How has your experience been with tools like PostgREST/Hasura?

Question

These tools that can generate a server based on your database seem so promising from my experience playing with them, but I feel like what you gain in simplicity from the boring CRUD API is offset by increased complexity in the rest of your app.When you've got say an app built with Django using the rest framework, you have everything you need in one place. You can add any custom logic you want to the views because it is all right there.I'm wondering for those of you who have worked with these tools, how has it gone? Have you encountered any of these issues, or is it smooth sailing and they live up to the hype?

melony · Accepted Answer

Authorization is a pain in the ass, you have to fully buy into Postgres RLS system. On the authentication side, it helps to be familiar with OAuth and JWTs. Old school cookie based solutions (or any unorthodox 3rd party delegate auth schemes like those used in enterprise spaces) will require custom code to integrate (or to call an external authentication function).If you are comfortable with JWTs and SPA ("jamstack") authentication then it is a breeze. I have had good experience with Supabase (PostgREST) using Prisma to manage the migrations. Hasura's out-of-the-box migration support is weaker, so you need to pay attention to make sure production and development don't drift apart.