graphql-auth 0.5.0 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +21 -15
- data/app/graphql/mutations/auth/validate_token.rb +4 -2
- data/app/graphql/types/graphql_auth.rb +5 -5
- data/app/helpers/graphql/account_lock_helper.rb +8 -0
- data/app/helpers/graphql/auth_helper.rb +3 -2
- data/lib/generators/graphql_auth/templates/graphql_auth.rb.erb +10 -4
- data/lib/graphql-auth/configuration.rb +12 -5
- data/lib/graphql-auth/version.rb +1 -1
- metadata +14 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5a5caee96621fce2d96fada271e528b513529e1f31036774ce512e832deb0fbe
|
|
4
|
+
data.tar.gz: a9df192c6455909cf08695d852f809008aac56c3f40f98f9181fae3ba1ca9c80
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e35e7e38363252aed17bf28a91ec98d7c1ea83cdc412c7f17106fedc2d1d56bd345a15200f5ac2b08aec03f8a241d8c661e56d7b2027352c94b39745001b503c
|
|
7
|
+
data.tar.gz: f8fecc6295f27c8f364f3de464a8aad808f10350feb30f2bfa97b4d0388a109dd339f6b6707a2dfabea9e17c2848871a3201bb9c3b7d4d015bf8d5075647685a
|
data/README.md
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# GraphQL Auth
|
|
1
|
+
# GraphQL Auth
|
|
2
2
|
|
|
3
3
|
[](https://travis-ci.org/o2web/graphql-auth) [](https://codeclimate.com/github/o2web/graphql-auth/maintainability)
|
|
4
4
|
[](https://rubygems.org/gems/graphql-auth)
|
|
@@ -21,7 +21,7 @@ And then execute:
|
|
|
21
21
|
Or install it yourself as:
|
|
22
22
|
|
|
23
23
|
$ gem install graphql-auth
|
|
24
|
-
|
|
24
|
+
|
|
25
25
|
Then run the installer to create `graphql_auth.rb` file in your initializers folder.
|
|
26
26
|
|
|
27
27
|
```
|
|
@@ -30,14 +30,14 @@ rails g graphql_auth:install
|
|
|
30
30
|
|
|
31
31
|
Make sure to read all configurations present inside the file and fill them with your own configs.
|
|
32
32
|
|
|
33
|
-
## Devise gem
|
|
33
|
+
## Devise gem
|
|
34
34
|
|
|
35
|
-
Use Devise with a User model and skip all route
|
|
35
|
+
Use Devise with a User model and skip all route
|
|
36
36
|
|
|
37
|
-
```ruby
|
|
38
|
-
Rails.application.routes.draw do
|
|
39
|
-
devise_for :users, skip: :all
|
|
40
|
-
end
|
|
37
|
+
```ruby
|
|
38
|
+
Rails.application.routes.draw do
|
|
39
|
+
devise_for :users, skip: :all
|
|
40
|
+
end
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
## Usage
|
|
@@ -62,22 +62,22 @@ Rails.application.config.middleware.insert_before 0, Rack::Cors do
|
|
|
62
62
|
max_age: 600
|
|
63
63
|
end
|
|
64
64
|
end
|
|
65
|
-
```
|
|
65
|
+
```
|
|
66
66
|
|
|
67
67
|
Make sure to include `Graphql::AuthHelper` in your `GraphqlController`. A context method returning the current_user will be available
|
|
68
68
|
|
|
69
69
|
```ruby
|
|
70
70
|
class GraphqlController < ActionController::API
|
|
71
|
-
|
|
71
|
+
|
|
72
72
|
include Graphql::AuthHelper
|
|
73
|
-
|
|
73
|
+
|
|
74
74
|
def execute
|
|
75
75
|
variables = ensure_hash(params[:variables])
|
|
76
76
|
query = params[:query]
|
|
77
77
|
operation_name = params[:operationName]
|
|
78
78
|
result = ::GraphqlSchema.execute(query, variables: variables, context: context, operation_name: operation_name)
|
|
79
79
|
render json: result
|
|
80
|
-
|
|
80
|
+
|
|
81
81
|
...
|
|
82
82
|
```
|
|
83
83
|
|
|
@@ -101,9 +101,15 @@ GraphQL::Auth.configure do |config|
|
|
|
101
101
|
|
|
102
102
|
# config.user_type = '::Types::Auth::User'
|
|
103
103
|
|
|
104
|
-
#
|
|
105
|
-
#
|
|
106
|
-
# config.
|
|
104
|
+
# Devise allowed actions
|
|
105
|
+
# Don't forget to enable the lockable setting in your Devise user model if you plan on using the lock_account feature
|
|
106
|
+
# config.allow_sign_up = true
|
|
107
|
+
# config.allow_lock_account = false
|
|
108
|
+
# config.allow_unlock_account = false
|
|
109
|
+
|
|
110
|
+
# Allow custom mutations for signup and update account
|
|
111
|
+
# config.sign_up_mutation = '::Mutations::Auth::SignUp'
|
|
112
|
+
# config.update_account_mutation = '::Mutations::Auth::UpdateAccount'
|
|
107
113
|
end
|
|
108
114
|
```
|
|
109
115
|
|
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
class Mutations::Auth::ValidateToken < GraphQL::Schema::Mutation
|
|
4
|
+
include ::Graphql::AccountLockHelper
|
|
5
|
+
|
|
4
6
|
field :errors, [::Types::Auth::Error], null: false
|
|
5
7
|
field :success, Boolean, null: false
|
|
6
8
|
field :user, GraphQL::Auth.configuration.user_type.constantize, null: true
|
|
@@ -9,7 +11,7 @@ class Mutations::Auth::ValidateToken < GraphQL::Schema::Mutation
|
|
|
9
11
|
def resolve
|
|
10
12
|
user = context[:current_user]
|
|
11
13
|
|
|
12
|
-
if user.present? && !user
|
|
14
|
+
if user.present? && !account_locked?(user)
|
|
13
15
|
{
|
|
14
16
|
errors: [],
|
|
15
17
|
success: true,
|
|
@@ -25,4 +27,4 @@ class Mutations::Auth::ValidateToken < GraphQL::Schema::Mutation
|
|
|
25
27
|
}
|
|
26
28
|
end
|
|
27
29
|
end
|
|
28
|
-
end
|
|
30
|
+
end
|
|
@@ -5,22 +5,22 @@ module Types::GraphqlAuth
|
|
|
5
5
|
|
|
6
6
|
field :sign_in, mutation: ::Mutations::Auth::SignIn
|
|
7
7
|
|
|
8
|
-
if GraphQL::Auth.configuration.
|
|
9
|
-
field :sign_up, mutation: ::
|
|
8
|
+
if GraphQL::Auth.configuration.allow_sign_up
|
|
9
|
+
field :sign_up, mutation: GraphQL::Auth.configuration.sign_up_mutation.constantize
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
field :forgot_password, mutation: ::Mutations::Auth::ForgotPassword
|
|
13
13
|
field :reset_password, mutation: ::Mutations::Auth::ResetPassword
|
|
14
14
|
|
|
15
|
-
field :update_account, mutation: ::
|
|
15
|
+
field :update_account, mutation: GraphQL::Auth.configuration.update_account_mutation.constantize
|
|
16
16
|
|
|
17
17
|
field :validate_token, mutation: ::Mutations::Auth::ValidateToken
|
|
18
18
|
|
|
19
|
-
if GraphQL::Auth.configuration.
|
|
19
|
+
if GraphQL::Auth.configuration.allow_lock_account
|
|
20
20
|
field :lock_account, mutation: Mutations::Auth::LockAccount
|
|
21
21
|
end
|
|
22
22
|
|
|
23
|
-
if GraphQL::Auth.configuration.
|
|
23
|
+
if GraphQL::Auth.configuration.allow_unlock_account
|
|
24
24
|
field :unlock_account, mutation: Mutations::Auth::UnlockAccount
|
|
25
25
|
end
|
|
26
26
|
end
|
|
@@ -4,6 +4,7 @@
|
|
|
4
4
|
|
|
5
5
|
module Graphql
|
|
6
6
|
module AuthHelper
|
|
7
|
+
include ::Graphql::AccountLockHelper
|
|
7
8
|
include ::Graphql::TokenHelper
|
|
8
9
|
|
|
9
10
|
def context
|
|
@@ -20,7 +21,7 @@ module Graphql
|
|
|
20
21
|
|
|
21
22
|
decrypted_token = GraphQL::Auth::JwtManager.decode(authorization_token)
|
|
22
23
|
user = User.find_by id: decrypted_token['user']
|
|
23
|
-
return nil if user.blank? || user
|
|
24
|
+
return nil if user.blank? || account_locked?(user)
|
|
24
25
|
|
|
25
26
|
# update token if user is found with token
|
|
26
27
|
generate_access_token(user, response)
|
|
@@ -33,7 +34,7 @@ module Graphql
|
|
|
33
34
|
return nil if refresh_token.nil?
|
|
34
35
|
|
|
35
36
|
user = User.find_by refresh_token: refresh_token
|
|
36
|
-
return nil if user.blank? || user
|
|
37
|
+
return nil if user.blank? || account_locked?(user)
|
|
37
38
|
|
|
38
39
|
generate_access_token(user, response)
|
|
39
40
|
set_refresh_token(user, response)
|
|
@@ -5,7 +5,13 @@ GraphQL::Auth.configure do |config|
|
|
|
5
5
|
|
|
6
6
|
# config.user_type = '::Types::Auth::User'
|
|
7
7
|
|
|
8
|
-
#
|
|
9
|
-
#
|
|
10
|
-
# config.
|
|
11
|
-
|
|
8
|
+
# Devise allowed actions
|
|
9
|
+
# Don't forget to enable the lockable setting in your Devise user model if you plan on using the lock_account feature
|
|
10
|
+
# config.allow_sign_up = true
|
|
11
|
+
# config.allow_lock_account = false
|
|
12
|
+
# config.allow_unlock_account = false
|
|
13
|
+
|
|
14
|
+
# Allow custom mutations for signup and update account
|
|
15
|
+
# config.sign_up_mutation = '::Mutations::Auth::SignUp'
|
|
16
|
+
# config.update_account_mutation = '::Mutations::Auth::UpdateAccount'
|
|
17
|
+
end
|
|
@@ -5,9 +5,11 @@ module GraphQL
|
|
|
5
5
|
:jwt_secret_key,
|
|
6
6
|
:app_url,
|
|
7
7
|
:user_type,
|
|
8
|
+
:allow_sign_up,
|
|
9
|
+
:allow_lock_account,
|
|
10
|
+
:allow_unlock_account,
|
|
8
11
|
:sign_up_mutation,
|
|
9
|
-
:
|
|
10
|
-
:unlock_account_mutation
|
|
12
|
+
:update_account_mutation
|
|
11
13
|
|
|
12
14
|
def initialize
|
|
13
15
|
@token_lifespan = 4.hours
|
|
@@ -16,9 +18,14 @@ module GraphQL
|
|
|
16
18
|
|
|
17
19
|
@user_type = '::Types::Auth::User'
|
|
18
20
|
|
|
19
|
-
|
|
20
|
-
@
|
|
21
|
-
@
|
|
21
|
+
# Devise allowed actions
|
|
22
|
+
@allow_sign_up = true
|
|
23
|
+
@allow_lock_account = false
|
|
24
|
+
@allow_unlock_account = false
|
|
25
|
+
|
|
26
|
+
# Allow custom mutations for signup and update account
|
|
27
|
+
@sign_up_mutation = '::Mutations::Auth::SignUp'
|
|
28
|
+
@update_account_mutation = '::Mutations::Auth::UpdateAccount'
|
|
22
29
|
end
|
|
23
30
|
end
|
|
24
31
|
end
|
data/lib/graphql-auth/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,15 +1,16 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: graphql-auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.6.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Guillaume Ferland
|
|
8
8
|
- Brice Sanchez
|
|
9
|
+
- Guillaume Loubier
|
|
9
10
|
autorequire:
|
|
10
11
|
bindir: bin
|
|
11
12
|
cert_chain: []
|
|
12
|
-
date: 2019-
|
|
13
|
+
date: 2019-08-15 00:00:00.000000000 Z
|
|
13
14
|
dependencies:
|
|
14
15
|
- !ruby/object:Gem::Dependency
|
|
15
16
|
name: rails
|
|
@@ -52,6 +53,9 @@ dependencies:
|
|
|
52
53
|
- - "~>"
|
|
53
54
|
- !ruby/object:Gem::Version
|
|
54
55
|
version: '4.6'
|
|
56
|
+
- - ">="
|
|
57
|
+
- !ruby/object:Gem::Version
|
|
58
|
+
version: 4.6.2
|
|
55
59
|
type: :runtime
|
|
56
60
|
prerelease: false
|
|
57
61
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -59,6 +63,9 @@ dependencies:
|
|
|
59
63
|
- - "~>"
|
|
60
64
|
- !ruby/object:Gem::Version
|
|
61
65
|
version: '4.6'
|
|
66
|
+
- - ">="
|
|
67
|
+
- !ruby/object:Gem::Version
|
|
68
|
+
version: 4.6.2
|
|
62
69
|
- !ruby/object:Gem::Dependency
|
|
63
70
|
name: jwt
|
|
64
71
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -93,14 +100,14 @@ dependencies:
|
|
|
93
100
|
requirements:
|
|
94
101
|
- - "~>"
|
|
95
102
|
- !ruby/object:Gem::Version
|
|
96
|
-
version:
|
|
103
|
+
version: 2.0.2
|
|
97
104
|
type: :development
|
|
98
105
|
prerelease: false
|
|
99
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
100
107
|
requirements:
|
|
101
108
|
- - "~>"
|
|
102
109
|
- !ruby/object:Gem::Version
|
|
103
|
-
version:
|
|
110
|
+
version: 2.0.2
|
|
104
111
|
- !ruby/object:Gem::Dependency
|
|
105
112
|
name: rake
|
|
106
113
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -163,6 +170,7 @@ files:
|
|
|
163
170
|
- app/graphql/types/auth/error.rb
|
|
164
171
|
- app/graphql/types/auth/user.rb
|
|
165
172
|
- app/graphql/types/graphql_auth.rb
|
|
173
|
+
- app/helpers/graphql/account_lock_helper.rb
|
|
166
174
|
- app/helpers/graphql/auth_helper.rb
|
|
167
175
|
- app/helpers/graphql/token_helper.rb
|
|
168
176
|
- app/views/devise/mailer/reset_password_instructions.html.erb
|
|
@@ -195,7 +203,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
195
203
|
- !ruby/object:Gem::Version
|
|
196
204
|
version: '0'
|
|
197
205
|
requirements: []
|
|
198
|
-
|
|
206
|
+
rubyforge_project:
|
|
207
|
+
rubygems_version: 2.7.6
|
|
199
208
|
signing_key:
|
|
200
209
|
specification_version: 4
|
|
201
210
|
summary: GraphQL + JWT + Devise
|