RubyGems - graphql_devise - Versions diffs - 0.11.4 → 0.13.0 - Mend

graphql_devise 0.11.4 → 0.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (172) hide show

data/Rakefile CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 begin
   require 'bundler/setup'
 rescue LoadError

data/app/controllers/graphql_devise/application_controller.rb CHANGED

@@ -1,8 +1,9 @@
-module GraphqlDevise
-  class ApplicationController < DeviseTokenAuth::ApplicationController
-    private
+# frozen_string_literal: true
-    def verify_authenticity_token
-    end
+module GraphqlDevise
+  ApplicationController = if Rails::VERSION::MAJOR >= 5
+    Class.new(ActionController::API)
+  else
+    Class.new(ActionController::Base)
   end
 end

data/app/controllers/graphql_devise/concerns/set_user_by_token.rb CHANGED

@@ -1,5 +1,36 @@
+# frozen_string_literal: true
 module GraphqlDevise
   module Concerns
     SetUserByToken = DeviseTokenAuth::Concerns::SetUserByToken
+    SetUserByToken.module_eval do
+      attr_accessor :client_id, :token, :resource
+      def full_url_without_params
+        request.base_url + request.path
+      end
+      def set_resource_by_token(resource)
+        set_user_by_token(resource)
+      end
+      def graphql_context(resource_name)
+        {
+          resource_name: resource_name,
+          controller:    self
+        }
+      end
+      def build_redirect_headers(access_token, client, redirect_header_options = {})
+        {
+          DeviseTokenAuth.headers_names[:"access-token"] => access_token,
+          DeviseTokenAuth.headers_names[:client] => client,
+          :config => params[:config],
+          :client_id => client,
+          :token => access_token
+        }.merge(redirect_header_options)
+      end
+    end
   end
 end

data/app/controllers/graphql_devise/graphql_controller.rb CHANGED

@@ -1,7 +1,11 @@
+# frozen_string_literal: true
 require_dependency 'graphql_devise/application_controller'
 module GraphqlDevise
   class GraphqlController < ApplicationController
+    include GraphqlDevise::Concerns::SetUserByToken
     def auth
       result = if params[:_json]
         GraphqlDevise::Schema.multiplex(

data/app/helpers/graphql_devise/application_helper.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module GraphqlDevise
   module ApplicationHelper
   end

data/app/helpers/graphql_devise/mailer_helper.rb CHANGED

@@ -1,7 +1,9 @@
+# frozen_string_literal: true
 module GraphqlDevise
   module MailerHelper
     def confirmation_query(resource_name:, token:, redirect_url:)
-      name = "#{resource_name.camelize(:lower)}ConfirmAccount"
+      name = "#{resource_name.underscore.tr('/', '_').camelize(:lower)}ConfirmAccount"
       raw = <<-GRAPHQL
         query($token:String!,$redirectUrl:String!){
           #{name}(confirmationToken:$token,redirectUrl:$redirectUrl){
@@ -17,7 +19,7 @@ module GraphqlDevise
     end
     def password_reset_query(token:, redirect_url:, resource_name:)
-      name = "#{resource_name.camelize(:lower)}CheckPasswordToken"
+      name = "#{resource_name.underscore.tr('/', '_').camelize(:lower)}CheckPasswordToken"
       raw = <<-GRAPHQL
         query($token:String!,$redirectUrl:String!){
           #{name}(resetPasswordToken:$token,redirectUrl:$redirectUrl){

data/app/models/graphql_devise/concerns/model.rb CHANGED

@@ -1,5 +1,15 @@
+# frozen_string_literal: true
+require 'graphql_devise/model/with_email_updater'
 module GraphqlDevise
   module Concerns
     Model = DeviseTokenAuth::Concerns::User
+    Model.module_eval do
+      def update_with_email(attributes = {})
+        GraphqlDevise::Model::WithEmailUpdater.new(self, attributes).call
+      end
+    end
   end
 end

data/app/views/graphql_devise/mailer/confirmation_instructions.html.erb CHANGED

@@ -2,4 +2,4 @@
 <p><%= t('.confirm_link_msg') %></p>
-<p><%= link_to t('.confirm_account_link'), url_for(controller: 'graphql_devise/graphql', action: :auth, **confirmation_query(resource_name: @resource.class.to_s, redirect_url: message['redirect-url'], token: @token)) %></p>
+<p><%= link_to t('.confirm_account_link'), "#{message['schema_url']}?#{confirmation_query(resource_name: @resource.class.to_s, redirect_url: message['redirect-url'], token: @token).to_query}" %></p>

data/app/views/graphql_devise/mailer/reset_password_instructions.html.erb CHANGED

@@ -2,7 +2,7 @@
 <p><%= t('.request_reset_link_msg') %></p>
-<p><%= link_to t('.password_change_link'), url_for(controller: 'graphql_devise/graphql', action: :auth, **password_reset_query(token: @token, redirect_url: message['redirect-url'], resource_name: @resource.class.to_s)) %></p>
+<p><%= link_to t('.password_change_link'), "#{message['schema_url']}?#{password_reset_query(token: @token, redirect_url: message['redirect-url'], resource_name: @resource.class.to_s).to_query}" %></p>
 <p><%= t('.ignore_mail_msg') %></p>
 <p><%= t('.no_changes_msg') %></p>

data/config/locales/en.yml CHANGED

@@ -14,6 +14,7 @@ en:
       password_not_required: "This account does not require a password. Sign in using your '%{provider}' account instead."
       reset_token_not_found: "No user found for the specified reset token."
       reset_token_expired: "Reset password token is no longer valid."
+      send_instructions: "You will receive an email with instructions on how to reset your password in a few minutes."
     sessions:
       bad_credentials: "Invalid login credentials. Please try again."
       not_confirmed: "A confirmation email was sent to your account at '%{email}'. You must follow the instructions in the email before your account can be activated"

data/config/routes.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 GraphqlDevise::Engine.routes.draw do
   # Required as Devise forces routes to reload on eager_load
   unless GraphqlDevise.schema_loaded?
@@ -12,5 +14,7 @@ GraphqlDevise::Engine.routes.draw do
     GraphqlDevise::Schema.query(GraphqlDevise::Types::QueryType)
     GraphqlDevise.load_schema
+    Devise.mailer.helper(GraphqlDevise::MailerHelper)
   end
 end

data/graphql_devise.gemspec CHANGED

@@ -21,13 +21,15 @@ Gem::Specification.new do |spec|
   spec.bindir        = 'exe'
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
-  spec.test_files    = Dir['spec/**/*']
+  spec.test_files    = Dir.chdir(File.expand_path(__dir__)) do
+    `git ls-files -z`.split("\x0").select { |f| f.match(%r{^spec/}) }
+  end
   spec.required_ruby_version = '>= 2.2.0'
-  spec.add_dependency 'devise_token_auth', '>= 0.1.43'
-  spec.add_dependency 'graphql', '>= 1.8'
-  spec.add_dependency 'rails', '>= 4.2'
+  spec.add_dependency 'devise_token_auth', '>= 0.1.43', '< 2.0'
+  spec.add_dependency 'graphql', '>= 1.8', '< 1.12.0'
+  spec.add_dependency 'rails', '>= 4.2', '< 6.2'
   spec.add_development_dependency 'appraisal'
   spec.add_development_dependency 'coveralls'

data/lib/generators/graphql_devise/install_generator.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module GraphqlDevise
   class InstallGenerator < ::Rails::Generators::Base
     source_root File.expand_path('templates', __dir__)
@@ -5,6 +7,8 @@ module GraphqlDevise
     argument :user_class, type: :string, default: 'User'
     argument :mount_path, type: :string, default: 'auth'
+    class_option :mount, type: :string, default: 'separate_route'
     def execute_devise_installer
       generate 'devise:install'
     end
@@ -29,15 +33,20 @@ module GraphqlDevise
     def mount_resource_route
       routes_file = 'config/routes.rb'
-      gem_route   = "mount_graphql_devise_for '#{user_class}', at: '#{mount_path}'"
       dta_route   = "mount_devise_token_auth_for '#{user_class}', at: '#{mount_path}'"
-      if file_contains_str?(routes_file, gem_route)
+      if options['mount'] != 'separate_route'
         gsub_file(routes_file, /^\s+#{Regexp.escape(dta_route + "\n")}/i, '')
-        say_status('skipped', "Routes already exist for #{user_class} at #{mount_path}")
       else
-        gsub_file(routes_file, /#{Regexp.escape(dta_route)}/i, gem_route)
+        gem_route = "mount_graphql_devise_for '#{user_class}', at: '#{mount_path}'"
+        if file_contains_str?(routes_file, gem_route)
+          gsub_file(routes_file, /^\s+#{Regexp.escape(dta_route + "\n")}/i, '')
+          say_status('skipped', "Routes already exist for #{user_class} at #{mount_path}")
+        else
+          gsub_file(routes_file, /#{Regexp.escape(dta_route)}/i, gem_route)
+        end
       end
     end
@@ -65,6 +74,22 @@ module GraphqlDevise
       )
     end
+    def mount_in_schema
+      return if options['mount'] == 'separate_route'
+      inject_into_file "app/graphql/#{options['mount'].underscore}.rb", after: "< GraphQL::Schema\n" do
+<<-RUBY
+  use GraphqlDevise::SchemaPlugin.new(
+    query:            Types::QueryType,
+    mutation:         Types::MutationType,
+    resource_loaders: [
+      GraphqlDevise::ResourceLoader.new('#{user_class}'),
+    ]
+  )
+RUBY
+      end
+    end
     private
     def file_contains_str?(filename, regex_str)

data/lib/graphql_devise.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'rails'
 require 'graphql'
 require 'devise_token_auth'
@@ -18,15 +20,32 @@ module GraphqlDevise
     @schema_loaded = true
   end
-  def self.mount_resource(resource)
-    @mounted_resources << resource
+  def self.resource_mounted?(mapping_name)
+    @mounted_resources.include?(mapping_name)
+  end
+  def self.mount_resource(mapping_name)
+    @mounted_resources << mapping_name
   end
-  def self.resource_mounted?(resource)
-    @mounted_resources.include?(resource)
+  def self.add_mapping(mapping_name, resource)
+    return if Devise.mappings.key?(mapping_name)
+    Devise.add_mapping(
+      mapping_name.to_s.pluralize.to_sym,
+      module: :devise, class_name: resource
+    )
   end
 end
+require 'graphql_devise/engine'
+require 'graphql_devise/version'
+require 'graphql_devise/errors/error_codes'
+require 'graphql_devise/errors/execution_error'
+require 'graphql_devise/errors/user_error'
+require 'graphql_devise/errors/authentication_error'
+require 'graphql_devise/errors/detailed_user_error'
 require 'graphql_devise/concerns/controller_methods'
 require 'graphql_devise/schema'
 require 'graphql_devise/types/authenticatable_type'
@@ -37,13 +56,10 @@ require 'graphql_devise/default_operations/mutations'
 require 'graphql_devise/default_operations/resolvers'
 require 'graphql_devise/resolvers/dummy'
-require 'graphql_devise/engine'
-require 'graphql_devise/version'
-require 'graphql_devise/error_codes'
-require 'graphql_devise/user_error'
-require 'graphql_devise/detailed_user_error'
 require 'graphql_devise/mount_method/option_sanitizer'
 require 'graphql_devise/mount_method/options_validator'
 require 'graphql_devise/mount_method/operation_preparer'
 require 'graphql_devise/mount_method/operation_sanitizer'
+require 'graphql_devise/resource_loader'
+require 'graphql_devise/schema_plugin'

data/lib/graphql_devise/concerns/controller_methods.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module GraphqlDevise
   module Concerns
     module ControllerMethods

data/lib/graphql_devise/default_operations/mutations.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'graphql_devise/mutations/base'
 require 'graphql_devise/mutations/login'
 require 'graphql_devise/mutations/logout'
@@ -9,12 +11,12 @@ require 'graphql_devise/mutations/update_password'
 module GraphqlDevise
   module DefaultOperations
     MUTATIONS = {
-      login:               GraphqlDevise::Mutations::Login,
-      logout:              GraphqlDevise::Mutations::Logout,
-      sign_up:             GraphqlDevise::Mutations::SignUp,
-      update_password:     GraphqlDevise::Mutations::UpdatePassword,
-      send_password_reset: GraphqlDevise::Mutations::SendPasswordReset,
-      resend_confirmation: GraphqlDevise::Mutations::ResendConfirmation
+      login:               { klass: GraphqlDevise::Mutations::Login, authenticatable: true },
+      logout:              { klass: GraphqlDevise::Mutations::Logout, authenticatable: true },
+      sign_up:             { klass: GraphqlDevise::Mutations::SignUp, authenticatable: true },
+      update_password:     { klass: GraphqlDevise::Mutations::UpdatePassword, authenticatable: true },
+      send_password_reset: { klass: GraphqlDevise::Mutations::SendPasswordReset, authenticatable: false },
+      resend_confirmation: { klass: GraphqlDevise::Mutations::ResendConfirmation, authenticatable: false }
     }.freeze
   end
 end

data/lib/graphql_devise/default_operations/resolvers.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'graphql_devise/resolvers/base'
 require 'graphql_devise/resolvers/check_password_token'
 require 'graphql_devise/resolvers/confirm_account'
@@ -5,8 +7,8 @@ require 'graphql_devise/resolvers/confirm_account'
 module GraphqlDevise
   module DefaultOperations
     QUERIES = {
-      confirm_account:      GraphqlDevise::Resolvers::ConfirmAccount,
-      check_password_token: GraphqlDevise::Resolvers::CheckPasswordToken
+      confirm_account:      { klass: GraphqlDevise::Resolvers::ConfirmAccount },
+      check_password_token: { klass: GraphqlDevise::Resolvers::CheckPasswordToken }
     }.freeze
   end
 end

data/lib/graphql_devise/engine.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'graphql_devise/rails/routes'
 module GraphqlDevise

data/lib/graphql_devise/errors/authentication_error.rb ADDED

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+module GraphqlDevise
+  class AuthenticationError < ExecutionError
+    def to_h
+      super.merge(extensions: { code: ERROR_CODES.fetch(:authentication_error) })
+    end
+  end
+end

data/lib/graphql_devise/{detailed_user_error.rb → errors/detailed_user_error.rb} RENAMED

@@ -1,5 +1,7 @@
+# frozen_string_literal: true
 module GraphqlDevise
-  class DetailedUserError < GraphQL::ExecutionError
+  class DetailedUserError < ExecutionError
     def initialize(message, errors:)
       @message = message
       @errors  = errors

data/lib/graphql_devise/errors/error_codes.rb ADDED

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+module GraphqlDevise
+  ERROR_CODES = {
+    user_error:           'USER_ERROR',
+    authentication_error: 'AUTHENTICATION_ERROR'
+  }.freeze
+end

data/lib/graphql_devise/errors/execution_error.rb ADDED

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+module GraphqlDevise
+  class ExecutionError < GraphQL::ExecutionError
+  end
+end

data/lib/graphql_devise/{user_error.rb → errors/user_error.rb} RENAMED

@@ -1,5 +1,7 @@
+# frozen_string_literal: true
 module GraphqlDevise
-  class UserError < GraphQL::ExecutionError
+  class UserError < ExecutionError
     def to_h
       super.merge(extensions: { code: ERROR_CODES.fetch(:user_error) })
     end

data/lib/graphql_devise/model/with_email_updater.rb ADDED

@@ -0,0 +1,74 @@
+# frozen_string_literal: true
+module GraphqlDevise
+  module Model
+    class WithEmailUpdater
+      def initialize(resource, attributes)
+        @attributes = attributes
+        @resource   = resource
+      end
+      def call
+        resource_attributes = @attributes.except(:schema_url, :confirmation_success_url)
+        return @resource.update(resource_attributes) unless requires_reconfirmation?(resource_attributes)
+        @resource.assign_attributes(resource_attributes)
+        if @resource.email == email_in_database
+          return @resource.save
+        elsif required_reconfirm_attributes?
+          return false unless @resource.valid?
+          store_unconfirmed_email
+          saved = @resource.save
+          send_confirmation_instructions(saved)
+          saved
+        else
+          raise(
+            GraphqlDevise::Error,
+            'Method `update_with_email` requires attributes `confirmation_success_url` and `schema_url` for email reconfirmation to work'
+          )
+        end
+      end
+      private
+      def required_reconfirm_attributes?
+        @attributes[:schema_url].present? &&
+          (@attributes[:confirmation_success_url].present? || DeviseTokenAuth.default_confirm_success_url.present?)
+      end
+      def requires_reconfirmation?(resource_attributes)
+        resource_attributes.key?(:email) &&
+          @resource.devise_modules.include?(:confirmable) &&
+          @resource.respond_to?(:unconfirmed_email=)
+      end
+      def store_unconfirmed_email
+        @resource.unconfirmed_email  = @resource.email
+        @resource.confirmation_token = nil
+        @resource.email              = email_in_database
+        @resource.send(:generate_confirmation_token)
+      end
+      def email_in_database
+        if Devise.activerecord51?
+          @resource.email_in_database
+        else
+          @resource.email_was
+        end
+      end
+      def send_confirmation_instructions(saved)
+        return unless saved
+        @resource.send_confirmation_instructions(
+          redirect_url:  @attributes[:confirmation_success_url] || DeviseTokenAuth.default_confirm_success_url,
+          template_path: ['graphql_devise/mailer'],
+          schema_url:    @attributes[:schema_url]
+        )
+      end
+    end
+  end
+end