Hacker News new | comments | ask | show | jobs | submit login
Show HN: Prisma – Turn Any Database into a GraphQL API (prisma.io)
29 points by sorenbs 9 months ago | hide | past | web | favorite | 16 comments

Søren, Co-Founder of Prisma here!

We have raised $4.5M from KP, but Prisma stays open source. Happy to answer any questions about Prisma, GraphQL and databases :-)

Ok, I have question about GraphQL in general: is there any tool that supports offline-first use-cases with GraphQL? I mean storing the data in a local database in the browser, then syncing it back to the server.

There is nothing in the GraphQL ecosystem that makes this as seamless as Realm.

AppSync has rudimentary support, which is basically a fork of the Apollo Client as far as I understand it.

There is also some movement in the open source ecosystem, for example https://github.com/Malpaux/apollo-offline

As you can read about here https://blog.graph.cool/all-you-need-to-know-about-apollo-cl... the Apollo client was recently rewritten to be more modular, enabling faster innovation on features such as offline support.

It's not exactly what you want, but I think realm comes closest to that kind of an offering.

https://realm.io/ https://realm.io/blog/realm-scales-to-the-web/

AppSync does this as well: https://aws.amazon.com/appsync/

Yes - have a look at AWS AppSync https://aws.amazon.com/appsync/

Any? We use MS SQL at my work, I didn't see that its supported. Will you support it?

This is great news for GraphQL adoption. I also really like the landing page design

I don't like it that much, but the explanatory drawing/schema is wonderful. I've tried to understand where exactly Prisma fitted before, but couldn't before watching it.

Looks very cool - How do you see permissions/roles/authenticated access being managed for APIs where say most gets are public but most puts and a few gets are private? (I apologize if I missed that in the intro)

We take a slightly different approach at hasura. Every table/view (node) has declarative permissions defined. These are Boolean constraints that can use any property in the graph.

The GraphQL data layer then ensures that the generated SQL query is intersected with those constraints for every node being resolved.

This is works out well for performance also because you don’t have to proxy to the GraphQL proxy.

I have done this in a node app that acts as the intermediate / proxy between your frontend and the prisma service. Infact you can even run it as a serverless endpoint just fine to keep it lightweight.

Is that whitelisting routes? I’m sure there’s a good solution, I’m just not sure how to make sure I’ve got the full surface area properly covered (which naively feels tricky to do with GraphQL but again I’m still trying to understand what are the best practices)

I have had good results with https://github.com/maticzav/graphql-shield but I am also keeping an eye on https://github.com/prismagraphql/graphql-middleware as it is written by the prisma team but isn't ready for production just yet.

As murdockq mentions, the recommended approach is to use GraphQL Bindings to create a lightweight GraphQL server that handles authentication and authorization. The combination of bindings and GraphQL Shield (which is awesome, btw - you should totally use it, even though it isn't maintained by the Prisma team) makes it easy to create and maintain this layer.

The Graphcool Framework uses an approach similar to what Hasura is doing, but there are many use cases where this is simply not flexible enough.

I love Prisma and use it daily for the backend of our apps

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact