graphql - GraphQL & Prisma: why does one redefine types in the application schema when they are already part of the Prisma database schema?

Question

Hi — I’ve been following along with a GraphQL/Prisma tutorial (https://www.howtographql.com/graphql-js/6-authentication/) and I’m wondering why one redefines types in the application schema when they are already part of the Prisma database schema and could be imported from there.

The answer the tutorial gives is “To hide potentially sensitive information from client applications”. What does this mean exactly? Why do we replicate definitions in ‘schema.graphql’ and ‘datamodel.prisma’? Because the definitions are slightly different (i.e. the 'datamodel' contains tags like @unique)? And how are we hiding things from client applications? I remain perplexed....

Specifically in ‘schema.graphql’ I have

type User {
    id: ID!
    name: String!
    email: String!
    links: [Link!]!
}

and in 'datamodel.prisma' I have

type User {
    id: ID! @unique
    name: String!
    email: String! @unique
    password: String!
    links: [ Link!] !
}

score 3 · Accepted Answer

架构没有该password字段，这可能是“隐藏潜在敏感信息”的意思。

这是任何 API 中的常见做法，即不从持久存储中返回所有数据。

graphql - GraphQL & Prisma: why does one redefine types in the application schema when they are already part of the Prisma database schema?

1 回答 1

Related

Reference