GraphQL Flashcards

1
Q

Apollo

A

a platform which provides us all the tools for implementing a GQL server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Resolvers:

A

functions that are responsible for return values for fields that exists within types in a schema.

Resolvers allow us to define the mapping of the queries we’ve defined in our schema to the data source method which returns the data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Input Types

A

just like types, but for arguments
you can only use them for arguments
all fields eventually have to resolve to a scalar
within schema, instead of using type Type {}, use input {}, besides that it is exactly the same

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Mutation:

A

a type on a schema that defines operations clients can perform mutate data(Create Update Delete)
define mutation type on schema using SDL
add fields for mutation type
add args for mutation fields
create resolvers for mutation fields

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Query:

A

describes the data that we can fetch.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Is GraphQL a Database Technology?

A

No. GraphQL is often confused with being a database technology. This is a misconception, GraphQL is a query language for APIs - not databases. In that sense it’s database agnostic and can be used with any kind of database or even no database at all.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is GraphQL?

A

GraphQL is a query language which provides a common interface between the client and the server for data fetching and manipulations.

The client asks for various data from the GraphQL server via queries. The response format is described in the query and defined by the client instead of the server: they are called client‐specified queries. The structure of the data is not hardcoded as in traditional REST APIs - this makes retrieving data from the server more efficient for the client.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How to do Error Handling?

A

A successful GraphQL query is supposed to return a JSON object with a root field called “data”. If the request fails or partially fails (e.g. because the user requesting the data doesn’t have the right access permissions), a second root field called “errors” is added to the response:

{
“data”: { … },
“errors”: [ … ]
}

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is GraphQL schema?

A

Every GraphQL server has two core parts that determine how it works: a schema and resolve functions.

The schema is a model of the data that can be fetched through the GraphQL server. It defines what queries clients are allowed to make, what types of data can be fetched from the server, and what the relationships between these types are.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How to do Server-side Caching?

A

One common concern with GraphQL, especially when comparing it to REST, are the difficulties to maintain server-side cache. With REST, it’s easy to cache the data for each endpoint, since it’s sure that the structure of the data will not change.

With GraphQL on the other hand, it’s not clear what a client will request next, so putting a caching layer right behind the API doesn’t make a lot of sense.

Server-side caching still is a challenge with GraphQL.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How to do Authentication and Authorization?

A

Authentication and authorization are often confused. Authentication describes the process of claiming an identity. That’s what you do when you log in to a service with a username and password, you authenticate yourself. Authorization on the other hand describes permission rules that specify the access rights of individual users and user groups to certain parts of the system.

Authentication in GraphQL can be implemented with common patterns such as OAuth.

To implement authorization, it is recommended to delegate any data access logic to the business logic layer and not handle it directly in the GraphQL implementation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

List the key concepts of the GraphQL query language

A
Hierarchical
Product‐centric
Strong‐typing
Client‐specified queries
Introspective
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Explain the main difference between REST and GraphQL

A

The main and most important difference between REST and GraphQL is that GraphQL is not dealing with dedicated resources, instead everything is regarded as a graph and therefore is connected and can be queried to app exact needs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the disadvantages of GraphQL

A

-queries always return a HTTP status code of 200 , regardless of whether or not that query was successful.

-server side caching gets complicated since endpoints aren’t clearly defined.
however, most libs built in GQL have caching features out of the box.

-rate limiting which has more to do with what individual companies decide based on their metrics.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How do you prevent nested attack on GraphQL server?

A

Query Validation: server tries to determine if there are serious errors within the query
Query Timeout: adding a timeout to the query.
Query Whitelisting: create a list of allowed queries ahead of time.
Query Cost Limiting: you can assign a cost do various queries.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is AST in QraphQL?

A

The foundation of any GraphQL API is an abstract syntax tree, which is heavily used server-side to deal with schema definitions and parsing the actual GraphQL query.

A deeply nested object representation of a function or component that Babel uses to transform or transpile.

17
Q

scalar

A

all the types: int, String, ID, flat, boolean