Category: GraphQL

Role-Based User Authorization in Graphene-Django

User authorization is a vital part of any business application. Every developer faces the authorization challenge. There are many ways to implement authorization in Django. Django has a built-in permission-based authorization system, and there are some third-party apps like django-guardian and django-rules.

In our previous article, we implemented Token-based authentication with
. It has also some useful decorators to implement authorization.

But in this article, I will share a custom way to implement role-based authorization in GraphQL. Maybe in the next article, I will share some other ways of authorizations with Django’s built-in permission module.

Let’s start writing some code.

Read More

User Authentication in Graphene-Django with JWT

In all most every project we need user authentication. Django has session-based built-in user authentication and authorization support. But in modern days most of our applications are stateless, so, we are covering here stateless user authentication with JWT.

If you are following our previous articles, you already created a blog app with Graphene-Django. We did not add user authentication for our blog app. Here we will use django-graphql-jwt with Graphene-Django.

Let’s do some basic setup.

Read More

Bulk Insert/Update/Delete in Graphene-Django

In GraphQL, we can do multiple inserts, update and delete at a time. The cool thing about GraphQL is we have a lot of control in our hands. In the GraphQL query, we can ask exactly what we need. As well as query, we can post as much data as we want with GraphQL mutation.

There are a lot of real-life scenarios where we need a bulk insert, update or delete. Specially, In our modern Single Page Applications (SPA), a user may create, update or delete multiple related items at a time. Though GraphQL makes it easy to send data for bulk upsert or delete, we need a fast, cleaner way to do it with Django. The main challenge here is, we have to do a faster, memory-efficient way to implement upsert with large batch size.

Read More

Server-Side Data Validation and Error Handling in GraphQL/Django


Application security is an absolute necessity and it must be a top priority. To make our application secure, we must do server-side data validation. Because we can’t rely on client-side input validation. Certainly, client-side input validation can be manipulated in many ways, which will make our system vulnerable. Therefore, the same input validation must be performed on the server-side.

Any application can have errors. So, handling errors and returning back some informative messages to the end-user is very important. GraphQL does not send any status code with a response like REST. It sends an array called errors with the details of the error. The location and the path of the error are also included. So, handling errors in GraphQL looks pretty simple. But you may need custom error handling with server-side data validation. We will cover both types of error handling and server-side data validation in the following.

Read More

Unit Testing Graphene-Django API with Pytest – 3 Steps

In modern days, automated software testing is extremely important to kill the bugs during development. Unit testing is the first level of software testing, which a developer can not and should not avoid. Because it helps the developer to write bug-free, secure and robust codes.

What is Unit Testing?

Unit testing is a software testing method where every individual component and every single unit of the software is tested. Most of the time, unit testing is performed by the developer. Some times it is done by a QA engineer.

When you are doing TDD (Test Driven Development), you will write the unit test before starting the actual code. You can also write unit tests after finishing the specific feature. However, unit testing is performed during the coding stage and before the integration test.

Read More

How to build GraphQL API with Django – 7 Steps

What is GraphQL?

Technology is evolving so fast. Every day, old technologies are being replaced by new ones. For many years, REST architecture was dominating web services and APIS. In 2012, Facebook developed GraphQL and open-sourced it in 2015. Since then, it is becoming so popular in the development world. GraphQL is a declarative, strongly typed, data-driven query language to build APIs.

With GraphQL, you can ask exactly what you need from the server with a single API endpoint. Moreover, It aggregates data from multiple related tables and sources going as much deep as needed. In addition, with a strong type checking mechanism, GraphQL helps developers to write more reliable, robust and bug-free codes.

Read More

Powered by WordPress & Theme by Anders Norén