Closed olup closed 6 days ago
Well, for now you can reuse the generated types, add extra input field for auth and wrap generated by drizzle-graphql
handler in your own with auth check. As long as you keep the names of input fields the same - everything should work fine.
Actually I just reviewed graphsl-authz as a maintained auth layer over any schémas that could fit the bill
I am watching this project with great hopes.
From experience, an auto-generated db-to-api systems needs two crucial things:
There used to be projects like
graphql shield
that tried to offer that as universal third party, but is not maintained anymore. Some framework like postgraphile or pg_graphql rely on RLS, but I always thought Authr should live in the codebase, plus column based security is hard to nail.So my question would be - what do you recommend as good practice to add authorization in a
drizzle-graphql
stack ? Is there a plan to include something in the library itself ?Cheers