Request-level middleware

[melvinkcx]

I'm using Graphene with Django, and I have a middleware that checks user auth token. I'm having an issue with the middleware being executed at the field-level. Each field resolution triggers a call to check user's token in my case.

Any suggestions to improve this? Any plans for supporting request-level middleware?

I have some idea:

1. Move auth checking into a Django middleware, but that means any exception raised will not be serialized into GraphQLResponse.
2. Add a flag is_authenticated into info.context object, if the value of info.context.is_authenticated is True, skip the middleware by calling next()

[melvinkcx]

I just released graphql-utilities including utilities to support operation-level only middleware. It targets graphql-core>=3.0 (or graphql-core-next), feel free to check it out.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[erikwrede]

Looks interesting, I will have a deeper look into this soon

[john-psina]

@erikwrede Any updates? Without fixing this problem, it is almost impossible to create an effective authentication mechanism without crutches, especially for large projects