Building a GraphQL-native serverless backend with Fauna

Rate this content
Bookmark

Welcome to Fauna! This workshop helps GraphQL developers build performant applications with Fauna that scale to any size userbase. You start with the basics, using only the GraphQL playground in the Fauna dashboard, then build a complete full-stack application with Next.js, adding functionality as you go along.

In the first section, Getting started with Fauna, you learn how Fauna automatically creates queries, mutations, and other resources based on your GraphQL schema. You learn how to accomplish common tasks with GraphQL, how to use the Fauna Query Language (FQL) to perform more advanced tasks.

In the second section, Building with Fauna, you learn how Fauna automatically creates queries, mutations, and other resources based on your GraphQL schema. You learn how to accomplish common tasks with GraphQL, how to use the Fauna Query Language (FQL) to perform more advanced tasks.

This workshop has been presented at GraphQL Galaxy 2021, check out the latest edition of this Tech Conference.

FAQ

Fauna is a serverless database that natively supports GraphQL, allowing you to create and manage databases with GraphQL queries and mutations. It auto-generates queries and mutations based on your GraphQL schema, offering a seamless way to interact with your data.

To get started with Fauna, you need to create a Fauna account, which you can do for free without a credit card. Once you have an account, you can create a new database, upload your GraphQL schema, and start interacting with your data using the auto-generated queries and mutations.

Fauna's serverless architecture offers key features such as no infrastructure concerns, automatic scaling, high availability and security, and a pay-for-value pricing model. This means you don't need to provision servers or manage infrastructure, and you only pay for the actual access to your data.

Fauna handles user authentication through User-Defined Functions (UDFs). You can create custom functions for registering and logging in users, which handle credentials securely. Fauna also supports integration with Auth0, Okta, and other authentication services.

The principle of least privilege in Fauna ensures that users have the minimum level of access required to perform their tasks. This is implemented through roles and attribute-based access control (ABAC), allowing fine-grained control over what data and functions each user can access.

You can integrate Fauna with your front-end application using Apollo Client for GraphQL. You need to set up Apollo Client with Fauna's GraphQL endpoint, manage authentication through session cookies, and query data using the client. Fauna's flexible API makes it easy to use with various front-end frameworks like Next.js, React, and Vue.

Fauna Query Language (FQL) is a proprietary language used to interact with Fauna databases. It follows a functional programming paradigm and allows for complex data manipulation and business logic to be executed within the database layer. FQL is similar to JavaScript and other functional languages like Scala.

You can find resources to learn more about Fauna and FQL on the Fauna documentation site, Fauna Labs on GitHub, and through various sample applications and repositories. Additionally, Fauna offers a Discord channel and Twitter support for any questions you may have.

Custom resolvers in Fauna are created using User-Defined Functions (UDFs) in Fauna Query Language (FQL). You define these functions in the Fauna dashboard and then map them to GraphQL queries or mutations using the resolver keyword in your schema.

Fauna ensures high availability and redundancy by spreading traffic across multiple regions. In case of an outage in one region, traffic fails over to other regions without any intervention required from your application. Fauna also maintains strong transaction consistency, ensuring you always have the most recent data.

Rob Sutter
Rob Sutter
Shadid Haque
Shadid Haque
143 min
08 Dec, 2021

Comments

Sign in or register to post your comment.

Video Summary and Transcription

Today's workshop focused on serverless development with Fauna. The workshop covered topics such as building a client-serverless model, exploring data access patterns, and creating a serverless application. It also delved into user authentication, session management, and querying data in the front end. The workshop highlighted the power of Fauna for data manipulation and the flexibility it offers for building applications with fine-grained access control.

1. Introduction to Serverless

Short description:

Thank you for joining us. Today, we'll be discussing serverless and its benefits. Serverless eliminates infrastructure concerns, automatically scales, ensures high availability and security, and offers value-based pricing. With serverless, you can achieve zero downtime and satisfy compliance requirements. Fauna, a serverless database, provides strong transactions, fast performance, and works well with next-generation serverless providers. It's a great fit for front-end developers and offers a smart API layer for easy integration. Let's dive into the workshop and learn more about serverless!

Thank you for joining us. And now let's get started. Thanks for joining us today. We've been waiting to get started. My name's Rob. I'm one of the people who's gonna be walking you through the workshop today. I want to make sure that you're all in the Discord server with us. I'm going to go ahead and drop the link to the slides that I'll use in there now, and we'll also give you a link to the workshop later. so that you can go back and do this, either yourself, review it yourself or take it to your teams to do it so that you can run through it on your own. It is publicly available, but the differences will be here today to answer your questions as we go and to walk through it with you.

So without any further ado here, I'm just going to dive right into the workshop. So I'm going to go ahead and turn it over to Rob to give you a little bit of a tour of the discovery space. And then should give you some resources, and then Shadid is going to take you through the workshop.

So when we talk about serverless, we talk about four key things. These are typically the same for all your different serverless providers. There. First, there's no infrastructure concerns, so you don't need to provision clusters, servers, patch operating systems, all of that stuff. You don't need to worry about that. The provider takes care of it for you. And access is just provided via an API or or as a service. Second, it automatically scales, so you don't need to think about provisioning. If you have zero users, it should scale down to zero and you shouldn't be paying for any of that compute. If you have a burst of traffic, it should scale up immediately. And you shouldn't have to worry about any of that. And that's what Fonda gives you for your database, similar to what function as a service providers give you for your compute. Third, it should be highly available and secure. And so these aren't things that you should have to worry about. Right. If there's an outage somewhere, the provider should be taking care of keeping you up and giving you access to your data. And that's what we do at Fonda. And then finally, it should be paid for value. If you have no access to your database, you shouldn't pay for access during that period. If you store, you know, 10 gigs, then that should be 10 times as expensive as storing one gig. Right. And, of course, there's a free tier that we give you to help you with that. But the principle there is you pay only for the actual access. You don't pay for hours of running Fonda or anything like that. If you have a lot of access and those reads and writes go up, if you have zero, it scales back down. And that scale to zero concept is really important in serverless. Some of the benefits real quick of using a serverless back in like Fonda, you should really be able to achieve zero downtime, at least in terms of your your database. And this helps you like yesterday, there was this big outage that everybody knows about. If you were architected on a single region and it happened to be that one that went down, then off you go. Right. There's no way to avoid that. But Fonda has spread across and above these regions in a way that all of our traffic failed over to the other regions without your application having to do anything. So as far as I know, we didn't have any reported outages yesterday, even though we were dependent on one of the on the region that went down and we have zero reported cases of data loss. So this is a really big advantage for you as a front end developer who just wants to store and get your data back. So all these things that you don't have to think about. So this can also help you satisfy compliance requirements. This is with like region groups that we offer, and we're not going to go into this today because the point of today is to build. It can help you reduce latency with phone number because your users are accessing the closest endpoint. We'll get to that later. And it's a minimal increase in spending to have all that redundancy. You're not running two copies of your database, right? You're running your traffic spread, which is the same total cost as opposed to doubling the cost or tripling the cost to have it in multiple locations. We also do this without the problem that you see on the side of eventual consistency, because Fauna has strong transactions. So instead of getting in a case where you have to check and make sure that you have the most recent data or use locks or anything like that, you just write to a single endpoint and your users read from the endpoint closest to them because everything is a strong transaction. You're just always going to have the most recent data there. Other serverless databases don't give you this guarantee. I mentioned earlier, it's also fast. Right. These are the actual performance numbers. You can confirm these for yourself by going to status.fauna.com. You're looking at single digit, millisecond reads and double digit, millisecond, strong, strongly consistent transactional writes. So it's really performant for your applications, which is important when you're creating front end experiences. Right. Fauna works with next generation serverless providers very well. We're not going to get into deployment today, but if you're already running your app on something like CloudFlare pages or on Purcell, it's a great fit and we have lots of material to help you integrate with that. And again, this is forms sort of a smart API later over Fauna. The GraphQL service does the same thing for you. So you don't need to worry about where to route your traffic.

2. Building a Client-Serverless Model with UDFs

Short description:

You'll learn how to build a client-serverless model using user-defined functions (UDFs) and protect access to your data. By the end of the workshop, you'll have a production-ready model for authenticating users and extending GraphQL queries. We'll guide you from knowing nothing about Fauna to setting up a ready-to-use system in just a few hours. UDFs help you separate business logic from front-end code, making queries and mutations simpler. We'll also cover the principle of least privilege, generating temporary tokens for user login, and authorizing access to resources. The workshop focuses on UDFs and secure data access.

You just hit graphql.db.fauna.com, as you'll see in the workshop today. And we take care of that routing for you. And what you're going to build today is a model that we call client serverless, where you don't have all this other infrastructure in between. You just have your front end and communicating directly with Fauna. And that's the thing that you manage. And that's the thing that you concern yourself with.

This workshop is derived from something we call the Zen of Fauna. You're not going to cover all of this today. The workshop mainly covers the first two. Always using user defined functions, which are implementations of your resolvers in your GraphQL schema. We'll talk about why. And there's a security piece that we're going to teach you about how to only put the keys in your client that can log in and nothing else. Right. So this is how to protect access to your data.

So when you're done with the workshop today, you're going to have a production ready model for authenticating users and for extending your GraphQL queries. This workshop builds up pretty smoothly. What was the goal where we try to only introduce one thing at a time that's new for you. But we still take you from knowing nothing about Fonna to having this production ready setup that you can use in the next over the next three hours. So we talk about user defined functions being everywhere. And the reason that we do this is because it lets you take the business logic out of your front end code and store it somewhere else. Right. For basic queries and mutations and graph QL, that's already going to be provided for you by Fonna. When you create a type, we give you a find type by ID, update type, read type, delete type. I'm sorry, create type, delete type. But for more complex cases like we'll cover in the workshop, you're going to encapsulate that logic in a UDF. You can test it, but it also makes your your queries and your mutations simpler. And then, of course, we talked about this piece of least privilege, the principle of least privilege, here with the login keys. Were going to show you how to generate temporary tokens for users when they log in and how those tokens are used to authorize access to resources in your database. I want to go back real quick. The other important thing to note there is every other permission is denied. In the workshop, you can register a user, you can login a user, but you can't do anything else. Because you have to ship these keys out with your clients, right? There's no way to get it out into your users browser without exposing it. You want to make sure once it's exposed that it can't do anything else. We're going to show you how to do that in this workshop.