hey @matic so I was trying to make a directives version of GraphQL Shield but I got sidetracked with what I really have to do, so I decided to give GraphQL Shield a try and I'v got to say, I LOVE IT! Logic-based rules are so flexible, it is a really good middleware you made there... Anyway, I wrote a rules class with useful methods for a RBAC-type of permissions, though I'm not quite sure if it sticks to the RBAC definition at all, but it has roles and scopes and authentication check, I thought you might want to give it a look and see if it makes any sense at all: https://gist.github.com/dukuo/351f581e54b0af863f7155110e8f39c6 . looking forward to any comments from @everyone btw! Next step is to write unit tests to properly check that everything's in order.

@Dukuo I am so happy to hear that! Random fact; me and Johannes first thought of creating a version which would support code and directives but got side tracked as well 😂

Yeah, there's a lot of things to consider when developing directives.. I'm wondering if it's feasible to inject directives as a Middleware, but even then it would take a few more steps to configure than your implementation. So, what do you think? I haven't had much experience building security stuff so maybe this has a horrendously dangerous assumption somewhere 😆