Dgraph uses JWT auth. I’m using https://magic.link to log users in, then I generate a JWT serverside and hand it back to the user. The JWT authorises the GraphQL requests coming from their client (browser). I posted some example code in Discord you can search for.
Agree that Dgraph ideally needs a Supabase-like UI for quickly configuring and verifying auth rules. Would speed up Dev time a lot