Role authentication in graphql

[MTschannett]

Add a possibility to use a role based authentication directly in graphql.

This would be a convinient way to make sure users can only gather data they should see, etc. Profile informations.

I think a user object which is included in the context of graphql could be used to give the necessary infos about the current user.

Maybe a decorator could enforce the authentication check, based on roles which could be defined while developing.

The user login could either be doneby the local strategy we are using at the moment or a token based authentication method directly through graphql

The decorator could look something like this: @Authenticate(roles: [admin] or @AuthenticateOnlySameUser()

What do you think about this? I think it would be a very good starting point, because this is a important thing to use graphql in production.