I know lots of folks here are interested in how best to handle authorization in GRANDstack and GraphQL in general. For a while we've been planning to add a schema directive based approach to authorization in neo4j-graphql.js. I've put together a prototype example of what this will look in a demo app and a blog post. The post also covers other approaches of handling auth in GRANDstack.
Please let me know what feedback ya'll have.