A production-grade GraphQL backend for a developer social platform. This API enables authentication, developer profiles, project management, and social interactions such as following developers and starring projects.
Built with Node.js, Express, Apollo Server, MongoDB, and modern GraphQL architecture practices including modular schema design and DataLoader optimization.
- Node.js
- Express 5
- Apollo Server 5
- GraphQL
- MongoDB with Mongoose
- JWT Authentication
- DataLoader for N+1 query optimization
@apollo/server@as-integrations/express5graphqlmongoosejsonwebtokenbcryptdataloaderdotenvhelmetcookie-parser
- JWT-based authentication
- Signup and login
- Secure password hashing using bcrypt
- Authenticated context injection
- Developer profile management
- Follow and unfollow developers
- Retrieve followers and following lists
- Fetch developer projects
- Create, update, and delete projects
- Star and unstar projects
- Fetch projects globally or by developer
- Resolve project owner and starred developers
- DataLoader integration to eliminate N+1 query problem
- Batched and cached database access
The application follows a modular GraphQL architecture.
src/
│
├── modules/
│ ├── auth/
│ ├── developer/
│ └── project/
│
├── graphql/
│ ├── typeDefs.js
│ └── resolvers.js
│
│
├── config/
│
├── app.js
└── server.js
Each module contains:
- typeDefs
- resolvers
- model
- loader
This structure ensures scalability and separation of concerns.
Clone the repository:
git clone <repository-url>
cd devhub-graphql-apiInstall dependencies:
npm installCreate a .env file:
PORT=4000
MONGODB_URI=mongodb://localhost:27017/devhub
ACCESS_TOKEN_SECRET=your_secret_key
npm startServer runs at:
http://localhost:4000/graphql
Run seed script:
npm run seedThis creates sample developers, projects, follows, and stars.
Fetch developers and projects:
query {
developers {
id
name
projects {
id
title
}
}
}Create project:
mutation {
createProject(input: {
title: "GraphQL API"
description: "Backend service"
}) {
id
title
}
}- Password hashing with bcrypt
- JWT authentication with token rotation
- Helmet for HTTP security headers
- DataLoader batching prevents redundant database queries
- Efficient resolver design
- Optimized MongoDB querying
- Modular schema structure
- Separation of concerns
- Scalable resolver architecture
- Optimized database access patterns
MIT License