Yeah, I like the idea of using the custom JS hooks for custom auth: Implement custom JS resolvers in GraphQL. There’s also an argument for not needing the JS and just being able to write the rule as straight out DQL. Though I wonder if it’s best to just start with the most flexible mechanism in the hooks and then add a DQL option if that turns out to be simpler in lots of cases.
4 Likes