Using directives to allow anonymous requests

[robinmuhia]

I have an interesting problem.

Some context first, we use rest endpoints for unauthenticated requests (login, password reset requests etc) and GraqhQL for authenticated requests. I would like for all our client requests to be GraphQL. I was thinking of using directives that would an anonymous context key set to true and then check for that key in our auth/user context injection middleware. The middleware are called before the gql handler shown below that checks the directives

config.Directives.Auth = func(ctx context.Context, obj interface{}, next graphql.Resolver, isAnonymous bool) (res interface{}, err error) {
		if isAnonymous {
			ctx = context.WithValue(ctx, utils.AnonymousContextKey, true)
		} else {
			ctx = context.WithValue(ctx, utils.AnonymousContextKey, false)
		}
		return next(ctx)
	}

The main issue is that our custom middleware will return 401 before we even reach here. I found this article but the implementation looks gimmicky

Has anyone encountered such an issue?