I currently have to decide on a access control library for a project and so far graphql shield seems to be the best one. I've looked at the documentation and it seems to be relatively straightforward. I've found this video to be quite helpful as a basic introduction. I'd love to see some more in-depth stuff, like authorization on a field level basis, etc. Anyway, great video :)
I guess it depends. My preferred method would be gateway level. Unless your individual services are public then you might need some authorisation there too.
I was using an outdated library and spent a whole day figuring out how to do this with the Apollo v4. You are a hero man.
I currently have to decide on a access control library for a project and so far graphql shield seems to be the best one.
I've looked at the documentation and it seems to be relatively straightforward. I've found this video to be quite helpful as a basic introduction. I'd love to see some more in-depth stuff, like authorization on a field level basis, etc.
Anyway, great video :)
GraphQL Shield is awesome! I'll be making more videos on it in the future for sure :)
Would I use this on a gateway, or the individual micro-services connected to that gateway?
I guess it depends. My preferred method would be gateway level.
Unless your individual services are public then you might need some authorisation there too.
great video