in prod with potentially multiple app threads, it won't persist for every request. You should store that kind of token in the session. The session cookie is either encrypted data or a secure random id with session data in the db.
This approach is completely thread safe, and by design we want the token only to be set on the one instance of the user model, in the current request. It’s a temporary place to have the token, for graphql to serialise it and then output it in the graphql response. It’s not designed to hang around or be persisted to the database etc. Hope that helps!
@@rapid-rubyThat's what I get for not watching the whole video, I thought you were going to use the ivar to validate the session on subsequent requests. Still, putting an attr_accessor on a model makes me queasy. I'd reccomend making it stateless with a custom resolver method with an authorization check on the token field to taste. As it is it looks to me like it works by accident.
@ehrenmurdick yeah there probably is a much nicer way of doing it, that sounds like a good idea!
Please, please, please, no background music. I'm sure the content was very good, but I had to find another YT video because the background music was so distracting.