Serverless graphql endpoint for PostgresSQL database using AWS, serverless and postgraphql
Official lambda implementation from the postgraphql-creators: https://github.com/graphile/postgraphile-lambda-example
💾 Install Serverless
👯 Clone the repo
git clone https://github.com/rentrop/serverless-postgraphql
cd serverless-postgraphql
💾 Install
npm install
🚀 Rebuild and Deploy
npm run rebuild-and-deploy
☕ Coffeetime: AWS takes ~10min to setup the Postgres DB
- From the result of the serverless deployment take the
pgEndpoint
and insert it in:package.json
-file in the config ofPGCON
(line 7)serverless.yml
-file in the environment-variable namedPGCON
(line 21)
🚀 Rebuild and Deploy Again
npm run rebuild-and-deploy
You are all set now. You can now query the resulting endpoint as you wish via POST and GET.
One example to authenticate a user would be:
mutation {
authenticate(input: {email: "[email protected]", password: "iFbWWlc"}) {
jwtToken
}
}
You can try this by entering the following in your browser:
your-url/dev/graphql?query=mutation%20%7B%0Aauthenticate%28input%3A%20%7Bemail%3A%20%22spowell0%40noaa.gov%22%2C%20password%3A%20%22iFbWWlc%22%7D%29%20%7B%0AjwtToken%0A%7D%0A%7D
For most other queries you need to be authorised. Authorization in postgraphql is done via the jwtToken. Set this in your following requests as Authorization
header:
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhIjoxLCJiIjoyLCJjIjozfQ.hxhGCCCmGV9nT1slief1WgEsOsfdnlVizNrODxfh1M8
- Here you can find an in-depth explainaition
- Gist on how to query this endpoint in R
💾 Install Postgres 🐘
⌨️ Initialize the database
npm run init-local-db
⌨️ Run the local server
npm run local-server
-
Responde with error-codes.
At the moment always statusCode:200 is returned. Not sure how to give back error-codes and preserve the graphql{"errors": [...]}
-style. Usingcb(some error)
and a customtemplate
could be a solution... Not sure how exactly - Serverless Doku on status codes -
Using API Gateway Custom Authorizers
At the moment the JWT-Validation is done via postgraphql's setupRequestPgClientTransaction function.
Maybe it would be better to do it via API Gateway Custom Authorizers - Serverless Doku