I just managed to get my own authentication system working using just graphQL, no meteor-accounts. I got a lot of help from looking at orionsoft/meteor-apollo-accounts. I found I had to make changes to apollographql/meteor-integration to make it work right.
I create a token using apollo, then store the token in localStorage just like meteor-accounts does. But then I had a tough time getting the apollo integration to pass that token to the server in the headers. Then once, I got that step done, I found the logic on the server side was also hard-wired to meteor-accounts, so I had to rewrite that as well.
Could we decouple this a little or at least make it easier to pass args to createNetworkInterface and createApolloServer that allow other authentication systems to connect nicely? The problem I have now is that I have to keep the code I wrote updated. I’d be happy to share my code, if it would help anyone.
I think that the sore spot right now with the current situation of Apollo & Meteor integration is accounts. I know a lot of work is being done to de-couple Accounts, and that’s great. I think this is another area where that could be done better. I doesn’t make since to me to use graphQL for everything except authentication.
Authentication is always complicated, and I think that was one of the things that drew so many people to Meteor in the first place. A graphQL authentication solution would be great. I could write one, but I wish apollographql/meteor-integration was more cooperative.