Scribd
Upload
9 views2 pages

GraphQL_Interview_Problems

The document outlines the key differences between REST and GraphQL, highlighting GraphQL's single endpoint and flexibility in response structure. It provides guidance on designing GraphQL schemas, differentiating between queries, mutations, and subscriptions, and handling authentication and authorization. Additionally, it addresses common performance pitfalls in GraphQL and suggests solutions to mitigate them.

Uploaded by

pbecic
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
9 views2 pages

GraphQL_Interview_Problems

The document outlines the key differences between REST and GraphQL, highlighting GraphQL's single endpoint and flexibility in response structure. It provides guidance on designing GraphQL schemas, differentiating between queries, mutations, and subscriptions, and handling authentication and authorization. Additionally, it addresses common performance pitfalls in GraphQL and suggests solutions to mitigate them.

Uploaded by

pbecic
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

GraphQL for Strong Senior Developers

What are the core differences between REST and GraphQL?


 REST:
 Multiple endpoints (e.g., /users, /orders).
 Fixed responses based on URL and method.
 Over-fetching or under-fetching common.
 GraphQL:
 Single endpoint — queries specify the data shape.
 Clients control response structure (fields, nested entities).
 Reduces round trips and avoids over-fetching.
 GraphQL emphasizes flexibility and efficiency at the cost of increased complexity in
validation and security.

How would you design a GraphQL schema for a complex domain model?
 Start by modeling domain entities as GraphQL types.
 Design principles:
 Use clear, flat object types (avoid overly deep nesting).
 Use interfaces and unions for polymorphism.
 Leverage input types for mutations.
 Example for blog domain:
 type Post { id: ID!, title: String!, author: User!, comments: [Comment!]! }
 type Query { posts: [Post!]!, user(id: ID!): User }
 Consider using schema-first or code-first design depending on team preferences.

How do GraphQL queries, mutations, and subscriptions differ?


 Queries:
 Read-only operations for fetching data.
 Mutations:
 Write operations — create/update/delete entities.
 Often return updated objects to reflect state changes.
 Subscriptions:
 Real-time push-based operations (usually over WebSockets).
 Used for chat, notifications, live updates.
 Each operation type is defined explicitly in the schema.

How do you handle authentication and authorization in GraphQL APIs?


 Authentication:
 Use HTTP headers (e.g., Authorization: Bearer <token>) in resolvers.
 Extract user context from token using middleware.
 Authorization:
 Check roles/permissions in resolvers or schema directives.
 Use context-based checks: e.g., user.id === post.authorId.
 Best practices:
 Avoid leaking information via introspection.
 Use field-level access control if necessary.

What are common performance pitfalls in GraphQL and how can they be
mitigated?
 Pitfalls:
 N+1 query problem from nested resolvers.
 Expensive queries due to deep nesting or large responses.
 Unbounded queries from malicious users.
 Solutions:
 Use DataLoader pattern to batch and cache resolver calls.
 Apply query depth/complexity limiting.
 Set query cost limits or max execution time.
 Cache frequent queries where appropriate.

You might also like