Gain insights into building full stack apps with GraphQL. Learn back-end setup, front-end integration with React, Apollo Client, and advanced GraphQL features, including caching and testing.

gld.tar.gz

CreatingBackendProject

ImplementingFirstResolver

NestedResolver

QueriesParameters

ExerciseAddCategories 

SettingUpTheDBlayer

ReturningDataFromDB

ExerciseReadUserDataFromDB 

ImplementingMutation

ErrorHandling

UI Setup

Pre-UI Setup

Client Queries

ImplementingDataLoaderWithAppllo

ExerciseImplementingDataLoader

Client Queries Exercise

Client Queries Server

Client Queries Server GraphQl

Client Queries-copy

UI-testing

Client Queries  Basam

CreatingBackendProjectInitialVersion

Pagination With GraphQL

Client Queries-React-Auth

ImplementingMutation-copy

ExerciseAddCategories -copy

GraphQL is a rapidly growing data query and manipulation language for web APIs. A strong grasp of GraphQL is essential for any software engineer who is developing applications on the modern web.

This course is a comprehensive introduction to building full-stack web applications using GraphQL. You’ll start by implementing a back end and exploring GraphQL’s unique approach to API implementation. After setting up your database, you’ll build a front-end application using React. The application will pass GraphQL queries using an Apollo client to pull information from the back end. You’ll wrap up with an exploration of more advanced GraphQL features, including DataLoader, Apollo client caching, and testing GraphQL applications.

By the end of this course, you’ll be ready to build full stack web applications using GraphQL, React, and Apollo.

Building Full Stack Applications with GraphQL

So far, we’ve implemented setting a cookie in the `login` resolver and have configured Apollo Studio to send it back on every request. However, we don’t do anything with this cookie when we receive it back.

Now, we’ll see how to read a user ID from a cookie and use it in resolvers for authorization. We will also see how we can implement the `logOut` mutation.

# Reading incoming cookies

Let’s see how we can check an incoming JWT token and extract a user ID from it if it’s valid. If we get a valid user ID from a request, we pass it to the resolvers that handle user IDs using the GraphQL context.

As a reminder, we’re currently creating a context with Express request and response objects.

const server = new ApolloServer({
  typeDefs,
  resolvers,
  context: ({req, res}) => {
    return {
      req,
      res
    }
  }
})

To read our cookies, we should use the `req.cookies` field that contains all cookies sent in a request. We can get our cookie from it, which has been named `authCookie`.

const jwt = require('jsonwebtoken')
const { JWT_SECRET } = require('./auth.js')


const server = new ApolloServer({
  typeDefs,
  resolvers,
  context: ({req, res}) => {
    const authCookie = req.cookies.authCookie
    logger.info(`Auth cookie: ${req.cookies.authCookie}`)
      
    return {
      req,
      res
    }
  }
})

If we print the value of this cookie, we’ll see that it contains a long Base64 string. This is a signed JWT token that was generated by our `login` mutation.

[2021-10-04 21:24:16.735 +0100] INFO: Auth cookie: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiI0YjgzNzNkMDE2ZjI3NzUyNzE5ODM4NWIiLCJpYXQiOjE2MzMzNzkwMDcsImV4cCI6MTYzMzM4MjYwN30.IP2J1QxcsHtyF1eB61vkBhYeFNqAXMOIgx2Yob0yh5M

To use this JWT, we have to decode it and check the [signature](https://auth0.com/blog/json-web-token-signing-algorithms-overview/) to ensure that the token is valid. The `jsonwebtoken` function provides a very handy method to do just this called `verify`. It receives a Base64 encoded token, and a secret used to sign the JWT token checks the signature and converts data from the JWT token to a JavaScript object. In this application, we use the same secret for signing and verification, but this is not always the case in real-world situations.

Learn how to implement authorization in GraphQL resolvers.

Getting Started with GraphQL

GraphQL Backend

Developing Frontend Application

Protecting GraphQL API

Advanced GraphQL

Appendix

Authorization and the logOut Resolver

Reading incoming cookies