Testing SPA frameworks with no backend code

This project started out when I wanted to experiment with making a Single-Page App using a few different Javascript frameworks to get a better feel for how they worked. With most of the app being in Javascript already, it seemed natural to write the backend in Javascript too, using Node. I put a Postgresql database behind it to finish up the stack.

I was never entirely thrilled with the backend architecture of this toy app - it seemed like I was mostly just wrapping SQL calls in HTTP wrappers. I tried out using Postgresql’s JSON capabilities to handle receiving and returning JSON. This worked, but it made the backend code seem even more awkward and pointless. Then I saw something else that I wanted to try out.

I read about Postgrest, and started to think I might be able to replace the backend code with it. I had seen a couple of other apps that claimed to create a full complement of HTTP commands around a Postgresql database schema, but the other ones I tried proved awkward to get up and running. Postgrest proved pretty simple to fire up, though it’s still missing some infrastructure on running as a proper server.

For a little background on Postgrest, it takes a Postgresql database and provides an automatic REST-like API for accessing it, including INSERT, SELECT, UPDATE, and DELETE. You can also run functions through web requests. All security is through the database role system. You give it a high-permission DB login that has authority to switch to any of your actual user roles, and a low-permission one meant for unauthenticated default users. There’s a JWT-based system for authenticating role membership, and you put the actual login logic in DB functions.

When I got this up and running, and started to add a few more features through it, I realized that I had done something interesting - a webapp with no backend code. Figure that a standard webapp probably has like 90% of the business logic in the backend code, and like 5% each in the frontend and database. This one has roughly 80% in the frontend, 20% in the database, and none in the backend.

This clearly can’t work for all webapps. Some have business logic too complex or performance-sensitive to run in the database, and too security-sensitive or otherwise cumbersome to run in the frontend. It seems like a worthwhile idea for the cases where it could work though.

Just to get the full experience, I put the Angular version of it online here. Not that it’s anything super-impressive by features, but everything seems to work all right. Only downside is the slowness of loading all of the initial Javascript to start the app, but everything is nice and snappy once it’s loaded.