graphql_devise 0.12.3 → 0.13.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (168) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +54 -0
  3. data/Gemfile +2 -0
  4. data/README.md +116 -65
  5. data/Rakefile +2 -0
  6. data/app/controllers/graphql_devise/application_controller.rb +2 -0
  7. data/app/controllers/graphql_devise/concerns/set_user_by_token.rb +6 -0
  8. data/app/controllers/graphql_devise/graphql_controller.rb +2 -0
  9. data/app/helpers/graphql_devise/application_helper.rb +2 -0
  10. data/app/helpers/graphql_devise/mailer_helper.rb +2 -0
  11. data/app/models/graphql_devise/concerns/model.rb +16 -0
  12. data/app/views/graphql_devise/mailer/confirmation_instructions.html.erb +1 -1
  13. data/app/views/graphql_devise/mailer/reset_password_instructions.html.erb +1 -1
  14. data/config/routes.rb +2 -0
  15. data/lib/generators/graphql_devise/install_generator.rb +3 -1
  16. data/lib/graphql_devise.rb +2 -0
  17. data/lib/graphql_devise/concerns/controller_methods.rb +2 -0
  18. data/lib/graphql_devise/default_operations/mutations.rb +2 -0
  19. data/lib/graphql_devise/default_operations/resolvers.rb +2 -0
  20. data/lib/graphql_devise/engine.rb +2 -0
  21. data/lib/graphql_devise/errors/authentication_error.rb +2 -0
  22. data/lib/graphql_devise/errors/detailed_user_error.rb +2 -0
  23. data/lib/graphql_devise/errors/error_codes.rb +2 -0
  24. data/lib/graphql_devise/errors/execution_error.rb +2 -0
  25. data/lib/graphql_devise/errors/user_error.rb +2 -0
  26. data/lib/graphql_devise/model/with_email_updater.rb +74 -0
  27. data/lib/graphql_devise/mount_method/operation_preparer.rb +2 -0
  28. data/lib/graphql_devise/mount_method/operation_preparers/custom_operation_preparer.rb +2 -0
  29. data/lib/graphql_devise/mount_method/operation_preparers/default_operation_preparer.rb +2 -0
  30. data/lib/graphql_devise/mount_method/operation_preparers/gql_name_setter.rb +2 -0
  31. data/lib/graphql_devise/mount_method/operation_preparers/mutation_field_setter.rb +2 -0
  32. data/lib/graphql_devise/mount_method/operation_preparers/resolver_type_setter.rb +2 -0
  33. data/lib/graphql_devise/mount_method/operation_preparers/resource_name_setter.rb +2 -0
  34. data/lib/graphql_devise/mount_method/operation_sanitizer.rb +2 -0
  35. data/lib/graphql_devise/mount_method/option_sanitizer.rb +2 -0
  36. data/lib/graphql_devise/mount_method/option_sanitizers/array_checker.rb +2 -0
  37. data/lib/graphql_devise/mount_method/option_sanitizers/class_checker.rb +2 -0
  38. data/lib/graphql_devise/mount_method/option_sanitizers/hash_checker.rb +2 -0
  39. data/lib/graphql_devise/mount_method/option_sanitizers/string_checker.rb +2 -0
  40. data/lib/graphql_devise/mount_method/option_validators/provided_operations_validator.rb +2 -0
  41. data/lib/graphql_devise/mount_method/option_validators/skip_only_validator.rb +2 -0
  42. data/lib/graphql_devise/mount_method/option_validators/supported_operations_validator.rb +2 -0
  43. data/lib/graphql_devise/mount_method/options_validator.rb +2 -0
  44. data/lib/graphql_devise/mount_method/supported_options.rb +2 -0
  45. data/lib/graphql_devise/mutations/base.rb +2 -0
  46. data/lib/graphql_devise/mutations/login.rb +2 -0
  47. data/lib/graphql_devise/mutations/logout.rb +2 -0
  48. data/lib/graphql_devise/mutations/resend_confirmation.rb +16 -6
  49. data/lib/graphql_devise/mutations/send_password_reset.rb +3 -1
  50. data/lib/graphql_devise/mutations/sign_up.rb +12 -3
  51. data/lib/graphql_devise/mutations/update_password.rb +2 -0
  52. data/lib/graphql_devise/rails/routes.rb +2 -0
  53. data/lib/graphql_devise/resolvers/base.rb +2 -0
  54. data/lib/graphql_devise/resolvers/check_password_token.rb +2 -0
  55. data/lib/graphql_devise/resolvers/confirm_account.rb +7 -2
  56. data/lib/graphql_devise/resolvers/dummy.rb +2 -0
  57. data/lib/graphql_devise/resource_loader.rb +2 -0
  58. data/lib/graphql_devise/schema.rb +2 -0
  59. data/lib/graphql_devise/schema_plugin.rb +8 -0
  60. data/lib/graphql_devise/types/authenticatable_type.rb +2 -0
  61. data/lib/graphql_devise/types/credential_type.rb +2 -0
  62. data/lib/graphql_devise/types/mutation_type.rb +2 -0
  63. data/lib/graphql_devise/types/query_type.rb +2 -0
  64. data/lib/graphql_devise/version.rb +3 -1
  65. data/spec/dummy/Rakefile +2 -0
  66. data/spec/dummy/app/controllers/api/v1/graphql_controller.rb +3 -1
  67. data/spec/dummy/app/controllers/application_controller.rb +2 -0
  68. data/spec/dummy/app/graphql/dummy_schema.rb +4 -1
  69. data/spec/dummy/app/graphql/interpreter_schema.rb +2 -0
  70. data/spec/dummy/app/graphql/mutations/login.rb +2 -0
  71. data/spec/dummy/app/graphql/mutations/register_confirmed_user.rb +2 -0
  72. data/spec/dummy/app/graphql/mutations/sign_up.rb +2 -0
  73. data/spec/dummy/app/graphql/mutations/update_user.rb +22 -0
  74. data/spec/dummy/app/graphql/resolvers/confirm_admin_account.rb +13 -0
  75. data/spec/dummy/app/graphql/resolvers/public_user.rb +2 -0
  76. data/spec/dummy/app/graphql/resolvers/user_show.rb +2 -0
  77. data/spec/dummy/app/graphql/types/admin_type.rb +8 -0
  78. data/spec/dummy/app/graphql/types/base_object.rb +2 -0
  79. data/spec/dummy/app/graphql/types/custom_admin_type.rb +2 -0
  80. data/spec/dummy/app/graphql/types/mutation_type.rb +3 -0
  81. data/spec/dummy/app/graphql/types/query_type.rb +2 -0
  82. data/spec/dummy/app/graphql/types/user_type.rb +2 -0
  83. data/spec/dummy/app/jobs/application_job.rb +2 -0
  84. data/spec/dummy/app/mailers/application_mailer.rb +2 -0
  85. data/spec/dummy/app/models/admin.rb +2 -0
  86. data/spec/dummy/app/models/application_record.rb +2 -0
  87. data/spec/dummy/app/models/guest.rb +2 -0
  88. data/spec/dummy/app/models/schema_user.rb +13 -0
  89. data/spec/dummy/app/models/user.rb +2 -0
  90. data/spec/dummy/app/models/users.rb +2 -0
  91. data/spec/dummy/app/models/users/customer.rb +2 -0
  92. data/spec/dummy/config.ru +2 -0
  93. data/spec/dummy/config/application.rb +2 -0
  94. data/spec/dummy/config/environment.rb +2 -0
  95. data/spec/dummy/config/environments/development.rb +2 -0
  96. data/spec/dummy/config/environments/production.rb +2 -0
  97. data/spec/dummy/config/environments/test.rb +2 -0
  98. data/spec/dummy/config/initializers/application_controller_renderer.rb +2 -0
  99. data/spec/dummy/config/initializers/backtrace_silencers.rb +2 -0
  100. data/spec/dummy/config/initializers/cors.rb +2 -0
  101. data/spec/dummy/config/initializers/devise.rb +1 -1
  102. data/spec/dummy/config/initializers/devise_token_auth.rb +2 -0
  103. data/spec/dummy/config/initializers/filter_parameter_logging.rb +2 -0
  104. data/spec/dummy/config/initializers/i18n.rb +2 -0
  105. data/spec/dummy/config/initializers/inflections.rb +2 -0
  106. data/spec/dummy/config/initializers/mime_types.rb +2 -0
  107. data/spec/dummy/config/initializers/wrap_parameters.rb +2 -0
  108. data/spec/dummy/config/puma.rb +2 -0
  109. data/spec/dummy/config/routes.rb +5 -0
  110. data/spec/dummy/config/spring.rb +2 -0
  111. data/spec/dummy/db/migrate/20190815114303_create_users.rb +2 -0
  112. data/spec/dummy/db/migrate/20190824215150_add_auth_available_to_users.rb +2 -0
  113. data/spec/dummy/db/migrate/20190916012505_create_admins.rb +2 -0
  114. data/spec/dummy/db/migrate/20191013213045_create_guests.rb +2 -0
  115. data/spec/dummy/db/migrate/20200321121807_create_users_customers.rb +2 -0
  116. data/spec/dummy/db/migrate/20200621182414_remove_uncofirmed_email_from_admins.rb +7 -0
  117. data/spec/dummy/db/migrate/20200623003142_create_schema_users.rb +46 -0
  118. data/spec/dummy/db/schema.rb +28 -2
  119. data/spec/dummy/db/seeds.rb +2 -0
  120. data/spec/factories/admins.rb +2 -0
  121. data/spec/factories/guests.rb +2 -0
  122. data/spec/factories/schema_users.rb +13 -0
  123. data/spec/factories/users.rb +2 -0
  124. data/spec/factories/users_customers.rb +2 -0
  125. data/spec/generators/graphql_devise/install_generator_spec.rb +3 -1
  126. data/spec/graphql_devise/model/with_email_updater_spec.rb +131 -0
  127. data/spec/graphql_devise_spec.rb +2 -0
  128. data/spec/models/user_spec.rb +2 -0
  129. data/spec/rails_helper.rb +3 -0
  130. data/spec/requests/graphql_controller_spec.rb +2 -0
  131. data/spec/requests/mutations/additional_mutations_spec.rb +2 -0
  132. data/spec/requests/mutations/additional_queries_spec.rb +2 -0
  133. data/spec/requests/mutations/login_spec.rb +2 -0
  134. data/spec/requests/mutations/logout_spec.rb +2 -0
  135. data/spec/requests/mutations/resend_confirmation_spec.rb +29 -4
  136. data/spec/requests/mutations/send_password_reset_spec.rb +2 -0
  137. data/spec/requests/mutations/sign_up_spec.rb +15 -2
  138. data/spec/requests/mutations/update_password_spec.rb +2 -0
  139. data/spec/requests/queries/check_password_token_spec.rb +2 -0
  140. data/spec/requests/queries/confirm_account_spec.rb +102 -42
  141. data/spec/requests/user_controller_spec.rb +57 -8
  142. data/spec/services/mount_method/operation_preparer_spec.rb +2 -0
  143. data/spec/services/mount_method/operation_preparers/custom_operation_preparer_spec.rb +2 -0
  144. data/spec/services/mount_method/operation_preparers/default_operation_preparer_spec.rb +2 -0
  145. data/spec/services/mount_method/operation_preparers/gql_name_setter_spec.rb +2 -0
  146. data/spec/services/mount_method/operation_preparers/mutation_field_setter_spec.rb +2 -0
  147. data/spec/services/mount_method/operation_preparers/resolver_type_setter_spec.rb +2 -0
  148. data/spec/services/mount_method/operation_preparers/resource_name_setter_spec.rb +2 -0
  149. data/spec/services/mount_method/operation_sanitizer_spec.rb +2 -0
  150. data/spec/services/mount_method/option_sanitizer_spec.rb +2 -0
  151. data/spec/services/mount_method/option_sanitizers/array_checker_spec.rb +2 -0
  152. data/spec/services/mount_method/option_sanitizers/class_checker_spec.rb +2 -0
  153. data/spec/services/mount_method/option_sanitizers/hash_checker_spec.rb +2 -0
  154. data/spec/services/mount_method/option_sanitizers/string_checker_spec.rb +2 -0
  155. data/spec/services/mount_method/option_validators/provided_operations_validator_spec.rb +2 -0
  156. data/spec/services/mount_method/option_validators/skip_only_validator_spec.rb +2 -0
  157. data/spec/services/mount_method/option_validators/supported_operations_validator_spec.rb +2 -0
  158. data/spec/services/mount_method/options_validator_spec.rb +2 -0
  159. data/spec/services/resource_loader_spec.rb +2 -0
  160. data/spec/services/schema_plugin_spec.rb +2 -0
  161. data/spec/spec_helper.rb +2 -0
  162. data/spec/support/contexts/graphql_request.rb +2 -0
  163. data/spec/support/factory_bot.rb +2 -0
  164. data/spec/support/matchers/auth_headers_matcher.rb +2 -0
  165. data/spec/support/matchers/not_change_matcher.rb +2 -0
  166. data/spec/support/requests/auth_helpers.rb +2 -0
  167. data/spec/support/requests/json_helpers.rb +2 -0
  168. metadata +19 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 3ddce4ffb15dd4eac50fd0756808ce5fdef81a2f5fcc3405e8c00e5a7c51b689
4
- data.tar.gz: b47284dc35df29df8a9bd2ef17cb68dde81e4a183cae904220167a37efbd6a05
3
+ metadata.gz: c9dba7aa9a87c5c0953373fd59cb4648d066925ddf65220efeed6e3228cc72af
4
+ data.tar.gz: d2b5adb287e426bfed8d222301673123740e5495216c5ee1f6fb14e6aeb549f7
5
5
  SHA512:
6
- metadata.gz: 7dfb908c7284d5aac400dac4424ab7b053cd9c2f8da6b684028d19fa651eb0bd9b76ac911063676bb923c71a882930aefb65c66f2081d441b0461fc226dddf7b
7
- data.tar.gz: 5f49d0b6b687b32de66836f9617eeb344b6c7dd77045b7a3e936f570799f9076c88f6d1abf152ba5ae54d034b5a31a0f106b0593359b742da5b7898578675633
6
+ metadata.gz: 588b3fda6584de9db52e2a4b060c7ccd1915200e9711ca5b99046002daa47ecc0182aa4c392057a82883075a199adc89038a1ff7e0586c0b112af913f19cdf97
7
+ data.tar.gz: 6c6ffe1608ebc5eb18d1d3d000b2c4dc55ffc8cefd24f58f3078f307d2ebd4b9c8d32b213dadb589861c1c5d00f4d49dd96f97ac41941443ad1b25644b31cd73
@@ -1,5 +1,59 @@
1
1
  # Changelog
2
2
 
3
+ ## [v0.13.4](https://github.com/graphql-devise/graphql_devise/tree/v0.13.4) (2020-08-15)
4
+
5
+ [Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.13.3...v0.13.4)
6
+
7
+ **Implemented enhancements:**
8
+
9
+ - Allow resend of confirmation with unconfirmed email [\#127](https://github.com/graphql-devise/graphql_devise/pull/127) ([j15e](https://github.com/j15e))
10
+
11
+ ## [v0.13.3](https://github.com/graphql-devise/graphql_devise/tree/v0.13.3) (2020-08-13)
12
+
13
+ [Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.13.2...v0.13.3)
14
+
15
+ **Fixed bugs:**
16
+
17
+ - Fix unconfirmed\_email confirmation. Ignore devise reconfirmable config. [\#126](https://github.com/graphql-devise/graphql_devise/pull/126) ([mcelicalderon](https://github.com/mcelicalderon))
18
+
19
+ ## [v0.13.2](https://github.com/graphql-devise/graphql_devise/tree/v0.13.2) (2020-08-12)
20
+
21
+ [Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.13.1...v0.13.2)
22
+
23
+ **Fixed bugs:**
24
+
25
+ - Save resource after generating credentials in resource confirmation [\#125](https://github.com/graphql-devise/graphql_devise/pull/125) ([mcelicalderon](https://github.com/mcelicalderon))
26
+
27
+ ## [v0.13.1](https://github.com/graphql-devise/graphql_devise/tree/v0.13.1) (2020-07-29)
28
+
29
+ [Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.13.0...v0.13.1)
30
+
31
+ **Implemented enhancements:**
32
+
33
+ - Add credentials field on signUp mutation [\#122](https://github.com/graphql-devise/graphql_devise/pull/122) ([mcelicalderon](https://github.com/mcelicalderon))
34
+
35
+ **Closed issues:**
36
+
37
+ - Checking for `performed?` when mounting into your graphql schema. [\#110](https://github.com/graphql-devise/graphql_devise/issues/110)
38
+ - no query string for email reset [\#104](https://github.com/graphql-devise/graphql_devise/issues/104)
39
+
40
+ ## [v0.13.0](https://github.com/graphql-devise/graphql_devise/tree/v0.13.0) (2020-06-22)
41
+
42
+ [Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.12.3...v0.13.0)
43
+
44
+ **Breaking changes:**
45
+
46
+ - Fix email reconfirmation feature [\#111](https://github.com/graphql-devise/graphql_devise/pull/111) ([mcelicalderon](https://github.com/mcelicalderon))
47
+
48
+ **Implemented enhancements:**
49
+
50
+ - Add frozen string literal to all relevant files [\#114](https://github.com/graphql-devise/graphql_devise/pull/114) ([mcelicalderon](https://github.com/mcelicalderon))
51
+
52
+ **Fixed bugs:**
53
+
54
+ - CookieOverflow for Own Schema Mount [\#112](https://github.com/graphql-devise/graphql_devise/issues/112)
55
+ - Reconfirmable not setting unconfirmed\_email [\#102](https://github.com/graphql-devise/graphql_devise/issues/102)
56
+
3
57
  ## [v0.12.3](https://github.com/graphql-devise/graphql_devise/tree/v0.12.3) (2020-06-19)
4
58
 
5
59
  [Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.12.2...v0.12.3)
data/Gemfile CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  source 'https://rubygems.org'
2
4
 
3
5
  gemspec
data/README.md CHANGED
@@ -14,19 +14,22 @@ GraphQL interface on top of the [Devise Token Auth](https://github.com/lynndylan
14
14
  * [Installation](#installation)
15
15
  * [Running the Generator](#running-the-generator)
16
16
  * [Mounting the Schema in a Separate Route](#mounting-the-schema-in-a-separate-route)
17
- * [Mounting Operations in Your Own Schema](#mounting-operations-in-your-own-schema)
18
- * [Important](#important)
17
+ * [Important](#important)
18
+ * [Mounting Operations in Your Own Schema (> v0.12.0)](#mounting-operations-in-your-own-schema--v0120)
19
+ * [Important](#important-1)
19
20
  * [Usage](#usage)
20
21
  * [Mounting Auth Schema on a Separate Route](#mounting-auth-schema-on-a-separate-route)
21
22
  * [Mounting Operations Into Your Own Schema](#mounting-operations-into-your-own-schema)
22
23
  * [Available Mount Options](#available-mount-options)
23
24
  * [Available Operations](#available-operations)
24
25
  * [Configuring Model](#configuring-model)
26
+ * [Email Reconfirmation](#email-reconfirmation)
25
27
  * [Customizing Email Templates](#customizing-email-templates)
26
28
  * [I18n](#i18n)
27
29
  * [Authenticating Controller Actions](#authenticating-controller-actions)
28
30
  * [Authenticate Before Reaching Your GQL Schema](#authenticate-before-reaching-your-gql-schema)
29
31
  * [Authenticate in Your GQL Schema](#authenticate-in-your-gql-schema)
32
+ * [Important](#important-2)
30
33
  * [Making Requests](#making-requests)
31
34
  * [Mutations](#mutations)
32
35
  * [Queries](#queries)
@@ -39,20 +42,19 @@ GraphQL interface on top of the [Devise Token Auth](https://github.com/lynndylan
39
42
  * [Contributing](#contributing)
40
43
  * [License](#license)
41
44
 
42
- <!-- Added by: mcelicalderon, at: Wed Jun 10 22:10:26 -05 2020 -->
45
+ <!-- Added by: david, at: mar jul 14 08:08:02 -05 2020 -->
43
46
 
44
47
  <!--te-->
45
48
 
46
49
  ## Introduction
47
- This gem heavily relies on two gems, [Devise Token Auth](https://github.com/lynndylanhurley/devise_token_auth) (DTA)
48
- and [Devise](https://github.com/heartcombo/devise) which is a dependency of DTA.
49
- It provides a GraphQL interface on top of DTA which is designed to work with REST APIs. That's why
50
- things like token management, token expiration and everything up until using the actual GraphQL schema is
51
- still controlled by DTA. For that reason you will find that our generator runs these two gems generator and two
52
- initializer files are included. We'll provide more configuration details in the
53
- [configuration section](#more-configuration-options),
54
- but **we recommend you get familiar with [DTA and their docs](https://github.com/lynndylanhurley/devise_token_auth)
55
- in order to use this gem to its full potential**.
50
+ Graphql-Devise heavily relies on two gems:
51
+ - [Devise Token Auth](https://github.com/lynndylanhurley/devise_token_auth) (DTA)
52
+ - [Devise](https://github.com/heartcombo/devise) (which is a DTA dependency)
53
+
54
+ This gem provides a GraphQL interface on top of DTA which is designed for REST APIs. Features like token management, token expiration and everything up until using the actual GraphQL schema is still controlled by DTA. For that reason the gem's generator invokes DTA and Devise generators and creates initializer files for each one of them.
55
+
56
+ **We strongly recommend getting familiar with [DTA documentation](https://github.com/lynndylanhurley/devise_token_auth) to use this gem to its full potential**.
57
+ More configuration details available in [configuration section](#more-configuration-options)
56
58
 
57
59
  ## Installation
58
60
 
@@ -68,20 +70,21 @@ $ bundle
68
70
  ```
69
71
 
70
72
  ### Running the Generator
71
- Graphql Devise generator will execute `Devise` and `Devise Token Auth`
72
- generators for you. These will make the required changes for the gems to
73
- work correctly. All configurations for [Devise](https://github.com/plataformatec/devise) and
74
- [Devise Token Auth](https://github.com/lynndylanhurley/devise_token_auth) are available,
75
- so you can read the docs there to customize your options.
76
- Configurations are done via initializer files as usual, one per gem.
73
+ Graphql Devise generator will execute `Devise` and `Devise Token Auth` generators to setup the gems in your project. You can customize them to your needs using their initializer files(one per gem) as usual.
77
74
 
78
- #### Mounting the Schema in a Separate Route
79
75
  ```bash
80
76
  $ bundle exec rails generate graphql_devise:install
81
77
  ```
78
+ The generator accepts 2 params:
79
+ - `user_class`: Model name in which `Devise` modules will be included. This uses a `find or create` strategy. Defaults to `User`.
80
+ - `mount_path`: Path in which the dedicated graphql schema for devise will be mounted. Defaults to `/graphql_auth`.
82
81
 
83
- The generator accepts 2 params: `user_class` and `mount_path`. The params
84
- will be used to mount the route in `config/routes.rb`. For instance the executing:
82
+ The option `mount` is available starting from `v0.12.0`. This option will allow you to mount the operations in your own schema instead of a dedicated one. When this option is provided `mount_path` param is not used.
83
+
84
+ #### Mounting the Schema in a Separate Route
85
+
86
+ To configure the gem to use a separate schema, the generator will use `user_class` and `mount_path` params.
87
+ The route will be mounted in `config/routes.rb`. For instance the executing:
85
88
 
86
89
  ```bash
87
90
  $ bundle exec rails g graphql_devise:install Admin api/auth
@@ -99,32 +102,43 @@ Will do the following:
99
102
  `Admin` could be any model name you are going to be using for authentication,
100
103
  and `api/auth` could be any mount path you would like to use for auth.
101
104
 
102
- #### Mounting Operations in Your Own Schema
103
- Now you can provide to the generator an option specifying
104
- the name of your GQL schema. Doing this will skip the insertion of the mount method in the
105
- routes file and will also add our `SchemaPlugin` to the specified schema. `user_class` param is still optional (`Admin`) in the following example.
105
+ ##### Important
106
+ - Remember that by default this gem mounts a completely separate GraphQL schema on a separate controller in the route provided by the `at` option in the `mount_graphql_devise_for` method in the `config/routes.rb` file. If no `at` option is provided, the route will be `/graphql_auth`.
107
+ - Avoid passing the `--mount` option or the gem will try to use an existing schema.
108
+
109
+ #### Mounting Operations in Your Own Schema (> v0.12.0)
110
+ To configure the gem to use your own GQL schema use the `--mount` option.
111
+ For instance the executing:
106
112
 
107
113
  ```bash
108
114
  $ bundle exec rails g graphql_devise:install Admin --mount MySchema
109
115
  ```
110
116
 
111
- ### Important
112
- Remember that by default this gem mounts a completely separate GraphQL schema on a separate controller in the route
113
- provided by the `at` option in the `mount_graphql_devise_for` method in the `config/routes.rb` file. If no `at`
114
- option is provided, the route will be `/graphql_auth`.
117
+ Will do the following:
118
+ - Execute `Devise` install generator
119
+ - Execute `Devise Token Auth` install generator with `Admin` and `api/auth` as params
120
+ - Find or create `Admin` model
121
+ - Add `devise` modules to `Admin` model
122
+ - Other changes that you can find [here](https://devise-token-auth.gitbook.io/devise-token-auth/config)
123
+ - Add `SchemaPlugin` to the specified schema.
124
+
115
125
 
116
- **Starting with `v0.12.0`** you can opt-in to load this gem's queries and mutations into your
117
- own application's schema. You can actually mount a resource's auth schema in a separate route
118
- and in your app's schema at the same time, but that's probably not a common scenario. More on
119
- this in the next section.
126
+ ##### Important
127
+ - When using the `--mount` option the `mount_path` params is ignored.
128
+ - The generator will look for your schema under `app/graphql/` directory. We are expecting the name of the file is the same as the as the one passed in the mount option transformed with `underscore`. In the example, passing `MySchema`, will try to find the file `app/graphql/my_schema.rb`.
129
+ - You can actually mount a resource's auth schema in a separate route and in your app's schema at the same time, but that's probably not a common scenario.
120
130
 
121
131
  ## Usage
122
- ### Mounting Auth Schema on a Separate Route
123
- The generator can do this step for you by default. Remember now you can mount this gem's
124
- auth operations into your own schema as described in [this section](#mounting-operations-into-your-own-schema).
132
+
133
+ GraphqlDevise operations can be used in two ways:
134
+ - Using a [separate schema](#mounting-auth-schema-on-a-separate-route) via `mount_graphql_devise_for` helper in the routes file.
135
+ - Using [your own schema](#mounting-operations-into-your-own-schema) by adding a plugin in the class.
125
136
 
126
137
 
127
- Routes can be added using the generator or manually.
138
+ Creating a separate schema is the default option, the generator will do that by default.
139
+
140
+ ### Mounting Auth Schema on a Separate Route
141
+
128
142
  You can mount this gem's GraphQL auth schema in your routes file like this:
129
143
 
130
144
  ```ruby
@@ -150,11 +164,13 @@ Rails.application.routes.draw do
150
164
  )
151
165
  end
152
166
  ```
167
+ This can be done using the generator or manually.
153
168
  The second argument of the `mount_graphql_devise` method is a hash of options where you can
154
169
  customize how the queries and mutations are mounted into the schema. For a list of available
155
170
  options go [here](#available-mount-options)
156
171
 
157
172
  ### Mounting Operations Into Your Own Schema
173
+
158
174
  Starting with `v0.12.0` you can now mount the GQL operations provided by this gem into your
159
175
  app's main schema.
160
176
 
@@ -301,6 +317,46 @@ end
301
317
  The install generator can do this for you if you specify the `user_class` option.
302
318
  See [Installation](#installation) for details.
303
319
 
320
+ ### Email Reconfirmation
321
+ Email reconfirmation is supported just like in Devise and DTA, but we want reconfirmable
322
+ in this gem to work on model basis instead of having a global configuration like in Devise.
323
+ **For this reason Devise's global `reconfirmable` setting is ignored.**
324
+
325
+ For a resource to be considered reconfirmable it has to meet 2 conditions:
326
+ 1. Include the `:confirmable` module.
327
+ 1. Has an `unconfirmed_email` column in the resource's table.
328
+
329
+ In order to trigger the reconfirmation email in a reconfirmable resource, you simply needi
330
+ to call a different update method on your resource,`update_with_email`.
331
+ When the resource is not reconfirmable or the email is not updated, this method behaves exactly
332
+ the same as ActiveRecord's `update`.
333
+ `update_with_email` requires two additional attributes when email will change or an error
334
+ will be raised:
335
+
336
+ 1. `schema_url`: The full url where your GQL schema is mounted. You can get this value from the
337
+ controller available in the context of your mutations and queries like this:
338
+ ```ruby
339
+ context[:controller].full_url_without_params
340
+ ```
341
+ 1. `confirmation_success_url`: This the full url where you want users to be redirected after
342
+ the email has changed successfully (usually a front-end url). This value is mandatory
343
+ unless you have set `default_confirm_success_url` in your devise_token_auth initializer.
344
+
345
+ So, it's up to you where you require confirmation of changing emails.
346
+ [Here's an example](https://github.com/graphql-devise/graphql_devise/blob/c4dcb17e98f8d84cc5ac002c66ed98a797d3bc82/spec/dummy/app/graphql/mutations/update_user.rb#L13)
347
+ on how you might do this. And also a demonstration on the method usage:
348
+ ```ruby
349
+ user.update_with_email(
350
+ name: 'New Name',
351
+ email: 'new@domain.com',
352
+ schema_url: 'http://localhost:3000/graphql',
353
+ confirmation_success_url: 'https://google.com'
354
+ )
355
+ ```
356
+
357
+ We want reconfirmable in this gem to work separately
358
+ from DTA's or Devise (too much complexity in the model based on callbacks).
359
+
304
360
  ### Customizing Email Templates
305
361
  The approach of this gem is a bit different from DeviseTokenAuth. We have placed our templates in `app/views/graphql_devise/mailer`,
306
362
  so if you want to change them, place yours on the same dir structure on your Rails project. You can customize these two templates:
@@ -316,11 +372,10 @@ GraphQL Devise supports locales. For example, the `graphql_devise.confirmations.
316
372
  Keep in mind that if your app uses multiple locales, you should set the `I18n.locale` accordingly. You can learn how to do this [here](https://guides.rubyonrails.org/i18n.html).
317
373
 
318
374
  ### Authenticating Controller Actions
319
- Just like with Devise or DTA, you will need to authenticate users in your controllers.
320
- For this you have two alternatives.
375
+ When mounting the operation is in you own schema instead of a dedicated one, you will need to authenticate users in your controllers, just like in DTA. There are 2 alternatives to accomplish this.
321
376
 
322
377
  #### Authenticate Before Reaching Your GQL Schema
323
- For this you need to call `authenticate_<model>!` in a before_action hook of your controller.
378
+ For this you will need to call `authenticate_<model>!` in a `before_action` controller hook.
324
379
  In our example our model is `User`, so it would look like this:
325
380
  ```ruby
326
381
  # app/controllers/my_controller.rb
@@ -331,15 +386,14 @@ class MyController < ApplicationController
331
386
  before_action :authenticate_user!
332
387
 
333
388
  def my_action
334
- render json: { current_user: current_user }
389
+ result = DummySchema.execute(params[:query], context: current_user: current_user)
390
+ render json: result unless performed?
335
391
  end
336
392
  end
337
393
  ```
338
394
 
339
- The install generator can do this for you because it executes DTA installer.
340
- See [Installation](#Installation) for details.
341
- If authentication fails for the request for whatever reason, execution of the request is halted
342
- and an error is returned in a REST format as the request never reaches your GQL schema.
395
+ The install generator can include the concern in you application controller.
396
+ If authentication fails for a request, execution will halt and a REST error will be returned since the request never reaches your GQL schema.
343
397
 
344
398
  #### Authenticate in Your GQL Schema
345
399
  For this you will need to add the `GraphqlDevise::SchemaPlugin` to your schema as described
@@ -352,7 +406,8 @@ class MyController < ApplicationController
352
406
  include GraphqlDevise::Concerns::SetUserByToken
353
407
 
354
408
  def my_action
355
- render json: DummySchema.execute(params[:query], context: graphql_context(:user))
409
+ result = DummySchema.execute(params[:query], context: graphql_context(:user))
410
+ render json: result unless performed?
356
411
  end
357
412
  end
358
413
  ```
@@ -389,32 +444,28 @@ module Types
389
444
  end
390
445
  ```
391
446
 
447
+ #### Important
448
+ Remember to check `performed?` before rendering the result of the graphql operation. This is required because some operations perform a redirect and without this check you will get a `AbstractController::DoubleRenderError`.
449
+
392
450
  ### Making Requests
393
451
  Here is a list of the available mutations and queries assuming your mounted model is `User`.
394
452
 
395
453
  #### Mutations
396
- 1. `userLogin(email: String!, password: String!): UserLoginPayload`
397
-
398
- This mutation has a second field by default. `credentials` can be fetched directly on the mutation return type.
399
- Credentials are still returned in the headers of the response.
400
-
401
- 1. `userLogout: UserLogoutPayload`
402
- 1. `userSignUp(email: String!, password: String!, passwordConfirmation: String!, confirmSuccessUrl: String): UserSignUpPayload`
403
-
404
- The parameter `confirmSuccessUrl` is optional unless you are using the `confirmable` plugin from Devise in your `resource`'s model. If you have `confirmable` set up, you will have to provide it unless you have `config.default_confirm_success_url` set in `config/initializers/devise_token_auth.rb`.
405
- 1. `userSendResetPassword(email: String!, redirectUrl: String!): UserSendReserPasswordPayload`
406
- 1. `userUpdatePassword(password: String!, passwordConfirmation: String!, currentPassword: String): UserUpdatePasswordPayload`
407
-
408
- The parameter `currentPassword` is optional if you have `config.check_current_password_before_update` set to
409
- false (disabled by default) on your generated `config/initializers/devise_token_aut.rb` or if the `resource`
410
- model supports the `recoverable` Devise plugin and the `resource`'s `allow_password_change` attribute is set to true (this is done in the `userCheckPasswordToken` query when you click on the sent email's link).
411
- 1. `userResendConfirmation(email: String!, redirectUrl: String!): UserResendConfirmationPayload`
412
454
 
413
- The `UserResendConfirmationPayload` will return the `authenticatable` resource that was sent the confirmation instructions but also has a `message: String!` that can be used to notify a user what to do after the instructions were sent to them
455
+ Operation | Description | Example
456
+ :--- | :--- | :------------------:
457
+ login | This mutation has a second field by default. `credentials` can be fetched directly on the mutation return type.<br>Credentials are still returned in the headers of the response. | userLogin(email: String!, password: String!): UserLoginPayload
458
+ logout | | userLogout: UserLogoutPayload
459
+ signUp | The parameter `confirmSuccessUrl` is optional unless you are using the `confirmable` plugin from Devise in your `resource`'s model. If you have `confirmable` set up, you will have to provide it unless you have `config.default_confirm_success_url` set in `config/initializers/devise_token_auth.rb`. | userSignUp(email: String!, password: String!, passwordConfirmation: String!, confirmSuccessUrl: String): UserSignUpPayload
460
+ sendResetPassword | | userSendResetPassword(email: String!, redirectUrl: String!): UserSendReserPasswordPayload
461
+ updatePassword | The parameter `currentPassword` is optional if you have `config.check_current_password_before_update` set to false (disabled by default) on your generated `config/initializers/devise_token_aut.rb` or if the `resource` model supports the `recoverable` Devise plugin and the `resource`'s `allow_password_change` attribute is set to true (this is done in the `userCheckPasswordToken` query when you click on the sent email's link). | userUpdatePassword(password: String!, passwordConfirmation: String!, currentPassword: String): UserUpdatePasswordPayload
462
+ resendConfirmation | The `UserResendConfirmationPayload` will return the `authenticatable` resource that was sent the confirmation instructions but also has a `message: String!` that can be used to notify a user what to do after the instructions were sent to them | userResendConfirmation(email: String!, redirectUrl: String!): UserResendConfirmationPayload
414
463
 
415
464
  #### Queries
416
- 1. `userConfirmAccount(confirmationToken: String!, redirectUrl: String!): User`
417
- 1. `userCheckPasswordToken(resetPasswordToken: String!, redirectUrl: String): User`
465
+ Operation | Description | Example
466
+ :--- | :--- | :------------------:
467
+ confirmAccount | Performs a redirect using the `redirectUrl` param | userConfirmAccount(confirmationToken: String!, redirectUrl: String!): User
468
+ checkPasswordToken | Performs a redirect using the `redirectUrl` param | userCheckPasswordToken(resetPasswordToken: String!, redirectUrl: String): User
418
469
 
419
470
  The reason for having 2 queries is that these 2 are going to be accessed when clicking on
420
471
  the confirmation and reset password email urls. There is no limitation for making mutation
data/Rakefile CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  begin
2
4
  require 'bundler/setup'
3
5
  rescue LoadError
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module GraphqlDevise
2
4
  ApplicationController = if Rails::VERSION::MAJOR >= 5
3
5
  Class.new(ActionController::API)
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module GraphqlDevise
2
4
  module Concerns
3
5
  SetUserByToken = DeviseTokenAuth::Concerns::SetUserByToken
@@ -5,6 +7,10 @@ module GraphqlDevise
5
7
  SetUserByToken.module_eval do
6
8
  attr_accessor :client_id, :token, :resource
7
9
 
10
+ def full_url_without_params
11
+ request.base_url + request.path
12
+ end
13
+
8
14
  def set_resource_by_token(resource)
9
15
  set_user_by_token(resource)
10
16
  end
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require_dependency 'graphql_devise/application_controller'
2
4
 
3
5
  module GraphqlDevise
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module GraphqlDevise
2
4
  module ApplicationHelper
3
5
  end
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module GraphqlDevise
2
4
  module MailerHelper
3
5
  def confirmation_query(resource_name:, token:, redirect_url:)
@@ -1,5 +1,21 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'graphql_devise/model/with_email_updater'
4
+
1
5
  module GraphqlDevise
2
6
  module Concerns
3
7
  Model = DeviseTokenAuth::Concerns::User
8
+
9
+ Model.module_eval do
10
+ class_methods do
11
+ def reconfirmable
12
+ devise_modules.include?(:confirmable) && column_names.include?('unconfirmed_email')
13
+ end
14
+ end
15
+
16
+ def update_with_email(attributes = {})
17
+ GraphqlDevise::Model::WithEmailUpdater.new(self, attributes).call
18
+ end
19
+ end
4
20
  end
5
21
  end
@@ -2,4 +2,4 @@
2
2
 
3
3
  <p><%= t('.confirm_link_msg') %></p>
4
4
 
5
- <p><%= link_to t('.confirm_account_link'), url_for(controller: message['controller'], action: message['action'], **confirmation_query(resource_name: @resource.class.to_s, redirect_url: message['redirect-url'], token: @token)) %></p>
5
+ <p><%= link_to t('.confirm_account_link'), "#{message['schema_url']}?#{confirmation_query(resource_name: @resource.class.to_s, redirect_url: message['redirect-url'], token: @token).to_query}" %></p>