Until now, I mostly did SSR websites/apps in contrast to API backend with a SPA or mobile front-end, though with many of them having light (jQuery) to medium (Vue) JS parts.
Then came out LiveView which was for me a huge game changer which I adopted heavily.
And because of that I somehow focused less on JS frontends and API mode of Phoenix (which I did not practice a lot anyway) or things like GraphQL.
However, I’ll start soon a project that will need a mobile app at some point for sure.
Even if I could start with an SSR app to begin with, I want to rather go with a SPA so that I won’t need to rebuild he backend and also for the sake of learning (and maybe finally jumping in this field).
But I’m admitting I’m quite lost without even starting. I just noticed how I was so coupled with the full-stack side of Phoenix and how everything was so easy.
I’m thinking of forms (with CSRF and other security concerns), uploads, the asset pipeline, authentication and authorization and last but not least, all the real time goodies (presence, channels, etc.). And regarding Phoenix 1.6, it seems that the asset pipeline and the authentication will be even easier.
I know that all of these things have nothing to do with SSR or not, but they will need to be implemented in a way I’m not familiar at all.
I was thinking to spin-up an API only Phoenix app and try to learn some of the basics I’ll need to tackle (authentication/authorization, forms, real time communications) and trying to go with the easier way that seemed to be by using RESTful APIs, basically mimicking SSR renders with JSON renders.
The first thing I wanted to consider was authentication and authorization and I heard that GraphQL allows that. Then I was thinking about all the real time aspects then also heard GraphQL has something called subscriptions that are actual WS.
Now I’m considering to go with GraphQL using Absinthe on the Phoenix side. Regarding the client side in JS to begin with I’ll probably go with Svelte and whichever GraphQL library is the most popular for it.
What I wanted to discuss with people having (or not) worked in both types of apps, is what are the things to pay attention to?
For example about authentication I’m not yet sure if I should go with good old session based token (which I guess I can still use it from
phx.gen.auth) or rather JWT?
What about all the real time features?
What about the infrastructure and deployment? Using different domains, servers, repo etc.? Or simply everything under the same repo and e.g. under the same docker-compose?
Anyway, I’ll have some times before starting this project so I just wanted to talk a little bit in order to grasp what people are doing.
Have a nice day all!
I bet I’ll miss LiveView a lot while working on this project…