Pass authentication through root resolver instead of middleware?

[chainlink]

Hi there,
Is is possible to pass authentication via &graph.Resolver{} instead of through context? Having Auth in middleware/context tightly couples it to the implementation (and requires all tests, etc to be blessed with the right context) As well, it would be nice to be able to use the graphql error presenter for eveything including auth, instead of bailing out early in middleware

To do this, I think I need to generate the schema per request, but I'm not sure of the performance penalty here

[Ekliptor]

I am also interested in this question. Especially since it would also make it easier to manage different GraphQL queries which require different user permissions.

Any examples on how to to this?

[philipjscott]

Isn't doing auth through the GraphQL layer impossible in certain cases? (e.g. cookie-based authentication)

https://github.com/99designs/gqlgen/blob/master/docs/content/recipes/authentication.md

Because GraphQL is transport agnostic we can't assume there will even be an HTTP request, so we need to expose these authentication details to our graph using a middleware.

[chainlink]

I'm happy if it's not built into gqlgen, but would be nice to have a path for it for folks that would like it.

[philipjscott]

I suppose, but the question is whether it's even possible for some users. Suppose you're sending an authorization token through a cookie, how will you be able to access it in the root resolver? Since GraphQL is supposed to support both websocket and "normal" HTTP requests, it'll definitely complicate the resolver API to add this functionality.

Of course, there are definitely pros; I wonder what the maintainers think.