We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

A New Look Into APIS - Graphene

00:00

Formal Metadata

Title
A New Look Into APIS - Graphene
Title of Series
Part Number
31
Number of Parts
52
Author
License
CC Attribution - ShareAlike 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal and non-commercial purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
REST API's have been with us a long time. It's time to ask if we can create better API's with new paradigms. We will discuss new ways to query and manipulate data so that our code becomes simpler and easier to scale. GraphQL is a query language created by Facebook in 2012 which provides a common interface between the client and the server for data fetching and manipulations. We will do a quick overview of GraphQL and focus later on Graphene, the main GraphQL framework for Python. Graphene allows us to reuse our existing Django Models to create schemas quickly and easily. We would like to think of it as the next natural step from the Django Rest Framework.
13
Thumbnail
42:32
Multiplication signPower (physics)Physical lawView (database)Procedural programmingProcess (computing)Server (computing)Surreal numberValidity (statistics)Representational state transferTemplate (C++)Hacker (term)BitSoftware developerProjective planeSoftware frameworkComputer networkEmailComputer animation
Data structureSlide ruleRight angleObject (grammar)Representational state transferModel theoryPower (physics)Network topologyArithmetic meanPerfect groupWeb applicationMobile appSoftware frameworkMobile WebTemplate (C++)Web 2.0Front and back endsCartesian coordinate systemSystem administratorComputer animation
Focus (optics)Universe (mathematics)MereologyLogicInformationMultiplication sign1 (number)Figurate numberAreaSoftware frameworkLattice (order)Representational state transferPresentation of a groupSystem callInsertion lossProcess (computing)String (computer science)Computer configurationValidity (statistics)Server (computing)outputClient (computing)Revision controlAvatar (2009 film)Type theoryCartesian coordinate systemFunction (mathematics)Field (computer science)Model theoryView (database)Electronic mailing listBitError messageScheduling (computing)SoftwareComputer animation
Multiplication signOrder (biology)ResultantBuildingObservational studyGradientSemantics (computer science)Software maintenanceOperator (mathematics)Sheaf (mathematics)WebsiteExpressionTable (information)File formatUniverse (mathematics)Video gameGraph coloringExpected valueField (computer science)Semiconductor memoryPoint (geometry)Dependent and independent variablesPopulation densityQuicksortPole (complex analysis)MathematicsBitVertex (graph theory)Physical lawSampling (statistics)String (computer science)Web pageClient (computing)Error messageKey (cryptography)Query languageImplementationFormal languageLine (geometry)Type theoryFunction (mathematics)NumberElectronic mailing listNetwork topologyReal numberRoundness (object)outputObject (grammar)Validity (statistics)SoftwareModel theoryIntegrated development environmentContext awarenessMereologyFacebookCodeSoftware frameworkRepository (publishing)Power (physics)RootDescriptive statisticsComputer animation
Type theoryResolvent formalismBitPasswordRight angleGoodness of fitAvatar (2009 film)Field (computer science)Model theoryRepresentational state transferQuery languageMedical imagingString (computer science)Cartesian coordinate systemSocial classCASE <Informatik>RootMultiplication signSoftware developerINTEGRALMappingServer (computing)Data dictionaryProcess (computing)Instance (computer science)Object (grammar)Slide ruleDemo (music)Library (computing)Electronic mailing listUniverse (mathematics)FreewareInterpreter (computing)Web browserOrder (biology)Video gameBasis <Mathematik>Functional (mathematics)WebsiteIntegrated development environmentSound effectParticle systemForm (programming)Machine visionExecution unitSet (mathematics)WordLink (knot theory)MereologyAreaBeta functionDivisorComputer animation
Graph (mathematics)Point (geometry)Type theoryQuery languageMiddlewareTheory of relativityMultiplication signServer (computing)Software repositoryResolvent formalismDatabaseINTEGRALGraph (mathematics)ResultantDemo (music)Google App EngineCovering spaceLibrary (computing)Set (mathematics)Source codeWeightNumberLine (geometry)QuicksortBasis <Mathematik>Physical lawArithmetic meanDataflowDialectComputer animation
Sampling (statistics)Software frameworkGoodness of fitMenu (computing)Model theoryInitial value problemElectric generatorContext awarenessTheory of relativityQuery languageMultiplication signCondition numberObject (grammar)Representational state transferWindowSeries (mathematics)Source codeMoment (mathematics)Field (computer science)CASE <Informatik>WebsiteData miningINTEGRALComputer animation
Computer animationXML
Transcript: English(auto-generated)
Today I will be speaking about Graphene. Graphene is a new way to power us to create
APIs very easily. Before I start I would like to give a quick introduction about myself. As I said, I'm Cirrus Hack Barry. I'm a full-stack developer. I've been working with back-end and front-end for almost 10 years. Right now I'm working at the firm in charge of the data communication between services using GraphQL.
If you find this talk interesting, just let me know. We are hiring a lot of people. We will be welcome to hire more. You might know some of my packages or you might not. I did PyJ, which is a template engine for Python. Validate email and other packages. You can check other projects that I did in GitHub slash Cirrus Hack Barry.
Today I will be doing a quick introduction about Graphene. Before that I will review a little bit like what is REST, what we can improve from REST. From there we will go to GraphQL.
What GraphQL makes better than REST and then to Graphene, which is a framework for using GraphQL in Python. From there we can see how we can use Graphene with Django very easily. First slide. What is a typical Django structure? A typical Django structure is using Django in our backend for our models and also for the admin panel.
And usually we used to have server-side Django templates. So was Django the one who was in charge of rendering the layout? However in the past years we also have desktop web apps, which are powered by React and Angular and mobile apps.
And the way they communicate with Django is through some APIs. So for communicating between these desktop web apps or mobile web apps with our Django backend, there was a dominant architecture, which was REST. How many of you know what is REST or have already been using the Django REST framework in their applications?
That's a lot. Perfect. You will love Graphene. So I will do a very quick example about REST. Imagine we want to create a conference application where we have talks and we have speakers.
These talks have a title need, have a time scale, so when the talk is happening. And also we have the user model, which has a name and has an avatar. And talks have a speaker, which is a user, and we can get the talks of a user which is referencing the talk model.
So if we want to create this conference application and we want to get all the talks, what is the title for each talk? What is the name and the avatar of the speaker of each of the talks? More or less, this is how we have to do it in a poor REST approach. So we load the schedule. The schedule will return a list of talks, a list of ideas.
Then we load the detail of each talk. Each talk will return us the title of the talk and probably the idea of the speaker. And from the idea of the speaker, we will fetch again the user information from this idea. As we can see, we are making almost seven HTTP requests for just filling one view. And this is not performant at all.
But before going forward on that, what are the main problems that we have to deal about using a part of using REST? We have to deal with API versioning. We have to deal with input validation. That means if we want to create a user or we want to filter or do pagination,
we have to make sure, for example, for pagination, that we receive an integer, another string. We have to make sure that the output reflects the types that we want. Also, we have to deal with data under fetching or over fetching. That means like a model has a lot of fields and some views doesn't want all the fields loaded, right?
Like sometimes we just want the name of a user and not anything else. We have to deal with network errors and with network latency. For the first three bullet points, we can see the Django REST framework solves this in a
partially good way. But what about the last three? What about if we want to specify what is the data we want? How we can solve that? So usually a good way of solving that is gluing everything together, all these seven HTTP endpoints into one.
So we will create a new endpoint, which is all talk with username and avatar, for example. It's very normal, but after some time we can get questions like, oh, could you please have an option to get the data back without this field, but without another extra field for the new view that I'm creating?
And because of that, we can see that the logic of fetching is moved from the client, who previously knows what we want to the server, which isn't now the one responsible of knowing what the client wants. And because of that, each time the client wants to fetch more or less data, we have to go back to the server and change the logic there. And it's not very
scalable. Why? Because if you imagine we have a lot of clients and we just change a little bit the logic there, we always have to go back to the server to change and restart and everything. And it's not the best way that we can do there. Because of that reason, a lot of companies are starting investing a lot of time in how we can improve this process.
One of these companies was Facebook, who presented GraphQL one year ago, but they've been using GraphQL since three years ago, I think. What is GraphQL? GraphQL is a way that let us define or query the data we want. So let's go to the hello world of GraphQL. This is the hello world. In this case,
I'm just getting the name of my user. As we can see, this GraphQL query is very similar to JSON. The GraphQL response, or the JSON response that we'll get from requesting this, is just like the query we are doing but filled with data. So we can think of GraphQL like the JSON we want to fetch,
but without anybody, just the keys. So going to a more complicated example, we want to get my name, but also my talks, the title of each of the talks that I'm doing, and the time of, like, when the talk is happening. I bet you can already guess what will be the response of that.
It's just the data we are requesting, but filled. Like the GraphQL query we are requesting filled with data. And it's very intuitive knowing what we are querying, because the response will look exactly like the query we are doing.
So let's see how we can create a GraphQL schema based on that. We have to create the root query, which is the type that we hid when we first queried. This query type has a me field on it. The me field is returning a user type. User types have a name field and talks on it, and talks is returning a list of talks.
And talks have a title and a time on it. So what are the real advantages of GraphQL? We have query validation. If a client do a query that we don't expect, for example, it's querying a field that doesn't exist, it will throw an error. But not only that. GraphQL is
really tight, both input and output. So if we expect to receive a number and we receive a string, it will show an error without executing anything. And also for the output. So if we expect or the client expects to receive an inter-error, for example, for a page, then it should receive it, and it will check it always.
But not only that, we will not have the problem of data under-fetching or over-fetching. Why? Because it's the client now, the one who knows what it wants. And then the client decides how much data you want to receive. Also, we have introspection. But what I mean with introspection?
What I mean is actually the client could see what are all the types that are living in our schema universe. And could see like the description or what are the relation between them. Going back to introspection.
Another powerful thing about introspection is it let us have validation without querying. And it let us have, for example, an IDE for querying, that I will show you later, and it makes things very very easy. Also, we have the resolver context. So each time we are resolving a field, we know what is its part. For example, if I fetch in my talks, I know that I'm fetching the talks from my user, and I can act accordingly.
Also, we will have only one round tree for data fetching. So we will not have any more deployment of network latency or HTTP errors.
Okay, another cool thing is we have GraphQL in a lot of languages. Not just JavaScript, which was the main implementation of the Facebook page. We have GraphQL in Python. We have GraphQL in Ruby and Rails. We have GraphQL in Go, in Elixir, and in almost any language you can imagine now. But let's go deeper into the one for Python, Graphene. Graphene is a framework I created for using GraphQL in Python very very easily.
So it's the main way of using GraphQL in Python. So what I'm gonna give some data about Graphene. It's the most GraphQL repository outside Facebook. We have right now around 770 stars.
It's used across 20 companies, more or less in production. A firm is included. It has a very large community, and this lets us fix things or improve very very fast. And not only that, we support Python from Python 2.6 to Python 3 very easily. Like without any change in our code. And it's fully compatible from Django 1.6 plus.
So going back to our model. We want to create our conference application, and we have the talk model and the user model with the following fields that I described before. If we want to create or we want to implement the following
GraphQL schema that could execute this query, this is how we have to do it in Python. So we create the query type which is inerting from Graphene object type and defines the me field which is referencing that user. The user is another Graphene type. Object type that have a name which is a string and talks which is a list of talk.
And talk is just another object type. We have title and time on it. Title is a string, time is a day time. So we can see that with just nine lines of code, we can define a world schema universe and it's very easy to follow it.
One thing I'm more proud of is the playground. The playground let us query or play with Graphene or Graphene in Python very easily. So you can actually go in your computers, go to this URL and play with it by yourself. I'm gonna do a very quick demo about how it works.
So first we import Graphene because we need it. This is using PyPy.GS which let us have a Python interpreter in our browser. So we create the user type. We have a string on it, a name which is a string. We have the query type which is another object type of Graphene. This query type has the me field in it
which is referencing the user. And then we create the schema and we define which is a root query type. Which in this case is a query class. So we try to execute the following query. We want to get my name. Right now we execute, of course.
It will return null because we are not defining how we want, how we are resolving this thing. So if we create the following function, resolve me, and we can say like, okay, each time you are requesting a user, just return a user with the name zerosacbaric and we query it again.
We can see how we fetch the data we want. But not only that, let's complicate it a little bit so we can make the previous example that I was talking before. So we want to create the talk type. The talk type will have a title which is a string. And we have a speaker which is referencing the user. In this case, we can use the same
Django reference with the strings and it will map to the correct class. In this, also we are adding the talks field, which is a list that reference the class type.
So right now if we want, we are not requesting the talks field. So we are fetching the same data. But if we want to fetch the talks or the title of the talks, we can see how now it receives like an empty list. In this case, I'm just saying like, okay, I'm creating or I'm returning this user. We have this talk. If we execute this again, we can see how right now it fetches the data for each of the talks.
But let's complicate it again a little bit. We want to query not just like a random user, but we want to query, for example, a user given an ID. So we are saying we create a user field in the query and we say we have the ID argument, which is a string.
And also we are defining how we want to resolve a random user given an ID.
So I'm creating here a dictionary of users, which in this case is just like a mapping with an ID and the correct object type or the correct instance. And let's try it and see how it works. So for example, the me, I'm just returning, I'm just gonna get the user with the ID one.
I'm gonna execute it and see how it works. Okay, it works perfectly. It's the same way. And also I'm defining how we want to resolve a user. So we get the ID from the arguments, ID. And now we can execute again, but now we can change from me to user.
And if we execute this query, we'll return null because we are not giving there any ID. But actually, here I'm putting like some random data. Okay, so here if we specify an argument, for example, the ID,
we can say for the ID one, it's fetching zero-sack-barry, which is me and myself. For the ID two, it's fetching the peter user. So this is more or less what the playground looks like. But let's go a little bit deeper. I have zero minutes, but I will try to go fast.
A little bit deeper about like how graphene works with jack. Let's see we have these models in our Django application. So we have the user model, we have a name which is a chart field, an avatar which is an image field, and a talk model we have a title, time, and a reference to the speaker.
A very good thing about graphene is we can actually map automatically from our Django models to GraphQL types. So we don't have to type again and again the same things. So let's see how it will look like. Actually, we create the class user. If you already have been using Django framework, it's very similar to serializers.
So we specify which model we want. In this case, each of these types will get the fields from the Django model. We can also specify, for example, which fields we want to map into GraphQL. So for user, we just want the ID, name, and avatar. We don't want the password. We don't want any other field. And for the talk, we want to exclude the ID.
I just wanted to do a demo, but I don't have time. So, last slide. Why you should use graphene in your backend? Why GraphQL or graphene is better? The first thing is much easier to maintain than REST APIs. You will have one documentation and UI for free. Given the introspection, you can
recreate the documentation from the schema universe you have. So you don't need to spend any time more in documentation or in the ID. It's everything already built. Also, you can have a very quick integration with your frontend, with React, thanks to React Relay Library by Pager.
As you have seen, it has seamless integration with Django. But overall, the most important thing is the development process will be much faster. Based on our own experience, we lower the development time by two or three. And that's quite important. Why? Because we don't need to go back to the server always each time we want to fix different things.
Graphene is a service I know that can be used on the web. Can Graphene also be run on a Neo4j database in my own data center? Yeah, it could be run like in any data center. Like it could be run in Django.
It could be run like actually one guy built a graphene integration with Google App Engine and you can build with almost anything you want. It's transparent. Like if you want to build another tool on top of that, it's very easy. It's not required to use Django or not. But you have the tools for doing this with Django. But actually you can integrate with Flask or Google App Engine or almost anything you want.
Hi, thank you for your talk. Does the Graphene library have a sense of permissioning where a user might have access to some data but not others? Yes, actually there is one thing that I didn't cover today because I didn't have enough time. Which is middleware. Middleware catches time when we are resolving a field, for example talks for a user.
And we can check there if a user has permission for getting the talks of another user. So yeah, we can have permissions very easily. For example with Django, I'm planning on open sourcing another thing that we are using too. So it's very easy to have permissions on top of that and see what the user is capable of getting or receiving.
So we have 10 more minutes. Hi, yes, thanks for your talk. Very interesting.
My question is specifically around, you know, like in the example the data was defined in the query file. Yes. At what point do you put that data into like some kind of graph database or like how does that generate IDs?
In the resolver method you can decide how you want to face the data. So actually if you want I can give you a very... If you visit my github, like github.com, I just the last repo I created like an example of what I did using Django. And you can check there that we have a result method and we want to for example get certain talks for a user.
And in the resolver method we define how we want to face this data. So actually there you can specify how you want to do the integration with Neo4j or anything. Actually GraphQL have nothing to do with graphs. Like have to do with graphs in the way that you have types and you have a relation between types.
But other than that, you can do integration with a SQL database or NoSQL or whatever. In the second demo you have time to show you're gonna show how the
Graphene query models connect to Django models similar to the rest framework.
Does that have support for the postgres, the new postgres fields like the JSON and array fields? It's actually Dash. It not only has support with the latest postgres fields, but also it has support for example with SQLAlchemy at any moment you want to move. But it's yeah, it's very easy to add integration with these things. Like we have support with JSON, Hstore, and array fields like that.
In the kind of hard-coded example, the query object kind of like drilled down to define the relations explicitly. When you integrate with Django, will a GraphQL query kind of like do those joins under the hood automatically for you?
Yes, actually there is a very good example I recommend you to check, which is a Star Wars API example. If you go to graphempython.org There is a button there which is like check out, check out, or a Star Wars, whatever. All the relations and all the things there will be automatically done without anything in your site. And actually you can take your source code.
Mine was very related to the permissions one. I was just wondering about auth, if that even is a thing with the Graphene stuff.
Yes, actually like you can check very easily like what is the context of each site you are requesting. In the case of the Django integration, the context will be the request context. So you can check there each time you are resolving something,
what is the user who is requesting data. And from there you can do whatever thing you want with permissions, or add a middleware, whatever. It's very, very easy.