authentication.md

Authentication

The general recommendation is to handle authentication outside of GraphQL itself, passing in the information of the current viewer through the rootValue interface provided to you.

For example:

app.use('/graphql', (request, response, next) => {
  const viewer = getViewerFromRequest(); // You provide this.
  const options = {
    rootValue: {
      viewer,
    },
    schema,
  };

  return graphqlHTTP(request => options)(request, response, next);
});

And then inside the schema you have access to your rootValue and can use that for the purposes of access control and authorization:

resolve: (parent, args, {rootValue}) => {
  const viewer = {rootValue};

  // Code that uses viewer here...
}

connections-vs-list.md

Connections vs Lists

Stack Overflow Answer

Highlights:

• Connections
  • More powerful and flexible than simple lists.
  • Support pagination (forward and back), with cursors.
  • Fine-grained mutation support (eg. RANGE_ADD, RANGE_DELETE, NODE_DELETE, as described in the guide).
  • Requires a first or last argument in order to limit the size of the result set.
  • Has an edges field that provides a place to locate per-edge, edge-specific data.
  • A heavier-weight concept, requiring more work to define in the schema.
• Lists
  • Simple and lightweight.
  • No support for pagination (the entire list is always returned).
  • No special mutations features for prepending, appending etc (although it is a requested feature).
• Which to use?
  • Whenever you need pagination, you should use a connection.
  • If you need fine-grained control over mutations, you may choose to use a connection, even if you don't need pagination.
  • If you want all the items in a connection, you can use first with some large number.
  • If you want to expose a short list with minimal effort, use a simple list.

Resources

• GraphQL Connections

graphql-links.md

Learning GraphQL

GraphQL is a language that your server engineers use to expose a better API for your product developers to use in order to build nice things.

• GraphQL in Production
• Authorization in GraphQL
• express-graphql
• From REST to GraphQL
  • Super useful! Great introduction to actually implementing some pieces for a production GraphQL project
• Getting Started With Relay
• React Europe and GraphQL
• graphql-js
• graphql-auth
• GraphQL Spec
• GraphQL Site
• GraphQL Relay Specification

subscriptions.md

Subscriptions

• Relay Chat Subscriptoins

Videos.md

Videos

• Lee Byron - Exploring GraphQL at react-europe 2015
• React.js Conf 2015 - Data fetching for React applications at Facebook
• Nick Schrock & Dan Schafer - Creating a GraphQL Server at react-europe 2015
• Mutations in GraphQL - Laney Kuenzel - JSConf 2015