Is Basic Auth with Scopes support possible?

[TJMusiitwa]

All the documentation has been great so far to be able to spin up an API that I was then able to expand to be served over GraphQL with Hasura, deployed on Heroku.

That aside, I do have 3 questions;

1. I need to protect some endpoint operations(mostly POST/PUT operations) whilst using Basic Auth. Is there a way to go about that with Scopes where in this example, I would like the get operation to be open to all but the put operation only open to a user with authenticated scope access.

  Future<Response> getSummary() async {
    final summaryQuery = Query<Summary>(context);
    final summary = await summaryQuery.fetch();

    return Response.ok(summary)
      ..cachePolicy = const CachePolicy(expirationFromNow: Duration(days: 1));
  }

  @Operation.put()
  Future<Response> updateSummary() async {
    final summary = Summary()
      ..read(await request.body.decode(), ignore: ["id"]);

    final query = Query<Summary>(context)
      ..values = summary
      ..where((s) => s.lastUpdated).lessThan(DateTime.now().toLocal());

    final updateSummary = await query.updateOne();

    return Response.ok(updateSummary);
  }

2. I am wondering if there is a way to exclude some endpoints from the Swagger Documentation in my case it would be most of my PUT/POST operations.

3. Whilst I am actively developing the API and is already deployed on Heroku with a Postgres database. How can I be able to continue pushing changes to the source code, that will not require me to backup my data, then reset the database each time?