Above is a big reason for not directly exposing a Dgraph’s Graphql api to clients as not all users should have full read and write permission to every defined type in a Graphql schema. While Dgraph’s Graphql interface is amazingly powerful by creating all the base CRUD APIs from schema, for use in real apps, there needs to be a way to define user roles, and what roles have read/write access for each type.
When reading https://graphql.dgraph.io/docs/schema/ it says:
Also, expect to see GraphQL subscriptions and authorization and authentication features built in. For existing Dgraph users, we’ll be adding features to boot your existing schema into GraphQL and ways you can define your own queries backed by whatever GraphQL± you like.
Can a Dgraph dev share with us what’s being worked on regarding “authorization and authentication features”? This, together with custom logic in resolvers for validations and external API calls, would turn Dgraph into a full blown Graphql server with all the features and scalability of Dgraph underneath for customizing APIs that’s been “generated”.
Keep us posted on progress on these!