28 July 2020
Hasura – my first impressions on the instant GraphQL APIs engine
Have you heard about Hasura yet? Hasura is a new, instant realtime GraphQL APIs engine that can be connected to your database and result in a unified data access layer. When I first stumbled upon it, I thought was a pretty cool idea. But can’t be sure without trying it out myself. Welcome to my Hausra review!
In case you haven’t got familiar with Hasura yet, let’s start with a quick Hasura recap.
What is Hasura?
According to the official documentation, Hasura is the instant realtime GraphQL APIs engine. It makes your data instantly accessible over a real-time GraphQL API, so you can build and ship modern apps and APIs much faster. Hasura connects to your databases, REST servers, GraphQL servers, and third-party APIs to provide a unified GraphQL API, to be precise, an instant realtime GraphQL API across all your data sources. Postgres database tables are reflected directly in the structure and relationships of the GraphQL queries and mutations without writing any code.
I think that’s enough of Hasura theory, let’s move on to practice.
How does the authentication work?
Hasura is not responsible for authentication. There are two ways to authenticate the user – webhook and JWT. Both solutions have to inform Hasura about permission level.
This is the most important information received from webhook. Hasura will check permission level against the requested operation.
How to set authentication webhook in Hasura
docker-compose.yml? Just look at the example below.
Example of code that returns the permission level
Hasura GraphQL engine – powerful console
Hasura instant realtime GraphQL APIs provide you with access to a powerful console that allows you to:
- create mutations
- create queries
- create tables
- create relationships between
- manage permissions per table and operation like insert or delete
- trigger SQL statements
- create SQL functions
- create custom queries
- create custom mutations
add remote GraphQL schemas
access custom GraphQL schemas
merge remote GraphQL schemas
- event triggers
- cron triggers ( still in beta )
The console can be disabled and all operations can be managed by Hasura CLI.
💡 Read more: Deno tutorial and introduction: is it a worthy competition for Node.js?
What is a Hasura action?
Every time you need a custom GraphQL query or mutation, actions are the way to go. They simply allow delegate requests to registered webhook to handle various use cases such as data validation, data enrichment from external sources and any other complex business logic. All of that makes Hasura a powerful business logic GraphQL engine.
You can see it pretty clearly in the graph below.
Create custom mutation using actions
Let’s create a custom mutation
`sign_up` that will hash a received password and create a record in the Hasura database.
Step 1: create action definitions
- Define new types
- Set webhook as the handler of the request
- Set permissions ( otherwise only admin can use this action )
Step 2: create a webhook handler
Hash received the user password and run the Hasura mutation
`insert_user` with processed data.
Step 3: test mutation
Check user table
Perfect! We have hashed the password in the database. What is important at this point is that webhook simply prepared data and called the Hasura
`insert_user` endpoint. Actions are the perfect candidate for serverless solutions like Lambda.
How to create a custom query in Hasura using SQL function?
Let’s create a custom query. Our goal is to find in the
`articles` table every row that contains the searched phrase in
`content`. We want to have a query named `
search_articles` that gets the
`search` parameter and looks into the
What is the SQL function?
It’s a set of SQL commands wrapped in a function. Like every function, we can pass arguments to the body of the function and we expect output to be returned. More about Postgres SQL functions here.
Write a function definition
Let’s jump to
`DATA > SQL` and paste this code:
Don’t forget to check this box before saving:
The function will be visible as `
search_articles query` in the
Okay, we’re done here. Now, it’s time for testing!
Test custom query
Verdict & conclusions
Hasura instant realtime GraphQL APIs opinions
After working with Hasura, I can honestly say a lot of good things about this technology. Hasura has a lot of advantages – the learning process goes fast and smooth. If I got stuck, all answers were easily found in the documentation and official Hasura videos.
I’m actually glad that Hasura GraphQL is not an all-in-one tool. Actions help to extend core functionalities with custom logic. This project delivers great features in response to community requests.
Will I use Hasura GraphQL in a commercial project?
Definitely not… yet. The most powerful features of the Hasura GraphQL engine are still in beta and I don’t think I’d have the guts to rush into creating massive applications with an unfinished tool. Having said that, I can see a lot of potential in Hasura. You can be absolutely sure that I’ll come back to Hasura in a year or so, to check their progress.
It was really fun to use this technology in a small project but the Hasura instant realtime GraphQL APIs engine needs a bit more time to mature and blossom into a full-blown power-tool for big commercial applications.
Want to learn even more about the current trends in APIs?
Check out our State of Microservices 2020 report and find out more about the current usage and consumption of APIs.