A HackerNews-like clone built with Supabase and pg_graphql
A basic HackerNews-like clone where posts can be submitted with url links and then up and down voted.
cp app/.env.example app/.env
yarn
yarn codegen
yarn workspace app dev
Provide the following settings to deploy a production build to Vercel:
yarn codegen && yarn workspace app build
./app/.next
yarn
yarn codegen && yarn workspace app dev --port $PORT
yarn codegen:fetch
yarn codegen:watch
yarn workspace app dev
Note: You need to call select graphql.rebuild_schema()
manually to synchronize the GraphQL schema with the SQL schema after altering the SQL schema.
brew install dbmate
.env
with DATABASE_URL
cd data
dbmate dump
Note: If
pgdump
fails due to row locks, a workaround is to grant thepostgres
role superuser permissions withALTER USER postgres WITH SUPERUSER
. After dumping the schema, you should reset the permissions usingALTER USER postgres WITH NOSUPERUSER
. You can run these statements in the Superbase Dashboard SQL Editors.
Profile belongs to auth.users
Post
Comment belongs to Post and Profile
Vote belongs to Post (can have a direction of UP/DOWN)
direction enum is "UP" or "DOWN"
url
is uniqueSee: ./data/db/schema.sql
Note: The schema includes the entire Supabase schema with auth, storage, functions, etc.
A data file for all Supabase Blog posts from the RSS feed can be found in ./data/seed/blog_posts.csv
and can be loaded. Another file for comments
is available as well.
Note: Assumes a known profileId
currently.
See: ./graphql/schema/schema.graphql
See: ./graphql/queries/
Use: https://mvrfvzcivgabojxddwtk.supabase.co/graphql/v1
Note: Needs headers
Content-Type: application/json
apiKey: <supabase_anon_key>
GraphiQL is an in-browser IDE for writing, validating, and testing GraphQL queries.
Visit http://localhost:3000/api/graphiql
for the Yoga GraphiQL Playground where you can experiment with queries and mutations.
Note: Needs headers
Content-Type: application/json
apiKey: <supabase_anon_key>
Note: In order for the RLS policies authenticate you, you have to pass an authorization header (see example):
authorization: Bearer <access_token>
query {
rankedFeed: postCollection(orderBy: [{ voteRank: AscNullsFirst }]) {
edges {
post: node {
id
title
url
upVoteTotal
downVoteTotal
voteTotal
voteDelta
score
voteRank
comments: commentCollection {
edges {
node {
id
message
profile {
id
username
avatarUrl
}
}
}
commentCount: totalCount
}
}
}
}
}
You can query all policies via: select * from pg_policies
.
See: Row Level Security Matrix (RLS)
dbmate
can create schema_migrations
tables in schemas. To make sure they are not included in your GraphQL Schema:revoke select on table public.schema_migrations from anon, authenticated;
comment on schema public is e'@graphql({"inflect_names": true})';
select graphql_public.graphql(
null,
$$ { heartbeat }$$
)
Returns:
{ "data": { "heartbeat": "2022-07-28T17:07:07.90513" } }
public_graphql
schema not exposed properly?Getting an 406 status or error message like:
{
"message": "The schema must be one of the following: public, storage"
}
Then be sure to expose the graphql_public
in Settings
> Project settings
> API
.
The schema to expose in your API. Tables, views and stored procedures in this schema will get API endpoints.