PostgREST Turns PostGRE RESTful
Written by Kay Ewbank   
Thursday, 21 November 2019

PostgREST,  a standalone web server that turns your PostgreSQL database directly into a RESTful API has been updated with improvements to full text search and support for embedding views.

PostgREST serves a fully RESTful API from any existing PostgreSQL database. The developers say it provides a cleaner, more standards-compliant, faster API than you are likely to write from scratch. and achieves sub-second response times for up to 2000 requests per second on Heroku free tier.


One reason for the speed is that the server is written in Haskell using the Warp HTTP server, which is a compiled language with lightweight threads. PostgREST delegates as much calculation as possible to the database including serializing JSON responses directly in SQL, data validation, authorization, and combined row counting and retrieval.

It also uses the database efficiently with the Hasql library by keeping a pool of db connections, using the PostgreSQL binary protocol, and being stateless to allow horizontal scaling.

PostgREST handles authentication via JSON Web Tokens and delegates authorization to the role information defined in the database. This avoids problems of having multiple version of what roles can access what information. When dealing with the database the server assumes the identity of the currently authenticated user, and for the duration of the connection can't do anything the user themselves couldn't. Other forms of authentication can be built on top of the JWT primitive. Because PostgREST uses PostgreSQL you get row-level security. If you're running PostgREST against PostgreSQL 9.5, it supports true row-level security. Earlier versions simulate it with triggers and security-barrier views.

The developers say PostgREST offers a good alternative to manual CRUD programming, you can use PostgreSQL to join data and let its query planner figure out the details rather than to loop through rows yourself. They also say PostgREST offers leak-proof abstraction as there's no ORM involved. Creating new views happens in SQL with known performance implications.


More Information 

PostgREST On GitHub

PostgREST Homepage

Related Articles

PostgreSQL 12 Released

The Enduring Influence Of Postgres

PostgreSQL Improves Declarative Partitioning 

PostgreSQL Adds Parallel Query Support


To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on, Twitter, Facebook or Linkedin.


Apache Samza Adds Container Placements API

Apache's distributed stream processing framework Samza has been updated to version 1.5. Improvements include a simplified job submission workflow that provides improved security, and the ability to mo [ ... ]

Rust Is Safer But Do We Use It Safely

Rust seems to be the great hope to create a safer programming language. It provides sophisticated checks on what you are doing that make it more difficult to write code that can hide a bug or allow an [ ... ]

More News





or email your comment to:

Last Updated ( Thursday, 21 November 2019 )