I'm using with my projects GraphQL, recently implemented your api_guard. Honestly its pretty good but I dont see option to like authenticate user but despite that user is logged allow to pass through just leaving current user nil.
It's needed to me as all graphql requests passes through one controller that passes user info to all queries. When I'm logged in all works well but in other way it dont stopping on unauthorized error on all queries.

@xxSkyy You can add a condition for authenticate_and_set_user before action to skip for unauthenticated controller actions. I think this should be a good way to handle your case.

Let me know if you have any difficulties in doing this.

I know but that's not the case. Like - all queries passing execute method in graphQL controller so I can't add condition to it as there's one method for all.

I fixed it myself by doing simple method for before action, I need to improve query but for now need some sleep

  def jwt_auth 
    @token = request.headers['Authorization']&.split('Bearer ')&.last
    @user = nil

    if @token
    begin
      user = decode_token
      @user = User.find(user["user_id"])
    rescue Exception => e
      raise Exception, "JWT Token is not valid or user don't exist"
    end  
    end
  end 

It'd be nice to see sth like it implemented 🎉