Authorization in the GraphQL era
Authorization in the GraphQL era by Nikolay Sverchkov
“More and more teams choose GraphQL as the transport protocol for their projects. Switching the paradigm brings many benefits but comes at the price of figuring out how to deal with the well-known problems in this new world. Let’s talk about a particular one—access control organization.
In this talk, I’d like to discuss the differences between graph nodes and controller actions when dealing with user permissions, the pattern of crafting …