graphql_devise 0.11.4 → 0.13.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (172) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +2 -1
  3. data/.travis.yml +7 -0
  4. data/Appraisals +14 -0
  5. data/CHANGELOG.md +56 -0
  6. data/Gemfile +2 -0
  7. data/README.md +219 -20
  8. data/Rakefile +2 -0
  9. data/app/controllers/graphql_devise/application_controller.rb +6 -5
  10. data/app/controllers/graphql_devise/concerns/set_user_by_token.rb +31 -0
  11. data/app/controllers/graphql_devise/graphql_controller.rb +4 -0
  12. data/app/helpers/graphql_devise/application_helper.rb +2 -0
  13. data/app/helpers/graphql_devise/mailer_helper.rb +4 -2
  14. data/app/models/graphql_devise/concerns/model.rb +10 -0
  15. data/app/views/graphql_devise/mailer/confirmation_instructions.html.erb +1 -1
  16. data/app/views/graphql_devise/mailer/reset_password_instructions.html.erb +1 -1
  17. data/config/locales/en.yml +1 -0
  18. data/config/routes.rb +4 -0
  19. data/graphql_devise.gemspec +6 -4
  20. data/lib/generators/graphql_devise/install_generator.rb +30 -5
  21. data/lib/graphql_devise.rb +26 -10
  22. data/lib/graphql_devise/concerns/controller_methods.rb +2 -0
  23. data/lib/graphql_devise/default_operations/mutations.rb +8 -6
  24. data/lib/graphql_devise/default_operations/resolvers.rb +4 -2
  25. data/lib/graphql_devise/engine.rb +2 -0
  26. data/lib/graphql_devise/errors/authentication_error.rb +9 -0
  27. data/lib/graphql_devise/{detailed_user_error.rb → errors/detailed_user_error.rb} +3 -1
  28. data/lib/graphql_devise/errors/error_codes.rb +8 -0
  29. data/lib/graphql_devise/errors/execution_error.rb +6 -0
  30. data/lib/graphql_devise/{user_error.rb → errors/user_error.rb} +3 -1
  31. data/lib/graphql_devise/model/with_email_updater.rb +74 -0
  32. data/lib/graphql_devise/mount_method/operation_preparer.rb +4 -2
  33. data/lib/graphql_devise/mount_method/operation_preparers/custom_operation_preparer.rb +2 -0
  34. data/lib/graphql_devise/mount_method/operation_preparers/default_operation_preparer.rb +8 -2
  35. data/lib/graphql_devise/mount_method/operation_preparers/gql_name_setter.rb +3 -1
  36. data/lib/graphql_devise/mount_method/operation_preparers/mutation_field_setter.rb +5 -2
  37. data/lib/graphql_devise/mount_method/operation_preparers/resolver_type_setter.rb +3 -1
  38. data/lib/graphql_devise/mount_method/operation_preparers/resource_name_setter.rb +4 -2
  39. data/lib/graphql_devise/mount_method/operation_sanitizer.rb +2 -0
  40. data/lib/graphql_devise/mount_method/option_sanitizer.rb +2 -0
  41. data/lib/graphql_devise/mount_method/option_sanitizers/array_checker.rb +2 -0
  42. data/lib/graphql_devise/mount_method/option_sanitizers/class_checker.rb +2 -0
  43. data/lib/graphql_devise/mount_method/option_sanitizers/hash_checker.rb +2 -0
  44. data/lib/graphql_devise/mount_method/option_sanitizers/string_checker.rb +2 -0
  45. data/lib/graphql_devise/mount_method/option_validators/provided_operations_validator.rb +2 -0
  46. data/lib/graphql_devise/mount_method/option_validators/skip_only_validator.rb +2 -0
  47. data/lib/graphql_devise/mount_method/option_validators/supported_operations_validator.rb +2 -0
  48. data/lib/graphql_devise/mount_method/options_validator.rb +2 -0
  49. data/lib/graphql_devise/mount_method/supported_options.rb +2 -0
  50. data/lib/graphql_devise/mutations/base.rb +2 -0
  51. data/lib/graphql_devise/mutations/login.rb +2 -0
  52. data/lib/graphql_devise/mutations/logout.rb +2 -0
  53. data/lib/graphql_devise/mutations/resend_confirmation.rb +5 -5
  54. data/lib/graphql_devise/mutations/send_password_reset.rb +7 -2
  55. data/lib/graphql_devise/mutations/sign_up.rb +5 -6
  56. data/lib/graphql_devise/mutations/update_password.rb +2 -0
  57. data/lib/graphql_devise/rails/routes.rb +7 -72
  58. data/lib/graphql_devise/resolvers/base.rb +2 -0
  59. data/lib/graphql_devise/resolvers/check_password_token.rb +2 -0
  60. data/lib/graphql_devise/resolvers/confirm_account.rb +4 -2
  61. data/lib/graphql_devise/resolvers/dummy.rb +2 -0
  62. data/lib/graphql_devise/resource_loader.rb +89 -0
  63. data/lib/graphql_devise/schema.rb +2 -0
  64. data/lib/graphql_devise/schema_plugin.rb +114 -0
  65. data/lib/graphql_devise/types/authenticatable_type.rb +2 -0
  66. data/lib/graphql_devise/types/credential_type.rb +2 -0
  67. data/lib/graphql_devise/types/mutation_type.rb +2 -0
  68. data/lib/graphql_devise/types/query_type.rb +2 -0
  69. data/lib/graphql_devise/version.rb +3 -1
  70. data/spec/dummy/Rakefile +2 -0
  71. data/spec/dummy/app/controllers/api/v1/graphql_controller.rb +38 -3
  72. data/spec/dummy/app/controllers/application_controller.rb +2 -0
  73. data/spec/dummy/app/graphql/dummy_schema.rb +21 -0
  74. data/spec/dummy/app/graphql/interpreter_schema.rb +11 -0
  75. data/spec/dummy/app/graphql/mutations/login.rb +2 -0
  76. data/spec/dummy/app/graphql/mutations/register_confirmed_user.rb +2 -0
  77. data/spec/dummy/app/graphql/mutations/sign_up.rb +2 -0
  78. data/spec/dummy/app/graphql/mutations/update_user.rb +22 -0
  79. data/spec/dummy/app/graphql/resolvers/public_user.rb +2 -0
  80. data/spec/dummy/app/graphql/resolvers/user_show.rb +2 -0
  81. data/spec/dummy/app/graphql/types/base_object.rb +2 -0
  82. data/spec/dummy/app/graphql/types/custom_admin_type.rb +2 -0
  83. data/spec/dummy/app/graphql/types/mutation_type.rb +4 -1
  84. data/spec/dummy/app/graphql/types/query_type.rb +12 -0
  85. data/spec/dummy/app/graphql/types/user_type.rb +2 -0
  86. data/spec/dummy/app/jobs/application_job.rb +2 -0
  87. data/spec/dummy/app/mailers/application_mailer.rb +2 -0
  88. data/spec/dummy/app/models/admin.rb +2 -0
  89. data/spec/dummy/app/models/application_record.rb +2 -0
  90. data/spec/dummy/app/models/guest.rb +2 -0
  91. data/spec/dummy/app/models/schema_user.rb +13 -0
  92. data/spec/dummy/app/models/user.rb +2 -0
  93. data/spec/dummy/app/models/users.rb +2 -0
  94. data/spec/dummy/app/models/users/customer.rb +2 -0
  95. data/spec/dummy/config.ru +2 -0
  96. data/spec/dummy/config/application.rb +2 -0
  97. data/spec/dummy/config/environment.rb +2 -0
  98. data/spec/dummy/config/environments/development.rb +2 -0
  99. data/spec/dummy/config/environments/production.rb +2 -0
  100. data/spec/dummy/config/environments/test.rb +2 -0
  101. data/spec/dummy/config/initializers/application_controller_renderer.rb +2 -0
  102. data/spec/dummy/config/initializers/backtrace_silencers.rb +2 -0
  103. data/spec/dummy/config/initializers/cors.rb +2 -0
  104. data/spec/dummy/config/initializers/devise_token_auth.rb +2 -0
  105. data/spec/dummy/config/initializers/filter_parameter_logging.rb +2 -0
  106. data/spec/dummy/config/initializers/i18n.rb +2 -0
  107. data/spec/dummy/config/initializers/inflections.rb +2 -0
  108. data/spec/dummy/config/initializers/mime_types.rb +2 -0
  109. data/spec/dummy/config/initializers/wrap_parameters.rb +2 -0
  110. data/spec/dummy/config/puma.rb +2 -0
  111. data/spec/dummy/config/routes.rb +5 -0
  112. data/spec/dummy/config/spring.rb +2 -0
  113. data/spec/dummy/db/migrate/20190815114303_create_users.rb +2 -0
  114. data/spec/dummy/db/migrate/20190824215150_add_auth_available_to_users.rb +2 -0
  115. data/spec/dummy/db/migrate/20190916012505_create_admins.rb +2 -0
  116. data/spec/dummy/db/migrate/20191013213045_create_guests.rb +2 -0
  117. data/spec/dummy/db/migrate/20200321121807_create_users_customers.rb +2 -0
  118. data/spec/dummy/db/migrate/20200621182414_remove_uncofirmed_email_from_admins.rb +7 -0
  119. data/spec/dummy/db/migrate/20200623003142_create_schema_users.rb +46 -0
  120. data/spec/dummy/db/schema.rb +30 -2
  121. data/spec/dummy/db/seeds.rb +2 -0
  122. data/spec/factories/admins.rb +2 -0
  123. data/spec/factories/guests.rb +2 -0
  124. data/spec/factories/schema_users.rb +13 -0
  125. data/spec/factories/users.rb +2 -0
  126. data/spec/factories/users_customers.rb +2 -0
  127. data/spec/generators/graphql_devise/install_generator_spec.rb +23 -0
  128. data/spec/graphql_devise/model/with_email_updater_spec.rb +131 -0
  129. data/spec/graphql_devise_spec.rb +2 -0
  130. data/spec/models/user_spec.rb +2 -0
  131. data/spec/rails_helper.rb +3 -1
  132. data/spec/requests/graphql_controller_spec.rb +82 -0
  133. data/spec/requests/mutations/additional_mutations_spec.rb +2 -0
  134. data/spec/requests/mutations/additional_queries_spec.rb +2 -0
  135. data/spec/requests/mutations/login_spec.rb +2 -0
  136. data/spec/requests/mutations/logout_spec.rb +2 -0
  137. data/spec/requests/mutations/resend_confirmation_spec.rb +46 -29
  138. data/spec/requests/mutations/send_password_reset_spec.rb +42 -12
  139. data/spec/requests/mutations/sign_up_spec.rb +2 -0
  140. data/spec/requests/mutations/update_password_spec.rb +2 -0
  141. data/spec/requests/queries/check_password_token_spec.rb +2 -0
  142. data/spec/requests/queries/confirm_account_spec.rb +9 -1
  143. data/spec/requests/user_controller_spec.rb +237 -23
  144. data/spec/services/mount_method/operation_preparer_spec.rb +10 -3
  145. data/spec/services/mount_method/operation_preparers/custom_operation_preparer_spec.rb +3 -1
  146. data/spec/services/mount_method/operation_preparers/default_operation_preparer_spec.rb +17 -8
  147. data/spec/services/mount_method/operation_preparers/gql_name_setter_spec.rb +2 -0
  148. data/spec/services/mount_method/operation_preparers/mutation_field_setter_spec.rb +20 -4
  149. data/spec/services/mount_method/operation_preparers/resolver_type_setter_spec.rb +2 -0
  150. data/spec/services/mount_method/operation_preparers/resource_name_setter_spec.rb +3 -1
  151. data/spec/services/mount_method/operation_sanitizer_spec.rb +2 -0
  152. data/spec/services/mount_method/option_sanitizer_spec.rb +2 -0
  153. data/spec/services/mount_method/option_sanitizers/array_checker_spec.rb +2 -0
  154. data/spec/services/mount_method/option_sanitizers/class_checker_spec.rb +2 -0
  155. data/spec/services/mount_method/option_sanitizers/hash_checker_spec.rb +2 -0
  156. data/spec/services/mount_method/option_sanitizers/string_checker_spec.rb +2 -0
  157. data/spec/services/mount_method/option_validators/provided_operations_validator_spec.rb +2 -0
  158. data/spec/services/mount_method/option_validators/skip_only_validator_spec.rb +2 -0
  159. data/spec/services/mount_method/option_validators/supported_operations_validator_spec.rb +2 -0
  160. data/spec/services/mount_method/options_validator_spec.rb +2 -0
  161. data/spec/services/resource_loader_spec.rb +84 -0
  162. data/spec/services/schema_plugin_spec.rb +28 -0
  163. data/spec/spec_helper.rb +2 -0
  164. data/spec/support/contexts/graphql_request.rb +2 -0
  165. data/spec/support/factory_bot.rb +2 -0
  166. data/spec/support/matchers/auth_headers_matcher.rb +2 -0
  167. data/spec/support/matchers/not_change_matcher.rb +2 -0
  168. data/spec/support/requests/auth_helpers.rb +2 -0
  169. data/spec/support/requests/json_helpers.rb +2 -0
  170. metadata +120 -87
  171. data/lib/graphql_devise/error_codes.rb +0 -5
  172. data/spec/support/generators/file_helpers.rb +0 -12
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 77e78a89405d9294b587abd9684c4448a4c08f89386d332dd73386ffe4a6f60b
4
- data.tar.gz: d9451d952032587e3ea983ffa6edd34347f3227bb4ea038d0c5da4e8c35ffaa1
3
+ metadata.gz: 34880444c63dfec84dd91addc76574355469fdab6b3e0a00100ab4edde7da869
4
+ data.tar.gz: 3e3cbc8dd402f3d2e7450f301b1f0506bd804a1a62ddc7acc5b0c6c07bd892c2
5
5
  SHA512:
6
- metadata.gz: f963bf770985c5ce4f4d533efb9a15b468ba4c6827dca1ad7b64eecc9afb4cd3944ab383452cc897367d156f950d0f19f84d501e3ae6d6b34d3a528fe4d2473f
7
- data.tar.gz: 4d49b3cbb3050db885d18265394e7e6acbc5c2208c4913dcc988aae13865dbc6b6f57e3f079cbb8edb943c4de025ca2816d6b18562ce9b625972aae82cdc4c3a
6
+ metadata.gz: 953635cd445812d68d15e20367712b3118abb4bcea774859a80ce7265bc710c9c5917804ddb80f26868e2455591c2a96d14d10d4b5c6ff36315e18680e2d1534
7
+ data.tar.gz: 8b4bbba71c257d2be8fbc73e3c07817bc013a755fde9d13c6226f748e2ceebde975888d6f4e411584c3bb45ae4e6777cd1c8023c20a7f4fb35eb51655f44bb16
data/.gitignore CHANGED
@@ -15,7 +15,8 @@ README.md.*
15
15
  /spec/dummy/tmp/
16
16
  /Gemfile.lock
17
17
  *.gemfile.lock
18
- /*.sqlite3
18
+ *.sqlite3
19
+ *.sqlite3-journal
19
20
  /spec/dummy/db/development.sqlite3
20
21
  /spec/dummy/db/test.sqlite3
21
22
  /*.gem
@@ -24,6 +24,7 @@ gemfile:
24
24
  - gemfiles/rails5.2_graphql1.8.gemfile
25
25
  - gemfiles/rails5.2_graphql1.9.gemfile
26
26
  - gemfiles/rails5.2_graphql1.10.gemfile
27
+ - gemfiles/rails5.2_graphql1.11.gemfile
27
28
 
28
29
  jobs:
29
30
  include:
@@ -45,6 +46,12 @@ jobs:
45
46
  rvm: 2.6.6
46
47
  - gemfile: gemfiles/rails6.0_graphql1.10.gemfile
47
48
  rvm: 2.7.1
49
+ - gemfile: gemfiles/rails6.0_graphql1.11.gemfile
50
+ rvm: 2.5.8
51
+ - gemfile: gemfiles/rails6.0_graphql1.11.gemfile
52
+ rvm: 2.6.6
53
+ - gemfile: gemfiles/rails6.0_graphql1.11.gemfile
54
+ rvm: 2.7.1
48
55
  - gemfile: gemfiles/rails6.0_graphql_edge.gemfile
49
56
  rvm: 2.6.6
50
57
  env:
data/Appraisals CHANGED
@@ -61,6 +61,13 @@ appraise 'rails5.2-graphql1.10' do
61
61
  gem 'rspec-rails', '< 4.0'
62
62
  end
63
63
 
64
+ appraise 'rails5.2-graphql1.11' do
65
+ gem 'sqlite3', '~> 1.3.6'
66
+ gem 'rails', github: 'rails/rails', branch: '5-2-stable'
67
+ gem 'graphql', '~> 1.11.0'
68
+ gem 'rspec-rails', '< 4.0'
69
+ end
70
+
64
71
  appraise 'rails6.0-graphql1.8' do
65
72
  gem 'sqlite3', '~> 1.4'
66
73
  gem 'devise', '>= 4.7'
@@ -82,6 +89,13 @@ appraise 'rails6.0-graphql1.10' do
82
89
  gem 'graphql', '~> 1.10.0'
83
90
  end
84
91
 
92
+ appraise 'rails6.0-graphql1.11' do
93
+ gem 'sqlite3', '~> 1.4'
94
+ gem 'devise', '>= 4.7'
95
+ gem 'rails', github: 'rails/rails', branch: '6-0-stable'
96
+ gem 'graphql', '~> 1.11.0'
97
+ end
98
+
85
99
  appraise 'rails6.0-graphql_edge' do
86
100
  gem 'sqlite3', '~> 1.4'
87
101
  gem 'devise_token_auth', github: 'lynndylanhurley/devise_token_auth', branch: 'master'
@@ -1,5 +1,61 @@
1
1
  # Changelog
2
2
 
3
+ ## [v0.13.0](https://github.com/graphql-devise/graphql_devise/tree/v0.13.0) (2020-06-22)
4
+
5
+ [Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.12.3...v0.13.0)
6
+
7
+ **Breaking changes:**
8
+
9
+ - Fix email reconfirmation feature [\#111](https://github.com/graphql-devise/graphql_devise/pull/111) ([mcelicalderon](https://github.com/mcelicalderon))
10
+
11
+ **Implemented enhancements:**
12
+
13
+ - Add frozen string literal to all relevant files [\#114](https://github.com/graphql-devise/graphql_devise/pull/114) ([mcelicalderon](https://github.com/mcelicalderon))
14
+
15
+ **Fixed bugs:**
16
+
17
+ - CookieOverflow for Own Schema Mount [\#112](https://github.com/graphql-devise/graphql_devise/issues/112)
18
+ - Reconfirmable not setting unconfirmed\_email [\#102](https://github.com/graphql-devise/graphql_devise/issues/102)
19
+
20
+ ## [v0.12.3](https://github.com/graphql-devise/graphql_devise/tree/v0.12.3) (2020-06-19)
21
+
22
+ [Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.12.2...v0.12.3)
23
+
24
+ **Implemented enhancements:**
25
+
26
+ - Add support for graphql 1.11 [\#108](https://github.com/graphql-devise/graphql_devise/pull/108) ([mcelicalderon](https://github.com/mcelicalderon))
27
+
28
+ ## [v0.12.2](https://github.com/graphql-devise/graphql_devise/tree/v0.12.2) (2020-06-17)
29
+
30
+ [Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.12.1...v0.12.2)
31
+
32
+ **Breaking changes:**
33
+
34
+ - Fix set\_resource\_by\_token no mapping error in no eager load envs [\#107](https://github.com/graphql-devise/graphql_devise/pull/107) ([mcelicalderon](https://github.com/mcelicalderon))
35
+
36
+ **Fixed bugs:**
37
+
38
+ - Separate endpoint url for mailers even if mounting the gem in your own schema [\#105](https://github.com/graphql-devise/graphql_devise/issues/105)
39
+ - Devise mapping error [\#103](https://github.com/graphql-devise/graphql_devise/issues/103)
40
+ - Use the url where the schema is mounted in emails links [\#106](https://github.com/graphql-devise/graphql_devise/pull/106) ([00dav00](https://github.com/00dav00))
41
+
42
+ ## [v0.12.1](https://github.com/graphql-devise/graphql_devise/tree/v0.12.1) (2020-06-12)
43
+
44
+ [Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.12.0...v0.12.1)
45
+
46
+ **Security fixes:**
47
+
48
+ - Insecure send password reset mutation? [\#98](https://github.com/graphql-devise/graphql_devise/issues/98)
49
+ - Avoid returning user information on password reset mutation [\#100](https://github.com/graphql-devise/graphql_devise/pull/100) ([00dav00](https://github.com/00dav00))
50
+
51
+ ## [v0.12.0](https://github.com/graphql-devise/graphql_devise/tree/v0.12.0) (2020-06-12)
52
+
53
+ [Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.11.4...v0.12.0)
54
+
55
+ **Implemented enhancements:**
56
+
57
+ - Mount auth operations in main GQL schema [\#96](https://github.com/graphql-devise/graphql_devise/pull/96) ([mcelicalderon](https://github.com/mcelicalderon))
58
+
3
59
  ## [v0.11.4](https://github.com/graphql-devise/graphql_devise/tree/v0.11.4) (2020-05-23)
4
60
 
5
61
  [Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.11.3...v0.11.4)
data/Gemfile CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  source 'https://rubygems.org'
2
4
 
3
5
  gemspec
data/README.md CHANGED
@@ -12,25 +12,34 @@ GraphQL interface on top of the [Devise Token Auth](https://github.com/lynndylan
12
12
  * [Table of Contents](#table-of-contents)
13
13
  * [Introduction](#introduction)
14
14
  * [Installation](#installation)
15
+ * [Running the Generator](#running-the-generator)
16
+ * [Mounting the Schema in a Separate Route](#mounting-the-schema-in-a-separate-route)
17
+ * [Mounting Operations in Your Own Schema](#mounting-operations-in-your-own-schema)
18
+ * [Important](#important)
15
19
  * [Usage](#usage)
16
- * [Mounting Routes manually](#mounting-routes-manually)
17
- * [Available Operations](#available-operations)
20
+ * [Mounting Auth Schema on a Separate Route](#mounting-auth-schema-on-a-separate-route)
21
+ * [Mounting Operations Into Your Own Schema](#mounting-operations-into-your-own-schema)
22
+ * [Available Mount Options](#available-mount-options)
23
+ * [Available Operations](#available-operations)
18
24
  * [Configuring Model](#configuring-model)
19
25
  * [Customizing Email Templates](#customizing-email-templates)
20
26
  * [I18n](#i18n)
21
27
  * [Authenticating Controller Actions](#authenticating-controller-actions)
28
+ * [Authenticate Before Reaching Your GQL Schema](#authenticate-before-reaching-your-gql-schema)
29
+ * [Authenticate in Your GQL Schema](#authenticate-in-your-gql-schema)
22
30
  * [Making Requests](#making-requests)
23
31
  * [Mutations](#mutations)
24
32
  * [Queries](#queries)
25
33
  * [More Configuration Options](#more-configuration-options)
26
34
  * [Devise Token Auth Initializer](#devise-token-auth-initializer)
27
35
  * [Devise Initializer](#devise-initializer)
36
+ * [GraphQL Interpreter](#graphql-interpreter)
28
37
  * [Using Alongside Standard Devise](#using-alongside-standard-devise)
29
38
  * [Future Work](#future-work)
30
39
  * [Contributing](#contributing)
31
40
  * [License](#license)
32
41
 
33
- <!-- Added by: mcelicalderon, at: Tue Apr 28 21:43:30 -05 2020 -->
42
+ <!-- Added by: mcelicalderon, at: Wed Jun 10 22:10:26 -05 2020 -->
34
43
 
35
44
  <!--te-->
36
45
 
@@ -54,13 +63,11 @@ gem 'graphql_devise'
54
63
  ```
55
64
 
56
65
  And then execute:
66
+ ```bash
67
+ $ bundle
68
+ ```
57
69
 
58
- $ bundle
59
-
60
- Next, you need to run the generator:
61
-
62
- $ bundle exec rails generate graphql_devise:install
63
-
70
+ ### Running the Generator
64
71
  Graphql Devise generator will execute `Devise` and `Devise Token Auth`
65
72
  generators for you. These will make the required changes for the gems to
66
73
  work correctly. All configurations for [Devise](https://github.com/plataformatec/devise) and
@@ -68,6 +75,11 @@ work correctly. All configurations for [Devise](https://github.com/plataformatec
68
75
  so you can read the docs there to customize your options.
69
76
  Configurations are done via initializer files as usual, one per gem.
70
77
 
78
+ #### Mounting the Schema in a Separate Route
79
+ ```bash
80
+ $ bundle exec rails generate graphql_devise:install
81
+ ```
82
+
71
83
  The generator accepts 2 params: `user_class` and `mount_path`. The params
72
84
  will be used to mount the route in `config/routes.rb`. For instance the executing:
73
85
 
@@ -87,14 +99,32 @@ Will do the following:
87
99
  `Admin` could be any model name you are going to be using for authentication,
88
100
  and `api/auth` could be any mount path you would like to use for auth.
89
101
 
90
- **Important:** Remember this gem mounts a completely separate GraphQL schema on a separate controller in the route
102
+ #### Mounting Operations in Your Own Schema
103
+ Now you can provide to the generator an option specifying
104
+ the name of your GQL schema. Doing this will skip the insertion of the mount method in the
105
+ routes file and will also add our `SchemaPlugin` to the specified schema. `user_class` param is still optional (`Admin`) in the following example.
106
+
107
+ ```bash
108
+ $ bundle exec rails g graphql_devise:install Admin --mount MySchema
109
+ ```
110
+
111
+ ### Important
112
+ Remember that by default this gem mounts a completely separate GraphQL schema on a separate controller in the route
91
113
  provided by the `at` option in the `mount_graphql_devise_for` method in the `config/routes.rb` file. If no `at`
92
- option is provided, the route will be `/graphql_auth`. This has no effect on your own application schema.
93
- More on this in the next section.
114
+ option is provided, the route will be `/graphql_auth`.
115
+
116
+ **Starting with `v0.12.0`** you can opt-in to load this gem's queries and mutations into your
117
+ own application's schema. You can actually mount a resource's auth schema in a separate route
118
+ and in your app's schema at the same time, but that's probably not a common scenario. More on
119
+ this in the next section.
94
120
 
95
121
  ## Usage
96
- ### Mounting Routes manually
97
- Routes can be added using the initializer or manually.
122
+ ### Mounting Auth Schema on a Separate Route
123
+ The generator can do this step for you by default. Remember now you can mount this gem's
124
+ auth operations into your own schema as described in [this section](#mounting-operations-into-your-own-schema).
125
+
126
+
127
+ Routes can be added using the generator or manually.
98
128
  You can mount this gem's GraphQL auth schema in your routes file like this:
99
129
 
100
130
  ```ruby
@@ -120,11 +150,83 @@ Rails.application.routes.draw do
120
150
  )
121
151
  end
122
152
  ```
153
+ The second argument of the `mount_graphql_devise` method is a hash of options where you can
154
+ customize how the queries and mutations are mounted into the schema. For a list of available
155
+ options go [here](#available-mount-options)
123
156
 
124
- Here are the options for the mount method:
157
+ ### Mounting Operations Into Your Own Schema
158
+ Starting with `v0.12.0` you can now mount the GQL operations provided by this gem into your
159
+ app's main schema.
125
160
 
126
- 1. `at`: Route where the GraphQL schema will be mounted on the Rails server. In this example your API will have these two routes: `POST /api/v1/graphql_auth` and `GET /api/v1/graphql_auth`.
127
- If this option is not specified, the schema will be mounted at `/graphql_auth`.
161
+ ```ruby
162
+ # app/graphql/dummy_schema.rb
163
+
164
+ class DummySchema < GraphQL::Schema
165
+ # It's important that this line goes before setting the query and mutation type on your
166
+ # schema in graphql versions < 1.10.0
167
+ use GraphqlDevise::SchemaPlugin.new(
168
+ query: Types::QueryType,
169
+ mutation: Types::MutationType,
170
+ resource_loaders: [
171
+ GraphqlDevise::ResourceLoader.new('User', only: [:login, :confirm_account])
172
+ ]
173
+ )
174
+
175
+ mutation(Types::MutationType)
176
+ query(Types::QueryType)
177
+ end
178
+ ```
179
+ The example above describes just one of the possible scenarios you might need.
180
+ The second argument of the `GraphqlDevise::ResourceLoader` initializer is a hash of
181
+ options where you can customize how the queries and mutations are mounted into the schema.
182
+ For a list of available options go [here](#available-mount-options).
183
+
184
+ It's important to use the plugin in your schema before assigning the mutation and query type to
185
+ it in graphql versions `< 1.10.0`. Otherwise the auth operations won't be available.
186
+
187
+ You can provide as many resource loaders as you need to the `resource_loaders` option, and each
188
+ of those will be loaded into your schema. These are the options you can initialize the
189
+ `SchemaPlugin` with:
190
+
191
+ 1. `query`: This param is mandatory unless you skip all queries via the resource loader
192
+ options. This should be the same `QueryType` you provide to the `query` method
193
+ in your schema.
194
+ 1. `mutation`: This param mandatory unless you skip all mutations via the resource loader
195
+ options. This should be the same `MutationType` you provide to the `mutation` method
196
+ in your schema.
197
+ 1. `resource_loaders`: This is an optional array of `GraphqlDevise::ResourceLoader` instances.
198
+ Here is where you specify the operations that you want to load into your app's schema.
199
+ If no loader is provided, no operations will be added to your schema, but you will still be
200
+ able to authenticate queries and mutations selectively. More on this in the controller
201
+ authentication [section](#authenticating-controller-actions).
202
+ 1. `authenticate_default`: This is a boolean value which is `true` by default. This value
203
+ defines what is the default behavior for authentication in your schema fields. `true` means
204
+ every root level field requires authentication unless specified otherwise using the
205
+ `authenticate: false` option on the field. `false` means your root level fields won't require
206
+ authentication unless specified otherwise using the `authenticate: true` option on the field.
207
+ 1. `unauthenticated_proc`: This param is optional. Here you can provide a proc that receives
208
+ one argument (field name) and is called whenever a field that requires authentication
209
+ is called without an authenticated resource. By default a `GraphQL::ExecutionError` will be
210
+ raised if authentication fails. This will provide a GQL like error message on the response.
211
+
212
+ ### Available Mount Options
213
+ Both the `mount_graphql_devise_for` method and the `GraphqlDevise::ResourceLoader` class
214
+ take the same options. So, wether you decide to mount this gem in a separate route
215
+ from your main application's schema or you use our `GraphqlDevise::SchemaPlugin` to load
216
+ this gem's auth operation into your schema, these are the options you can provide as a hash.
217
+
218
+ ```ruby
219
+ # Using the mount method in your config/routes.rb file
220
+ mount_graphql_devise_for('User', {})
221
+
222
+ # Providing options to a GraphqlDevise::ResourceLoader
223
+ GraphqlDevise::ResourceLoader.new('User', {})
224
+ ```
225
+
226
+ 1. `at`: Route where the GraphQL schema will be mounted on the Rails server.
227
+ In [this example](#mounting-auth-schema-on-a-separate-route) your API will have
228
+ these two routes: `POST /api/v1/graphql_auth` and `GET /api/v1/graphql_auth`.
229
+ If this option is not specified, the schema will be mounted at `/graphql_auth`. **This option only works if you are using the mount method.**
128
230
  1. `operations`: Specifying this is optional. Here you can override default
129
231
  behavior by specifying your own mutations and queries for every GraphQL operation.
130
232
  Check available operations in this file [mutations](https://github.com/graphql-devise/graphql_devise/blob/b5985036e01ea064e43e457b4f0c8516f172471c/lib/graphql_devise/rails/routes.rb#L19)
@@ -163,7 +265,7 @@ or [base resolver](https://github.com/graphql-devise/graphql_devise/blob/master/
163
265
  respectively, to take advantage of some of the methods provided by devise
164
266
  just like with `devise_scope`
165
267
 
166
- #### Available Operations
268
+ ### Available Operations
167
269
  The following is a list of the symbols you can provide to the `operations`, `skip` and `only` options of the mount method:
168
270
  ```ruby
169
271
  :login
@@ -175,7 +277,6 @@ The following is a list of the symbols you can provide to the `operations`, `ski
175
277
  :check_password_token
176
278
  ```
177
279
 
178
-
179
280
  ### Configuring Model
180
281
  Just like with Devise and DTA, you need to include a module in your authenticatable model,
181
282
  so with our example, your user model will have to look like this:
@@ -200,6 +301,44 @@ end
200
301
  The install generator can do this for you if you specify the `user_class` option.
201
302
  See [Installation](#installation) for details.
202
303
 
304
+ ### Email Reconfirmation
305
+ DTA and Devise support email reconfirmation. When the `confirmable` module is added to your
306
+ resource, an email is sent to the provided email address when the `signUp` mutation is used.
307
+ You can also use this gem so every time a user updates the `email` field, a new email gets sent
308
+ for the user to confirm the new email address. Only after clicking on the confirmation link,
309
+ the email will be updated on the database to use the new value.
310
+
311
+ In order to use this feature there are a couple of things to setup first:
312
+ 1. Make user your model includes the `:confirmable` module.
313
+ 1. Add an `unconfirmed_email` String column to your resource's table.
314
+
315
+ After that is done, you simply need to call a different update method on your resource,
316
+ `update_with_email`. This method behaves exactly the same as ActiveRecord's `update` method
317
+ if the previous steps are not performed, or if you are not updating the `email` attribute.
318
+ It is also mandatory to provide two additional attributes when email will change or an error
319
+ will be raised:
320
+
321
+ 1. `schema_url`: The full url where your GQL schema is mounted. You can get this value from the
322
+ controller available in the context of your mutations and queries like this:
323
+ ```ruby
324
+ context[:controller].full_url_without_params
325
+ ```
326
+ 1. `confirmation_success_url`: This the full url where you want users to be redirected after
327
+ the email has changed successfully (usually a front-end url). This value is mandatory
328
+ unless you have set `default_confirm_success_url` in your devise_token_auth initializer.
329
+
330
+ So, it's up to you where you require confirmation of changing emails.
331
+ [Here's an example](https://github.com/graphql-devise/graphql_devise/blob/c4dcb17e98f8d84cc5ac002c66ed98a797d3bc82/spec/dummy/app/graphql/mutations/update_user.rb#L13)
332
+ on how you might do this. And also a demonstration on the method usage:
333
+ ```ruby
334
+ user.update_with_email(
335
+ name: 'New Name',
336
+ email: 'new@domain.com',
337
+ schema_url: 'http://localhost:3000/graphql',
338
+ confirmation_success_url: 'https://google.com'
339
+ )
340
+ ```
341
+
203
342
  ### Customizing Email Templates
204
343
  The approach of this gem is a bit different from DeviseTokenAuth. We have placed our templates in `app/views/graphql_devise/mailer`,
205
344
  so if you want to change them, place yours on the same dir structure on your Rails project. You can customize these two templates:
@@ -216,6 +355,9 @@ Keep in mind that if your app uses multiple locales, you should set the `I18n.lo
216
355
 
217
356
  ### Authenticating Controller Actions
218
357
  Just like with Devise or DTA, you will need to authenticate users in your controllers.
358
+ For this you have two alternatives.
359
+
360
+ #### Authenticate Before Reaching Your GQL Schema
219
361
  For this you need to call `authenticate_<model>!` in a before_action hook of your controller.
220
362
  In our example our model is `User`, so it would look like this:
221
363
  ```ruby
@@ -234,6 +376,56 @@ end
234
376
 
235
377
  The install generator can do this for you because it executes DTA installer.
236
378
  See [Installation](#Installation) for details.
379
+ If authentication fails for the request for whatever reason, execution of the request is halted
380
+ and an error is returned in a REST format as the request never reaches your GQL schema.
381
+
382
+ #### Authenticate in Your GQL Schema
383
+ For this you will need to add the `GraphqlDevise::SchemaPlugin` to your schema as described
384
+ [here](#mounting-operations-into-your-own-schema).
385
+
386
+ ```ruby
387
+ # app/controllers/my_controller.rb
388
+
389
+ class MyController < ApplicationController
390
+ include GraphqlDevise::Concerns::SetUserByToken
391
+
392
+ def my_action
393
+ render json: DummySchema.execute(params[:query], context: graphql_context(:user))
394
+ end
395
+ end
396
+ ```
397
+ The `graphql_context` method receives a symbol identifying the resource you are trying
398
+ to authenticate. So if you mounted the `'User'` resource, the symbol is `:user`. You can use
399
+ this snippet to find the symbol for more complex scenarios
400
+ `resource_klass.to_s.underscore.tr('/', '_').to_sym`. `graphql_context` can also take an
401
+ array of resources if you mounted more than one into your schema. The gem will try to
402
+ authenticate a resource for each element on the array until it finds one.
403
+
404
+ Internally in your own mutations and queries a key `current_resource` will be available in
405
+ the context if a resource was successfully authenticated or `nil` otherwise.
406
+
407
+ Keep in mind that sending multiple values to the `graphql_context` method means that depending
408
+ on who makes the request, the context value `current_resource` might contain instances of the
409
+ different models you might have mounted into the schema.
410
+
411
+ Please note that by using this mechanism your GQL schema will be in control of what queries are
412
+ restricted to authenticated users and you can only do this at the root level fields of your GQL
413
+ schema. Configure the plugin as explained [here](#mounting-operations-into-your-own-schema)
414
+ so this can work.
415
+
416
+ In you main app's schema this is how you might specify if a field needs to be authenticated or not:
417
+ ```ruby
418
+ module Types
419
+ class QueryType < Types::BaseObject
420
+ # user field used the default set in the Plugin's initializer
421
+ field :user, resolver: Resolvers::UserShow
422
+ # this field will never require authentication
423
+ field :public_field, String, null: false, authenticate: false
424
+ # this field requires authentication
425
+ field :private_field, String, null: false, authenticate: true
426
+ end
427
+ end
428
+ ```
237
429
 
238
430
  ### Making Requests
239
431
  Here is a list of the available mutations and queries assuming your mounted model is `User`.
@@ -308,6 +500,14 @@ In this section the most important configurations will be highlighted.
308
500
 
309
501
  **Note:** Remember this gem adds a layer on top of Devise, so some configurations might not apply.
310
502
 
503
+ ### GraphQL Interpreter
504
+ GraphQL-Ruby `>= 1.9.0` includes a new runtime module which you may use for your schema.
505
+ Eventually, it will become the default. You can read more about it
506
+ [here](https://graphql-ruby.org/queries/interpreter).
507
+
508
+ This gem supports schemas using the interpreter and it is recommended as it introduces several
509
+ improvements which focus mainly on performance.
510
+
311
511
  ### Using Alongside Standard Devise
312
512
  The DeviseTokenAuth gem allows experimental use of the standard Devise gem to be configured at the same time, for more
313
513
  information you can check [this answer here](https://github.com/lynndylanhurley/devise_token_auth/blob/2a32f18ccce15638a74e72f6cfde5cf15a808d3f/docs/faq.md#can-i-use-this-gem-alongside-standard-devise).
@@ -318,7 +518,6 @@ standard Devise templates.
318
518
  ## Future Work
319
519
  We will continue to improve the gem and add better docs.
320
520
 
321
- 1. Add mount option that will create a separate schema for the mounted resource.
322
521
  1. Make sure this gem can correctly work alongside DTA and the original Devise gem.
323
522
  1. Improve DOCS.
324
523
  1. Add support for unlockable and other Devise modules.