Back to all blogposts

Hasura – my first impressions on the instant GraphQL APIs engine

Sebastian Kurzynowski

Sebastian Kurzynowski

Full-Stack Developer

Have you heard about Hasura yet? Hasura is a new, instant realtime GraphQL APIs engine that can be connected to your database and result in a unified data access layer. When I first stumbled upon it, I thought was a pretty cool idea. But can’t be sure without trying it out myself. Welcome to my Hausra review!

In case you haven’t got familiar with Hasura yet, let’s start with a quick Hasura recap.

What is Hasura?

According to the official documentation, Hasura is the instant realtime GraphQL APIs engine. It makes your data instantly accessible over a real-time GraphQL API, so you can build and ship modern apps and APIs much faster. Hasura connects to your databases, REST servers, GraphQL servers, and third-party APIs to provide a unified GraphQL API, to be precise, an instant realtime GraphQL API across all your data sources. Postgres database tables are reflected directly in the structure and relationships of the GraphQL queries and mutations without writing any code.

I think that’s enough of Hasura theory, let’s move on to practice. 

How does the authentication work?

Hasura is not responsible for authentication. There are two ways to authenticate the user – webhook and JWT. Both solutions have to inform Hasura about permission level. 

This is the most important information received from webhook. Hasura will check permission level against the requested operation.

How to set authentication webhook in Hasura docker-compose.yml? Just look at the example below.

Example of code that returns the permission level `user`:

Hasura GraphQL engine – powerful console

graphql api applications access data

Hasura instant realtime GraphQL APIs provide you with access to a powerful console that allows you to:

  • test GraphQL 

    • create mutations
    • create queries
  •  manage database

    • create tables
    • create relationships between 
    • manage permissions per table and operation like insert or delete
    • trigger SQL statements
    • create SQL functions
  • manage actions

    • create custom queries
    • create custom mutations
  • add remote GraphQL schemas

  • access custom GraphQL schemas

  • merge remote GraphQL schemas

  • manage triggers

    • event triggers
    • cron triggers ( still in beta )

The console can be disabled and all operations can be managed by Hasura CLI.

💡 Read more: Deno tutorial and introduction: is it a worthy competition for Node.js?

What is a Hasura action?

Every time you need a custom GraphQL query or mutation, actions are the way to go. They simply allow delegate requests to registered webhook to handle various use cases such as data validation, data enrichment from external sources and any other complex business logic. All of that makes Hasura a powerful business logic GraphQL engine.

You can see it pretty clearly in the graph below.

Via Hasura.io

Create custom mutation using actions

Let’s create a custom mutation `sign_up` that will hash a received password and create a record in the Hasura database.

Step 1:  create action definitions

  • Define new types
  • Set webhook as the handler of the request
  • Set permissions ( otherwise only admin can use this action )

hasura nodejs graphql applications

Step 2: create a webhook handler

Hash received the user password and run the Hasura mutation `insert_user` with processed data.

Step 3: test mutation

Request

Response

Check user table

hasura applications data

Perfect! We have hashed the password in the database. What is important at this point is that webhook simply prepared data and called the Hasura `insert_user` endpoint. Actions are the perfect candidate for serverless solutions like Lambda.

How to create a custom query in Hasura using SQL function?

Let’s create a custom query. Our goal is to find in the`articles` table every row that contains the searched phrase in `title` or `content`. We want to have a query named `search_articles` that gets the `search` parameter and looks into the `article` table.

What is the SQL function?

It’s a set of SQL commands wrapped in a function. Like every function, we can pass arguments to the body of the function and we expect output to be returned. More about Postgres SQL functions here.

Write a function definition

Let’s jump to `DATA > SQL` and paste this code:

Don’t forget to check this box before saving:

hasura api data access

The function will be visible as `search_articles query` in the `Graphiql` tab.

Okay, we’re done here. Now, it’s time for testing! 

Test custom query

Query

Response

Verdict & conclusions

Hasura instant realtime GraphQL APIs opinions

After working with Hasura, I can honestly say a lot of good things about this technology. Hasura has a lot of advantages – the learning process goes fast and smooth. If I got stuck, all answers were easily found in the documentation and official Hasura videos.

I’m actually glad that Hasura GraphQL is not an all-in-one tool. Actions help to extend core functionalities with custom logic. This project delivers great features in response to community requests.

Will I use Hasura GraphQL in a commercial project?

Definitely not… yet. The most powerful features of the Hasura GraphQL engine are still in beta and I don’t think I’d have the guts to rush into creating massive applications with an unfinished tool. Having said that, I can see a lot of potential in Hasura. You can be absolutely sure that I’ll come back to Hasura in a year or so, to check their progress.

It was really fun to use this technology in a small project but the Hasura instant realtime GraphQL APIs engine needs a bit more time to mature and blossom into a full-blown power-tool for big commercial applications.   

Want to learn even more about the current trends in APIs?

Check out our State of Microservices 2020 report and find out more about the current usage and consumption of APIs.

The Software House is promoting EU projects and driving innovation with the support of EU funds

What would you like to do?

    Your personal data will be processed in order to handle your question, and their administrator will be The Software House sp. z o.o. with its registered office in Gliwice. Other information regarding the processing of personal data, including information on your rights, can be found in our Privacy Policy.

    This site is protected by reCAPTCHA and the Google
    Privacy Policy and Terms of Service apply.

    We regard the TSH team as co-founders in our business. The entire team from The Software House has invested an incredible amount of time to truly understand our business, our users and their needs.

    Eyass Shakrah

    Co-Founder of Pet Media Group

    Thanks

    Thank you for your inquiry!

    We'll be back to you shortly to discuss your needs in more detail.