I plan to implement the GraphQL API in .NET on IIS and the DataLoader API as a Node.js application server. GraphQL will interact with dataLoader on SQL Server.
All applications will now be on the same physical server, but can be shared in the future if scalability is required.
My reasons for this are:
- Existing code depends on IIS / COM / DCOM / ActiveX / .NET / ASP / ASPX
- Simplification of implementation and mind
- Access control (the web server should not see that the dataLoader code and ACL can be implemented in dataLoader)
- It makes it easier if I get the opportunity to interact with another db (redis, mongodb, etc.)
- I can gradually slice and pass portions of code to make code sharing easier (with separate Linux servers).
- (I like it) Node.js is open to research, but still cannot choose
Firstly, does it make sense or am I asking for problems?
Does it make sense to use a binary serialization format between GraphQL and dataLoader? Or just a simple web service will be easier?
Am I risking performance issues due to a more circular disconnect? (The question is too open? It intuitively seems that this will improve at best)
Is there a need for explicit authentication between GraphQL and dataLoader? Or can I just send the session data (with username) via as-is and just let dataLoader trust the username specified as context? Maybe pass a token? Are JWT tokens useful here?