What is a good pattern for implementing access control in a GraphQL server?

Question

Background:

I have a set of models, including a User and various other models, some of which contain references to a User. I am exposing these models f

Answer 1

I create a rule base access control to be used with GraphQL.

https://github.com/joonhocho/graphql-rule

It is simple and unopionated that it can be used with or without GraphQL.

You can use it with a plain javascript objects.

Hope it helps GraphQLers!