Skip to main content

GraphQL Development

GraphQL developement requires number of tools and packages that can be used on both client and server. Our target will be to provide comprehensive set of the tools to add graphql support for both client and server side applications

Recommended Packages for Node.js Server development#

Recomended packages for Client side development#

Recommended Tools for visualizing GraphQL Schema and Queries#

Recomended practices for GraphQL Schema development#

Guidance#

When building GraphQL API from scratch we recomend using reference GraphQL-js reference implementation which was proven to be the most performant and have continous support from community. Entire development is currently backed by Linux foundation.

GraphQL Server#

For GraphQL Server we recomend using GraphQL-Express for exposing GraphQL APIs over the network and GraphQL-Tools to build GraphQL Schema:

https://github.com/ardatan/graphql-tools#example

Developers can use top level database query languages. We recomend using Knex(http://knexjs.org/) for performing queries from GraphQL to relational databases.

If your GraphQL Schema contains relationships that can lead to "N+1 Problem", please consider using DataLoader library.

https://github.com/graphql/dataloader

Usage of the dataloader will be specific to your database/ORM solution.

GraphQL Client#

For GraphQL client we recomend URQL that can work with React and any other JavaScript based library.

https://formidable.com/open-source/urql

When using module bundler we strongly recomend to compile your graphql queries using GraphQL-Tag:

https://github.com/apollographql/graphql-tag

Typescript support#

If you use typescript in your project we recomend GraphQL-Code-Generator to generate typings for both client and server:

https://graphql-code-generator.com

Instrumentation and Tracking#

For instrumentation and tracking we recomend using official OpenTelemetry package

https://www.npmjs.com/package/@opentelemetry/instrumentation-graphql

Rate Limiting and Query Complexity#

When building GraphQL API we often need to restrict it in terms of complexity and query rate.

For rejecting complex queries and detecting possible API missuse we recomend using

https://github.com/slicknode/graphql-query-complexity

For building fixed window rate limiting middleware for GraphQL we recomend

https://github.com/ravangen/graphql-rate-limit

Authorization#

When building GraphQL we can build our authorization logic inside resolvers. Developers can use any library or solution that is specific to their infrastructure. We recomend to follow official authorization guide:

https://graphql.org/learn/authorization

For Keycloak SSO users we recomend library that provides helpers and GraphQL directives for authorization and authentication:

https://github.com/aerogear/keycloak-connect-graphql

Persisted queries#

Persisted queries are mechanism to improve performance by utilizing already cached and well known queries. Those queries can be also later hosted on the CDN.

For persisted queries we can use approaches that are:

  • Dynamic (no need to compile queries on client as server caches them)
  • Static (requires client side compilation)

For static persited queries we recomend https://github.com/valu-digital/graphql-codegen-persisted-query-ids

For dynamic persisted queries we recomend

  1. Apollo APQs which needs Apollo server