FAQ

I do not want to expose all tables with APIs, What to do ?

APIs can be generated for only tables that are required. We follow concept of router-service-model for each table. So you ignore generating router/apis for table that you do not want to expose.

Where is the source code for the APIs created ?

All of the APIs are generated in a folder by name ./server in your project base directory
REST API Framework uses : router->service->model
GraphQL API Framework uses : resolver->service->model

What language and framework is used to create these APIs ?

APIs are generated using node.js. And we use wildly popular Express.js library which sees > 50 million downloads / month.

Are the APIs secure - does it have Auth and ACL ?

XgeneCloud is fully secure with built in session based authentication and authorisation. We currently support Google and Facebook Authorisation.
Authentication also covers things related to email verification, forgot password & reset password. Support for 3rd party Auth libraries Auth0, Firebase, Amazon Cognito will be there in future.

What information about Project do you store into your Cloud ?

None. All your Project related information are stored as json files in your project directory. This includes DB Credentials, APIs, ACL, API Collections, Query Bookmarks.

Is Access Control List (ACL) or Role Based Access Control (RBAC) ?

XgeneCloud not only auto generates access control list for all the tables but also provides GUI to manage these permissions for each category of users and models. Again, these ACL are done in really modular way such that each ACL file is associated with its corresponding router and middleware file.

ACL/RBAC enables developer to manage fine grained access to underlying models to various category of users.

Does APIs have pagination ?

Yes all APIs have built in pagination.

Is there support for Swagger API specification for REST APIs ?

XgeneCloud automatically generates swagger documentation for all the REST APIs so that you have to never write one from scartch! Generated documentation is done in a really modular way so that each router file is associated with a swagger documentation. This makes it really easy to follow and update.

Swagger is the most adapted open source API documentation. Swagger's interactive live documentation not only helps developer to understand APIs but also to invoke the APIs.

Can the APIs resist SQL injection attacks ?

Prepared SQL queries which are safe are executed when data is fetched from Database.

Should I write web hooks to add business logic for CRUD APIs ?

No.

XgeneCloud not just creates your CRUD APIs but also generates 'source code' for that APIs too!! So adding business logic is as easy changing a CRUD function in node.js.

GraphQL : Does it have solution for N+1 problem in GraphQL ?

Yes, all nested queries are handled via data loader library which negates the N+1 data fetch problem

How to data validation for models ?

You can write really complex and data validation function within the models generated for you.

I have more questions ?

Please join our wonderful community at discord.