graphql-auth 0.3.0 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/graphql/mutations/auth/forgot_password.rb +2 -1
- data/app/graphql/mutations/auth/lock_account.rb +31 -0
- data/app/graphql/mutations/auth/reset_password.rb +1 -1
- data/app/graphql/mutations/auth/sign_in.rb +5 -4
- data/app/graphql/mutations/auth/sign_up.rb +2 -2
- data/app/graphql/mutations/auth/unlock_account.rb +31 -0
- data/app/graphql/mutations/auth/update_account.rb +1 -1
- data/app/graphql/mutations/auth/validate_token.rb +16 -7
- data/app/graphql/types/graphql_auth.rb +21 -10
- data/app/helpers/graphql/auth_helper.rb +13 -17
- data/db/migrate/20190226175233_add_lockable_to_devise.rb +5 -0
- data/lib/generators/graphql_auth/templates/graphql_auth.rb.erb +4 -10
- data/lib/graphql-auth/configuration.rb +6 -15
- data/lib/graphql-auth/version.rb +1 -1
- metadata +6 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 239047f413613df84be135670d06f73647858b26e809c4e01758480e76b70d78
|
|
4
|
+
data.tar.gz: 9a2e28b7ef4376a9599d75b4fbbba0e7a393b949d65d5ddf20dff79d94e56850
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1a1d89eb38a6568dde0443258f7c056045c78d5dd02dc583f6c8b5a48f4122beef8bf7f9af7d98318d77184860169a9b68869761e9832aca2fe796b66b60cc85
|
|
7
|
+
data.tar.gz: 5576358760b8c8b820476055d673b8a793dd6f16d71031d5286f3b3e02aeda417e79f9ffe942c7af49e58556a51ae967072f4977042fde31cf33eaac63167ca3
|
|
@@ -10,7 +10,8 @@ class Mutations::Auth::ForgotPassword < GraphQL::Schema::Mutation
|
|
|
10
10
|
field :valid, Boolean, null: false
|
|
11
11
|
|
|
12
12
|
def resolve(email:)
|
|
13
|
-
user = User.find_by email: email
|
|
13
|
+
user = User.where(locked_at: nil).find_by email: email
|
|
14
|
+
|
|
14
15
|
user.send_reset_password_instructions if user.present?
|
|
15
16
|
|
|
16
17
|
{
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
class Mutations::Auth::LockAccount < GraphQL::Schema::Mutation
|
|
4
|
+
argument :id, ID, required: true do
|
|
5
|
+
description 'User id'
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
field :errors, [::Types::Auth::Error], null: false
|
|
9
|
+
field :success, Boolean, null: false
|
|
10
|
+
field :user, GraphQL::Auth.configuration.user_type.constantize, null: true
|
|
11
|
+
|
|
12
|
+
def resolve(id:)
|
|
13
|
+
user = User.where(locked_at: nil).find_by id: id
|
|
14
|
+
|
|
15
|
+
if context[:current_user] && user.present? && user.lock_access!
|
|
16
|
+
{
|
|
17
|
+
errors: [],
|
|
18
|
+
success: true,
|
|
19
|
+
user: user
|
|
20
|
+
}
|
|
21
|
+
else
|
|
22
|
+
{
|
|
23
|
+
errors: [
|
|
24
|
+
{ field: :_error, message: I18n.t('devise.locks.cannot_lock') }
|
|
25
|
+
],
|
|
26
|
+
success: false,
|
|
27
|
+
user: user
|
|
28
|
+
}
|
|
29
|
+
end
|
|
30
|
+
end
|
|
31
|
+
end
|
|
@@ -17,7 +17,7 @@ class Mutations::Auth::ResetPassword < GraphQL::Schema::Mutation
|
|
|
17
17
|
field :success, Boolean, null: false
|
|
18
18
|
|
|
19
19
|
def resolve(args)
|
|
20
|
-
user = User.reset_password_by_token args
|
|
20
|
+
user = User.where(locked_at: nil).reset_password_by_token args
|
|
21
21
|
|
|
22
22
|
if user.errors.any?
|
|
23
23
|
{
|
|
@@ -11,18 +11,19 @@ class Mutations::Auth::SignIn < GraphQL::Schema::Mutation
|
|
|
11
11
|
description "The user's password"
|
|
12
12
|
end
|
|
13
13
|
|
|
14
|
-
argument :remember_me, Boolean, required:
|
|
14
|
+
argument :remember_me, Boolean, required: false do
|
|
15
15
|
description "User's checkbox to be remembered after connection timeout"
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
field :errors, [::Types::Auth::Error], null: false
|
|
19
19
|
field :success, Boolean, null: false
|
|
20
|
-
field :user, ::
|
|
20
|
+
field :user, GraphQL::Auth.configuration.user_type.constantize, null: true
|
|
21
21
|
|
|
22
22
|
def resolve(email:, password:, remember_me:)
|
|
23
23
|
response = context[:response]
|
|
24
24
|
|
|
25
|
-
user = User.find_by email: email
|
|
25
|
+
user = User.where(locked_at: nil).find_by email: email
|
|
26
|
+
|
|
26
27
|
valid_sign_in = user.present? && user.valid_password?(password)
|
|
27
28
|
|
|
28
29
|
if valid_sign_in
|
|
@@ -44,7 +45,7 @@ class Mutations::Auth::SignIn < GraphQL::Schema::Mutation
|
|
|
44
45
|
}
|
|
45
46
|
],
|
|
46
47
|
success: false,
|
|
47
|
-
user: nil
|
|
48
|
+
user: nil
|
|
48
49
|
}
|
|
49
50
|
end
|
|
50
51
|
end
|
|
@@ -17,7 +17,7 @@ class Mutations::Auth::SignUp < GraphQL::Schema::Mutation
|
|
|
17
17
|
|
|
18
18
|
field :errors, [::Types::Auth::Error], null: false
|
|
19
19
|
field :success, Boolean, null: false
|
|
20
|
-
field :user, ::
|
|
20
|
+
field :user, GraphQL::Auth.configuration.user_type.constantize, null: true
|
|
21
21
|
|
|
22
22
|
def resolve(args)
|
|
23
23
|
response = context[:response]
|
|
@@ -37,7 +37,7 @@ class Mutations::Auth::SignUp < GraphQL::Schema::Mutation
|
|
|
37
37
|
{ field: field.to_s.camelize(:lower), message: messages.first.capitalize }
|
|
38
38
|
end,
|
|
39
39
|
success: false,
|
|
40
|
-
user: nil
|
|
40
|
+
user: nil
|
|
41
41
|
}
|
|
42
42
|
end
|
|
43
43
|
end
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
class Mutations::Auth::UnlockAccount < GraphQL::Schema::Mutation
|
|
4
|
+
argument :id, ID, required: true do
|
|
5
|
+
description 'User id'
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
field :errors, [::Types::Auth::Error], null: false
|
|
9
|
+
field :success, Boolean, null: false
|
|
10
|
+
field :user, GraphQL::Auth.configuration.user_type.constantize, null: true
|
|
11
|
+
|
|
12
|
+
def resolve(id:)
|
|
13
|
+
user = User.where.not(locked_at: nil).find_by id: id
|
|
14
|
+
|
|
15
|
+
if context[:current_user] && user.present? && user.unlock_access!
|
|
16
|
+
{
|
|
17
|
+
errors: [],
|
|
18
|
+
success: true,
|
|
19
|
+
user: user
|
|
20
|
+
}
|
|
21
|
+
else
|
|
22
|
+
{
|
|
23
|
+
errors: [
|
|
24
|
+
{ field: :_error, message: I18n.t('devise.unlocks.cannot_unlock') }
|
|
25
|
+
],
|
|
26
|
+
success: false,
|
|
27
|
+
user: user
|
|
28
|
+
}
|
|
29
|
+
end
|
|
30
|
+
end
|
|
31
|
+
end
|
|
@@ -15,7 +15,7 @@ class Mutations::Auth::UpdateAccount < GraphQL::Schema::Mutation
|
|
|
15
15
|
|
|
16
16
|
field :errors, [::Types::Auth::Error], null: false
|
|
17
17
|
field :success, Boolean, null: false
|
|
18
|
-
field :user, ::
|
|
18
|
+
field :user, GraphQL::Auth.configuration.user_type.constantize, null: true
|
|
19
19
|
|
|
20
20
|
def resolve(args)
|
|
21
21
|
user = context[:current_user]
|
|
@@ -3,17 +3,26 @@
|
|
|
3
3
|
class Mutations::Auth::ValidateToken < GraphQL::Schema::Mutation
|
|
4
4
|
field :errors, [::Types::Auth::Error], null: false
|
|
5
5
|
field :success, Boolean, null: false
|
|
6
|
-
field :user, ::
|
|
6
|
+
field :user, GraphQL::Auth.configuration.user_type.constantize, null: true
|
|
7
7
|
field :valid, Boolean, null: false
|
|
8
8
|
|
|
9
9
|
def resolve
|
|
10
10
|
user = context[:current_user]
|
|
11
11
|
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
12
|
+
if user.present? && !user.access_locked?
|
|
13
|
+
{
|
|
14
|
+
errors: [],
|
|
15
|
+
success: true,
|
|
16
|
+
user: user,
|
|
17
|
+
valid: true
|
|
18
|
+
}
|
|
19
|
+
else
|
|
20
|
+
{
|
|
21
|
+
errors: [],
|
|
22
|
+
success: false,
|
|
23
|
+
user: nil,
|
|
24
|
+
valid: false
|
|
25
|
+
}
|
|
26
|
+
end
|
|
18
27
|
end
|
|
19
28
|
end
|
|
@@ -3,13 +3,24 @@
|
|
|
3
3
|
module Types::GraphqlAuth
|
|
4
4
|
include GraphQL::Schema::Interface
|
|
5
5
|
|
|
6
|
-
field :sign_in, mutation:
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
field :
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
6
|
+
field :sign_in, mutation: ::Mutations::Auth::SignIn
|
|
7
|
+
|
|
8
|
+
if GraphQL::Auth.configuration.lock_account_mutation
|
|
9
|
+
field :sign_up, mutation: ::Mutations::Auth::SignUp
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
field :forgot_password, mutation: ::Mutations::Auth::ForgotPassword
|
|
13
|
+
field :reset_password, mutation: ::Mutations::Auth::ResetPassword
|
|
14
|
+
|
|
15
|
+
field :update_account, mutation: ::Mutations::Auth::UpdateAccount
|
|
16
|
+
|
|
17
|
+
field :validate_token, mutation: ::Mutations::Auth::ValidateToken
|
|
18
|
+
|
|
19
|
+
if GraphQL::Auth.configuration.lock_account_mutation
|
|
20
|
+
field :lock_account, mutation: Mutations::Auth::LockAccount
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
if GraphQL::Auth.configuration.unlock_account_mutation
|
|
24
|
+
field :unlock_account, mutation: Mutations::Auth::UnlockAccount
|
|
25
|
+
end
|
|
26
|
+
end
|
|
@@ -9,40 +9,36 @@ module Graphql
|
|
|
9
9
|
def context
|
|
10
10
|
{
|
|
11
11
|
current_user: current_user,
|
|
12
|
-
response: response
|
|
12
|
+
response: response
|
|
13
13
|
}
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
# set current user from Authorization header
|
|
17
17
|
def current_user
|
|
18
|
-
|
|
18
|
+
authorization_token = request.headers['Authorization']
|
|
19
|
+
return nil if authorization_token.nil?
|
|
19
20
|
|
|
20
|
-
decrypted_token = GraphQL::Auth::JwtManager.decode(
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
user = User.find_by id: user_id
|
|
21
|
+
decrypted_token = GraphQL::Auth::JwtManager.decode(authorization_token)
|
|
22
|
+
user = User.find_by id: decrypted_token['user']
|
|
23
|
+
return nil if user.blank? || user.access_locked?
|
|
24
24
|
|
|
25
25
|
# update token if user is found with token
|
|
26
|
-
|
|
27
|
-
generate_access_token(user, response)
|
|
28
|
-
end
|
|
26
|
+
generate_access_token(user, response)
|
|
29
27
|
|
|
30
28
|
user
|
|
31
29
|
|
|
32
30
|
# rescue expired Authorization header with RefreshToken header
|
|
33
31
|
rescue JWT::ExpiredSignature
|
|
34
|
-
|
|
32
|
+
refresh_token = request.headers['RefreshToken']
|
|
33
|
+
return nil if refresh_token.nil?
|
|
35
34
|
|
|
36
|
-
user = User.find_by refresh_token:
|
|
35
|
+
user = User.find_by refresh_token: refresh_token
|
|
36
|
+
return nil if user.blank? || user.access_locked?
|
|
37
37
|
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
set_refresh_token(user, response)
|
|
41
|
-
end
|
|
38
|
+
generate_access_token(user, response)
|
|
39
|
+
set_refresh_token(user, response)
|
|
42
40
|
|
|
43
41
|
user
|
|
44
42
|
end
|
|
45
|
-
|
|
46
|
-
|
|
47
43
|
end
|
|
48
44
|
end
|
|
@@ -3,15 +3,9 @@ GraphQL::Auth.configure do |config|
|
|
|
3
3
|
# config.jwt_secret_key = ENV['JWT_SECRET_KEY']
|
|
4
4
|
# config.app_url = ENV['APP_URL']
|
|
5
5
|
|
|
6
|
-
# config.user_type = ::
|
|
6
|
+
# config.user_type = '::Types::Auth::User'
|
|
7
7
|
|
|
8
|
-
# config.
|
|
9
|
-
# config.
|
|
10
|
-
|
|
11
|
-
# config.forgot_password_mutation = ::Mutations::Auth::ForgotPassword
|
|
12
|
-
# config.reset_password_mutation = ::Mutations::Auth::ResetPassword
|
|
13
|
-
|
|
14
|
-
# config.update_account_mutation = ::Mutations::Auth::UpdateAccount
|
|
15
|
-
|
|
16
|
-
# config.validate_token_mutation = ::Mutations::Auth::ValidateToken
|
|
8
|
+
# config.sign_up_mutation = false
|
|
9
|
+
# config.lock_account_mutation = false
|
|
10
|
+
# config.unlock_account_mutation = false
|
|
17
11
|
end
|
|
@@ -5,29 +5,20 @@ module GraphQL
|
|
|
5
5
|
:jwt_secret_key,
|
|
6
6
|
:app_url,
|
|
7
7
|
:user_type,
|
|
8
|
-
:sign_in_mutation,
|
|
9
8
|
:sign_up_mutation,
|
|
10
|
-
:
|
|
11
|
-
:
|
|
12
|
-
:update_account_mutation,
|
|
13
|
-
:validate_token_mutation
|
|
9
|
+
:lock_account_mutation,
|
|
10
|
+
:unlock_account_mutation
|
|
14
11
|
|
|
15
12
|
def initialize
|
|
16
13
|
@token_lifespan = 4.hours
|
|
17
14
|
@jwt_secret_key = ENV['JWT_SECRET_KEY']
|
|
18
15
|
@app_url = ENV['APP_URL']
|
|
19
16
|
|
|
20
|
-
@user_type = ::Types::Auth::User
|
|
17
|
+
@user_type = '::Types::Auth::User'
|
|
21
18
|
|
|
22
|
-
@
|
|
23
|
-
@
|
|
24
|
-
|
|
25
|
-
@forgot_password_mutation = ::Mutations::Auth::ForgotPassword
|
|
26
|
-
@reset_password_mutation = ::Mutations::Auth::ResetPassword
|
|
27
|
-
|
|
28
|
-
@update_account_mutation = ::Mutations::Auth::UpdateAccount
|
|
29
|
-
|
|
30
|
-
@validate_token_mutation = ::Mutations::Auth::ValidateToken
|
|
19
|
+
@sign_up_mutation = false
|
|
20
|
+
@lock_account_mutation = false
|
|
21
|
+
@unlock_account_mutation = false
|
|
31
22
|
end
|
|
32
23
|
end
|
|
33
24
|
end
|
data/lib/graphql-auth/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,15 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: graphql-auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Guillaume Ferland
|
|
8
|
+
- Brice Sanchez
|
|
8
9
|
autorequire:
|
|
9
10
|
bindir: bin
|
|
10
11
|
cert_chain: []
|
|
11
|
-
date: 2019-
|
|
12
|
+
date: 2019-03-05 00:00:00.000000000 Z
|
|
12
13
|
dependencies:
|
|
13
14
|
- !ruby/object:Gem::Dependency
|
|
14
15
|
name: rails
|
|
@@ -146,9 +147,11 @@ files:
|
|
|
146
147
|
- README.md
|
|
147
148
|
- Rakefile
|
|
148
149
|
- app/graphql/mutations/auth/forgot_password.rb
|
|
150
|
+
- app/graphql/mutations/auth/lock_account.rb
|
|
149
151
|
- app/graphql/mutations/auth/reset_password.rb
|
|
150
152
|
- app/graphql/mutations/auth/sign_in.rb
|
|
151
153
|
- app/graphql/mutations/auth/sign_up.rb
|
|
154
|
+
- app/graphql/mutations/auth/unlock_account.rb
|
|
152
155
|
- app/graphql/mutations/auth/update_account.rb
|
|
153
156
|
- app/graphql/mutations/auth/validate_token.rb
|
|
154
157
|
- app/graphql/types/auth/error.rb
|
|
@@ -158,6 +161,7 @@ files:
|
|
|
158
161
|
- app/helpers/graphql/token_helper.rb
|
|
159
162
|
- app/views/devise/mailer/reset_password_instructions.html.erb
|
|
160
163
|
- db/migrate/20190108151146_add_refresh_token_to_user.rb
|
|
164
|
+
- db/migrate/20190226175233_add_lockable_to_devise.rb
|
|
161
165
|
- lib/generators/graphql_auth/install_generator.rb
|
|
162
166
|
- lib/generators/graphql_auth/templates/graphql_auth.rb.erb
|
|
163
167
|
- lib/graphql-auth.rb
|