Lately I've been trying out some new technologies that may change web development. The GraphQL query language combined with a serverless architecture enabled by Lambda form a wonderful combination that makes the work of developing an API and managing a server obsolete. Or does it? Let's have a peek into the future!
Here's the problem. You want to prevent access to parts of your app for users that are not logged in, and additionally you want to prevent logged in users without the right role or access level (non-admins typically) from accessing yet more parts of your app.