A GraphQL server built with Apollo Server 4 and Express integration, with Supabase backend.
- 🚀 Apollo Server 4 with Server Preset
- 📊 GraphQL API with queries and mutations
- 🔒 Security middleware (Helmet, CORS)
- 🎬 Movie management system
- 👥 User management system
- 🏥 Health check endpoint
- 📦 ES Modules support
- 🔐 Supabase authentication and database
- 🛡️ Row Level Security (RLS)
- ⚡ Real-time capabilities
- Node.js (v16 or higher)
- Supabase account
- yarn or npm
-
Create a Supabase project:
- Go to supabase.com
- Create a new project
- Note your project URL and anon key
-
Install dependencies:
yarn install- Configure environment:
# Copy environment file
cp env.example .env
# Edit .env with your Supabase credentials
SUPABASE_URL=your_supabase_project_url
SUPABASE_ANON_KEY=your_supabase_anon_key-
Set up database schema:
- Go to your Supabase dashboard
- Navigate to SQL Editor
- Run the contents of
supabase-schema.sql
-
Start the development server:
yarn devThe server will be available at:
- GraphQL endpoint:
http://localhost:4000/graphql - Health check:
http://localhost:4000/health
query {
movies {
id
title
description
releaseYear
rating
genre
director
}
}query {
movie(id: "1") {
id
title
description
releaseYear
rating
}
}query {
users {
id
username
email
}
}mutation {
createMovie(input: {
title: "Inception"
description: "A thief who steals corporate secrets..."
releaseYear: 2010
rating: 8.8
genre: "Sci-Fi"
director: "Christopher Nolan"
}) {
id
title
description
}
}mutation {
updateMovie(id: "1", input: {
rating: 9.5
}) {
id
title
rating
}
}mutation {
deleteMovie(id: "1")
}mutation {
createUser(input: {
username: "jane_doe"
email: "[email protected]"
}) {
id
username
email
}
}src/
├── index.js # Main server file
├── schema.js # GraphQL schema definitions
├── resolvers.js # GraphQL resolvers
└── supabase.js # Supabase client configuration
supabase-schema.sql # Database schema for Supabase
The server uses the following environment variables:
PORT: Server port (default: 4000)SUPABASE_URL: Your Supabase project URLSUPABASE_ANON_KEY: Your Supabase anonymous keyNODE_ENV: Environment (development/production)JWT_SECRET: Secret for additional JWT operations
yarn dev: Start development server with hot reloadyarn test: Run testsyarn start: Start production serveryarn format: Format all files with Biomeyarn check: Lint and fix issues with Biome
This project uses Apollo Server 4 which includes:
- Server Preset: Optimized configuration for production
- ES Modules: Native ES module support
- Standalone Server: Can run independently or with Express
- TypeScript Support: Full TypeScript integration
- Performance: Improved performance and memory usage
- Security: Enhanced security features
This project leverages Supabase for:
- Authentication: Built-in user management
- Database: Managed PostgreSQL with real-time capabilities
- Row Level Security: Fine-grained access control
- Real-time: Live data updates
- Dashboard: Web-based database management
The server includes several security measures:
- Helmet.js for security headers
- CORS configuration
- Input validation
- Error handling
- Environment variable management
- Supabase Row Level Security
- JWT token validation
To enhance this server, consider adding:
- File uploads with Supabase Storage
- Real-time subscriptions
- Rate limiting
- Logging and monitoring
- TypeScript migration
- Testing with Jest
- GraphQL subscriptions
- Advanced authentication flows