graphql_devise 0.13.4 → 0.14.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.coveralls.yml +1 -0
- data/.gitlab-ci.yml +109 -0
- data/Appraisals +39 -5
- data/CHANGELOG.md +47 -0
- data/README.md +20 -9
- data/app/views/graphql_devise/mailer/reset_password_instructions.html.erb +7 -1
- data/config/locales/en.yml +2 -1
- data/docs/usage/reset_password_flow.md +90 -0
- data/graphql_devise.gemspec +1 -1
- data/lib/graphql_devise/concerns/controller_methods.rb +7 -1
- data/lib/graphql_devise/default_operations/mutations.rb +10 -6
- data/lib/graphql_devise/mutations/resend_confirmation.rb +2 -0
- data/lib/graphql_devise/mutations/send_password_reset.rb +2 -0
- data/lib/graphql_devise/mutations/send_password_reset_with_token.rb +37 -0
- data/lib/graphql_devise/mutations/sign_up.rb +1 -3
- data/lib/graphql_devise/mutations/update_password_with_token.rb +38 -0
- data/lib/graphql_devise/resolvers/check_password_token.rb +1 -0
- data/lib/graphql_devise/resolvers/confirm_account.rb +2 -0
- data/lib/graphql_devise/schema_plugin.rb +22 -11
- data/lib/graphql_devise/version.rb +1 -1
- data/spec/dummy/app/graphql/dummy_schema.rb +4 -3
- data/spec/dummy/app/graphql/mutations/reset_admin_password_with_token.rb +13 -0
- data/spec/dummy/config/initializers/devise_token_auth.rb +2 -0
- data/spec/dummy/config/routes.rb +2 -1
- data/spec/graphql/user_queries_spec.rb +118 -0
- data/spec/requests/mutations/additional_mutations_spec.rb +0 -1
- data/spec/requests/mutations/resend_confirmation_spec.rb +16 -1
- data/spec/requests/mutations/send_password_reset_spec.rb +16 -1
- data/spec/requests/mutations/send_password_reset_with_token_spec.rb +78 -0
- data/spec/requests/mutations/sign_up_spec.rb +19 -1
- data/spec/requests/mutations/update_password_with_token_spec.rb +119 -0
- data/spec/requests/queries/check_password_token_spec.rb +16 -1
- data/spec/requests/queries/confirm_account_spec.rb +17 -2
- data/spec/requests/queries/introspection_query_spec.rb +149 -0
- data/spec/requests/user_controller_spec.rb +9 -9
- data/spec/support/contexts/schema_test.rb +14 -0
- metadata +25 -9
- data/.travis.yml +0 -79
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 33fca9e9e4adcd1831cfcc2a7cf47006e7f5c0b28a20651eba38916e6cd34701
|
4
|
+
data.tar.gz: 4cab9282ea278aa1fd077c7e5caf2164662c227a788ddac0c0224d21cf4eb679
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b0311b0035cca6a5a23f38c890a96658865e9131c2a80f9f40fba91569d5951cc4662709fdc5e0ad82cef991e04d5931803c85da4e6bea8bcf4701ed92b04ef7
|
7
|
+
data.tar.gz: cbfa71e7947f0e7ce3ab3e23970fc313b09c9fe0198df09e440137a51e1e64b57d0f4e907d158c4c0f78e610beacfebbc61b53c5ef8d582c97091cfb8ad94772
|
data/.coveralls.yml
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
repo_token: bzwe3rK8KkenWfsw42Nj6JhoO77V7V3sh
|
data/.gitlab-ci.yml
ADDED
@@ -0,0 +1,109 @@
|
|
1
|
+
---
|
2
|
+
default:
|
3
|
+
cache:
|
4
|
+
key:
|
5
|
+
files:
|
6
|
+
- Gemfile.lock
|
7
|
+
prefix: ${CI_COMMIT_REF_NAME}
|
8
|
+
paths:
|
9
|
+
- vendor/bundle/
|
10
|
+
before_script:
|
11
|
+
- bundle install
|
12
|
+
|
13
|
+
variables:
|
14
|
+
EAGER_LOAD: 'true'
|
15
|
+
BUNDLE_PATH: 'vendor/bundle'
|
16
|
+
|
17
|
+
test:2.3:
|
18
|
+
stage: test
|
19
|
+
image: ruby:2.3
|
20
|
+
script:
|
21
|
+
- bundle exec rspec
|
22
|
+
parallel:
|
23
|
+
matrix:
|
24
|
+
- BUNDLE_GEMFILE: gemfiles/rails4.2_graphql1.8.gemfile
|
25
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.0_graphql1.8.gemfile
|
26
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.0_graphql1.9.gemfile
|
27
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.1_graphql1.8.gemfile
|
28
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.1_graphql1.9.gemfile
|
29
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.2_graphql1.8.gemfile
|
30
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.2_graphql1.9.gemfile
|
31
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.2_graphql1.10.gemfile
|
32
|
+
|
33
|
+
test:2.4:
|
34
|
+
stage: test
|
35
|
+
image: ruby:2.4
|
36
|
+
script:
|
37
|
+
- bundle exec rspec
|
38
|
+
parallel:
|
39
|
+
matrix:
|
40
|
+
- BUNDLE_GEMFILE: gemfiles/rails4.2_graphql1.8.gemfile
|
41
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.0_graphql1.8.gemfile
|
42
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.0_graphql1.9.gemfile
|
43
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.1_graphql1.8.gemfile
|
44
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.1_graphql1.9.gemfile
|
45
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.2_graphql1.8.gemfile
|
46
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.2_graphql1.9.gemfile
|
47
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.2_graphql1.10.gemfile
|
48
|
+
|
49
|
+
test:2.5:
|
50
|
+
stage: test
|
51
|
+
image: ruby:2.5
|
52
|
+
script:
|
53
|
+
- bundle exec rspec
|
54
|
+
parallel:
|
55
|
+
matrix:
|
56
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.0_graphql1.9.gemfile
|
57
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.1_graphql1.8.gemfile
|
58
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.1_graphql1.9.gemfile
|
59
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.2_graphql1.9.gemfile
|
60
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.2_graphql1.10.gemfile
|
61
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.2_graphql1.11.gemfile
|
62
|
+
- BUNDLE_GEMFILE: gemfiles/rails6.0_graphql1.11.gemfile
|
63
|
+
- BUNDLE_GEMFILE: gemfiles/rails6.0_graphql1.12.gemfile
|
64
|
+
- BUNDLE_GEMFILE: gemfiles/rails6.1_graphql1.11.gemfile
|
65
|
+
- BUNDLE_GEMFILE: gemfiles/rails6.1_graphql1.12.gemfile
|
66
|
+
|
67
|
+
test:2.6:
|
68
|
+
stage: test
|
69
|
+
image: ruby:2.6
|
70
|
+
script:
|
71
|
+
- bundle exec rspec
|
72
|
+
parallel:
|
73
|
+
matrix:
|
74
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.0_graphql1.9.gemfile
|
75
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.1_graphql1.8.gemfile
|
76
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.1_graphql1.9.gemfile
|
77
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.2_graphql1.9.gemfile
|
78
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.2_graphql1.10.gemfile
|
79
|
+
- BUNDLE_GEMFILE: gemfiles/rails5.2_graphql1.11.gemfile
|
80
|
+
- BUNDLE_GEMFILE: gemfiles/rails6.0_graphql1.11.gemfile
|
81
|
+
- BUNDLE_GEMFILE: gemfiles/rails6.0_graphql1.12.gemfile
|
82
|
+
- BUNDLE_GEMFILE: gemfiles/rails6.1_graphql1.11.gemfile
|
83
|
+
- BUNDLE_GEMFILE: gemfiles/rails6.1_graphql1.12.gemfile
|
84
|
+
|
85
|
+
test:2.7:
|
86
|
+
stage: test
|
87
|
+
image: ruby:2.7
|
88
|
+
script:
|
89
|
+
- bundle exec rspec
|
90
|
+
parallel:
|
91
|
+
matrix:
|
92
|
+
- BUNDLE_GEMFILE: gemfiles/rails6.0_graphql1.8.gemfile
|
93
|
+
- BUNDLE_GEMFILE: gemfiles/rails6.0_graphql1.9.gemfile
|
94
|
+
- BUNDLE_GEMFILE: gemfiles/rails6.0_graphql1.10.gemfile
|
95
|
+
- BUNDLE_GEMFILE: gemfiles/rails6.0_graphql1.11.gemfile
|
96
|
+
- BUNDLE_GEMFILE: gemfiles/rails6.0_graphql1.12.gemfile
|
97
|
+
- BUNDLE_GEMFILE: gemfiles/rails6.1_graphql1.10.gemfile
|
98
|
+
- BUNDLE_GEMFILE: gemfiles/rails6.1_graphql1.11.gemfile
|
99
|
+
- BUNDLE_GEMFILE: gemfiles/rails6.1_graphql1.12.gemfile
|
100
|
+
|
101
|
+
test:edge:
|
102
|
+
stage: test
|
103
|
+
image: ruby:2.7
|
104
|
+
allow_failure: true
|
105
|
+
script:
|
106
|
+
- bundle exec rspec
|
107
|
+
parallel:
|
108
|
+
matrix:
|
109
|
+
- BUNDLE_GEMFILE: gemfiles/rails6.1_graphql_edge.gemfile
|
data/Appraisals
CHANGED
@@ -68,6 +68,13 @@ appraise 'rails5.2-graphql1.11' do
|
|
68
68
|
gem 'rspec-rails', '< 4.0'
|
69
69
|
end
|
70
70
|
|
71
|
+
appraise 'rails5.2-graphql1.12' do
|
72
|
+
gem 'sqlite3', '~> 1.3.6'
|
73
|
+
gem 'rails', github: 'rails/rails', branch: '5-2-stable'
|
74
|
+
gem 'graphql', '~> 1.12.0'
|
75
|
+
gem 'rspec-rails', '< 4.0'
|
76
|
+
end
|
77
|
+
|
71
78
|
appraise 'rails6.0-graphql1.8' do
|
72
79
|
gem 'sqlite3', '~> 1.4'
|
73
80
|
gem 'devise', '>= 4.7'
|
@@ -96,18 +103,45 @@ appraise 'rails6.0-graphql1.11' do
|
|
96
103
|
gem 'graphql', '~> 1.11.0'
|
97
104
|
end
|
98
105
|
|
99
|
-
appraise 'rails6.0-
|
106
|
+
appraise 'rails6.0-graphql1.12' do
|
100
107
|
gem 'sqlite3', '~> 1.4'
|
101
|
-
gem 'devise_token_auth', github: 'lynndylanhurley/devise_token_auth', branch: 'master'
|
102
108
|
gem 'devise', '>= 4.7'
|
103
109
|
gem 'rails', github: 'rails/rails', branch: '6-0-stable'
|
104
|
-
gem 'graphql',
|
110
|
+
gem 'graphql', '~> 1.12.0'
|
111
|
+
end
|
112
|
+
|
113
|
+
appraise 'rails6.1-graphql1.9' do
|
114
|
+
gem 'sqlite3', '~> 1.4'
|
115
|
+
gem 'devise', '>= 4.7'
|
116
|
+
gem 'rails', github: 'rails/rails', branch: '6-1-stable'
|
117
|
+
gem 'graphql', '~> 1.9.0'
|
118
|
+
end
|
119
|
+
|
120
|
+
appraise 'rails6.1-graphql1.10' do
|
121
|
+
gem 'sqlite3', '~> 1.4'
|
122
|
+
gem 'devise', '>= 4.7'
|
123
|
+
gem 'rails', github: 'rails/rails', branch: '6-1-stable'
|
124
|
+
gem 'graphql', '~> 1.10.0'
|
125
|
+
end
|
126
|
+
|
127
|
+
appraise 'rails6.1-graphql1.11' do
|
128
|
+
gem 'sqlite3', '~> 1.4'
|
129
|
+
gem 'devise', '>= 4.7'
|
130
|
+
gem 'rails', github: 'rails/rails', branch: '6-1-stable'
|
131
|
+
gem 'graphql', '~> 1.11.0'
|
132
|
+
end
|
133
|
+
|
134
|
+
appraise 'rails6.1-graphql1.12' do
|
135
|
+
gem 'sqlite3', '~> 1.4'
|
136
|
+
gem 'devise', '>= 4.7'
|
137
|
+
gem 'rails', github: 'rails/rails', branch: '6-1-stable'
|
138
|
+
gem 'graphql', '~> 1.12.0'
|
105
139
|
end
|
106
140
|
|
107
|
-
appraise '
|
141
|
+
appraise 'rails6.1-graphql_edge' do
|
108
142
|
gem 'sqlite3', '~> 1.4'
|
109
143
|
gem 'devise_token_auth', github: 'lynndylanhurley/devise_token_auth', branch: 'master'
|
110
144
|
gem 'devise', '>= 4.7'
|
111
|
-
gem 'rails', github: 'rails/rails', branch: '
|
145
|
+
gem 'rails', github: 'rails/rails', branch: '6-1-stable'
|
112
146
|
gem 'graphql', github: 'rmosolgo/graphql-ruby', branch: 'master'
|
113
147
|
end
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,52 @@
|
|
1
1
|
# Changelog
|
2
2
|
|
3
|
+
## [v0.14.2](https://github.com/graphql-devise/graphql_devise/tree/v0.14.2) (2021-03-08)
|
4
|
+
|
5
|
+
[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.14.1...v0.14.2)
|
6
|
+
|
7
|
+
**Implemented enhancements:**
|
8
|
+
|
9
|
+
- Add config for public introspection query on schema plugin [\#154](https://github.com/graphql-devise/graphql_devise/pull/154) ([00dav00](https://github.com/00dav00))
|
10
|
+
|
11
|
+
## [v0.14.1](https://github.com/graphql-devise/graphql_devise/tree/v0.14.1) (2021-02-11)
|
12
|
+
|
13
|
+
[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.14.0...v0.14.1)
|
14
|
+
|
15
|
+
**Implemented enhancements:**
|
16
|
+
|
17
|
+
- Testing Authenticated Elements [\#138](https://github.com/graphql-devise/graphql_devise/issues/138)
|
18
|
+
- Add support for GraphQL 1.12 [\#150](https://github.com/graphql-devise/graphql_devise/pull/150) ([mengqing](https://github.com/mengqing))
|
19
|
+
- Allow setting current resource in tests [\#149](https://github.com/graphql-devise/graphql_devise/pull/149) ([00dav00](https://github.com/00dav00))
|
20
|
+
|
21
|
+
**Merged pull requests:**
|
22
|
+
|
23
|
+
- Document password reset flows [\#147](https://github.com/graphql-devise/graphql_devise/pull/147) ([mcelicalderon](https://github.com/mcelicalderon))
|
24
|
+
|
25
|
+
## [v0.14.0](https://github.com/graphql-devise/graphql_devise/tree/v0.14.0) (2021-01-19)
|
26
|
+
|
27
|
+
[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.13.6...v0.14.0)
|
28
|
+
|
29
|
+
**Implemented enhancements:**
|
30
|
+
|
31
|
+
- Alternate reset password flow, only 2 steps, no redirect [\#146](https://github.com/graphql-devise/graphql_devise/pull/146) ([mcelicalderon](https://github.com/mcelicalderon))
|
32
|
+
|
33
|
+
## [v0.13.6](https://github.com/graphql-devise/graphql_devise/tree/v0.13.6) (2020-12-22)
|
34
|
+
|
35
|
+
[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.13.5...v0.13.6)
|
36
|
+
|
37
|
+
**Security fixes:**
|
38
|
+
|
39
|
+
- Possible security issue with password reset and redirectUrl [\#136](https://github.com/graphql-devise/graphql_devise/issues/136)
|
40
|
+
- Add redirect whitelist validation to all queries and mutations [\#140](https://github.com/graphql-devise/graphql_devise/pull/140) ([mcelicalderon](https://github.com/mcelicalderon))
|
41
|
+
|
42
|
+
## [v0.13.5](https://github.com/graphql-devise/graphql_devise/tree/v0.13.5) (2020-11-20)
|
43
|
+
|
44
|
+
[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.13.4...v0.13.5)
|
45
|
+
|
46
|
+
**Implemented enhancements:**
|
47
|
+
|
48
|
+
- Fixes connection\_config deprecation warning [\#135](https://github.com/graphql-devise/graphql_devise/pull/135) ([artplan1](https://github.com/artplan1))
|
49
|
+
|
3
50
|
## [v0.13.4](https://github.com/graphql-devise/graphql_devise/tree/v0.13.4) (2020-08-15)
|
4
51
|
|
5
52
|
[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.13.3...v0.13.4)
|
data/README.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# GraphqlDevise
|
2
|
-
[![Build Status](https://
|
3
|
-
[![Coverage Status](https://coveralls.io/repos/
|
2
|
+
[![Build Status](https://gitlab.com/graphql-devise/graphql_devise/badges/master/pipeline.svg)](https://gitlab.com/graphql-devise/graphql_devise/-/commits/master)
|
3
|
+
[![Coverage Status](https://coveralls.io/repos/gitlab/graphql-devise/graphql_devise/badge.svg?branch=master)](https://coveralls.io/gitlab/graphql-devise/graphql_devise?branch=master)
|
4
4
|
[![Gem Version](https://badge.fury.io/rb/graphql_devise.svg)](https://badge.fury.io/rb/graphql_devise)
|
5
5
|
|
6
6
|
GraphQL interface on top of the [Devise Token Auth](https://github.com/lynndylanhurley/devise_token_auth) (DTA) gem.
|
@@ -33,6 +33,7 @@ GraphQL interface on top of the [Devise Token Auth](https://github.com/lynndylan
|
|
33
33
|
* [Making Requests](#making-requests)
|
34
34
|
* [Mutations](#mutations)
|
35
35
|
* [Queries](#queries)
|
36
|
+
* [Reset Password Flow](#reset-password-flow)
|
36
37
|
* [More Configuration Options](#more-configuration-options)
|
37
38
|
* [Devise Token Auth Initializer](#devise-token-auth-initializer)
|
38
39
|
* [Devise Initializer](#devise-initializer)
|
@@ -42,12 +43,13 @@ GraphQL interface on top of the [Devise Token Auth](https://github.com/lynndylan
|
|
42
43
|
* [Contributing](#contributing)
|
43
44
|
* [License](#license)
|
44
45
|
|
45
|
-
<!-- Added by:
|
46
|
+
<!-- Added by: mcelicalderon, at: Mon Jan 25 22:48:17 -05 2021 -->
|
46
47
|
|
47
48
|
<!--te-->
|
48
49
|
|
49
50
|
## Introduction
|
50
|
-
Graphql-Devise heavily relies on
|
51
|
+
Graphql-Devise heavily relies on 3 gems:
|
52
|
+
- [GraphQL Ruby](https://github.com/rmosolgo/graphql-ruby)
|
51
53
|
- [Devise Token Auth](https://github.com/lynndylanhurley/devise_token_auth) (DTA)
|
52
54
|
- [Devise](https://github.com/heartcombo/devise) (which is a DTA dependency)
|
53
55
|
|
@@ -107,7 +109,7 @@ and `api/auth` could be any mount path you would like to use for auth.
|
|
107
109
|
- Avoid passing the `--mount` option or the gem will try to use an existing schema.
|
108
110
|
|
109
111
|
#### Mounting Operations in Your Own Schema (> v0.12.0)
|
110
|
-
To configure the gem to use your own GQL schema use the `--mount` option.
|
112
|
+
To configure the gem to use your own GQL schema use the `--mount` option.
|
111
113
|
For instance the executing:
|
112
114
|
|
113
115
|
```bash
|
@@ -287,10 +289,12 @@ The following is a list of the symbols you can provide to the `operations`, `ski
|
|
287
289
|
:login
|
288
290
|
:logout
|
289
291
|
:sign_up
|
290
|
-
:update_password
|
291
|
-
:send_password_reset
|
292
292
|
:confirm_account
|
293
|
+
:send_password_reset
|
293
294
|
:check_password_token
|
295
|
+
:update_password
|
296
|
+
:send_password_reset_with_token
|
297
|
+
:update_password_with_token
|
294
298
|
```
|
295
299
|
|
296
300
|
### Configuring Model
|
@@ -457,9 +461,11 @@ Operation | Description | Example
|
|
457
461
|
login | This mutation has a second field by default. `credentials` can be fetched directly on the mutation return type.<br>Credentials are still returned in the headers of the response. | userLogin(email: String!, password: String!): UserLoginPayload
|
458
462
|
logout | | userLogout: UserLogoutPayload
|
459
463
|
signUp | The parameter `confirmSuccessUrl` is optional unless you are using the `confirmable` plugin from Devise in your `resource`'s model. If you have `confirmable` set up, you will have to provide it unless you have `config.default_confirm_success_url` set in `config/initializers/devise_token_auth.rb`. | userSignUp(email: String!, password: String!, passwordConfirmation: String!, confirmSuccessUrl: String): UserSignUpPayload
|
460
|
-
|
461
|
-
|
464
|
+
sendPasswordResetWithToken | Sends an email to the provided address with a link to reset the password of the resource. First step of the most recently implemented password reset flow. | userSendPasswordResetWithToken(email: String!, redirectUrl: String!): UserSendPasswordResetWithTokenPayload
|
465
|
+
updatePasswordWithToken | Uses a `resetPasswordToken` to update the password of a resource. Second and last step of the most recently implemented password reset flow. | userSendPasswordResetWithToken(resetPasswordToken: String!, password: String!, passwordConfirmation: String!): UserUpdatePasswordWithTokenPayload
|
462
466
|
resendConfirmation | The `UserResendConfirmationPayload` will return the `authenticatable` resource that was sent the confirmation instructions but also has a `message: String!` that can be used to notify a user what to do after the instructions were sent to them | userResendConfirmation(email: String!, redirectUrl: String!): UserResendConfirmationPayload
|
467
|
+
sendResetPassword | Sends an email to the provided address with a link to reset the password of the resource. **This mutation is part of the first and soon to be deprecated password reset flow.** | userSendResetPassword(email: String!, redirectUrl: String!): UserSendReserPasswordPayload
|
468
|
+
updatePassword | The parameter `currentPassword` is optional if you have `config.check_current_password_before_update` set to false (disabled by default) on your generated `config/initializers/devise_token_aut.rb` or if the `resource` model supports the `recoverable` Devise plugin and the `resource`'s `allow_password_change` attribute is set to true (this is done in the `userCheckPasswordToken` query when you click on the sent email's link). **This mutation is part of the first and soon to be deprecated password reset flow.** | userUpdatePassword(password: String!, passwordConfirmation: String!, currentPassword: String): UserUpdatePasswordPayload
|
463
469
|
|
464
470
|
#### Queries
|
465
471
|
Operation | Description | Example
|
@@ -477,6 +483,11 @@ you can use [our specs](spec/requests) to better understand how to use the gem.
|
|
477
483
|
Also, the [dummy app](spec/dummy) used in our specs will give you
|
478
484
|
a clear idea on how to configure the gem on your Rails application.
|
479
485
|
|
486
|
+
### Reset Password Flow
|
487
|
+
This gem supports two password recovery flows. The most recently implemented is preferred and
|
488
|
+
requires less steps. More detail on how it works can be found
|
489
|
+
[here](docs/usage/reset_password_flow.md).
|
490
|
+
|
480
491
|
### More Configuration Options
|
481
492
|
As mentioned in the introduction there are many configurations that will change how this gem behaves. You can change
|
482
493
|
this values on the initializer files generated by the installer.
|
@@ -2,7 +2,13 @@
|
|
2
2
|
|
3
3
|
<p><%= t('.request_reset_link_msg') %></p>
|
4
4
|
|
5
|
-
<p
|
5
|
+
<p>
|
6
|
+
<% if message['schema_url'].present? %>
|
7
|
+
<%= link_to t('.password_change_link'), "#{message['schema_url']}?#{password_reset_query(token: @token, redirect_url: message['redirect-url'], resource_name: @resource.class.to_s).to_query}" %>
|
8
|
+
<% else %>
|
9
|
+
<%= link_to t('.password_change_link'), "#{message['redirect-url'].to_s}?#{{ reset_password_token: @token }.to_query}" %>
|
10
|
+
<% end %>
|
11
|
+
</p>
|
6
12
|
|
7
13
|
<p><%= t('.ignore_mail_msg') %></p>
|
8
14
|
<p><%= t('.no_changes_msg') %></p>
|
data/config/locales/en.yml
CHANGED
@@ -1,5 +1,6 @@
|
|
1
1
|
en:
|
2
2
|
graphql_devise:
|
3
|
+
redirect_url_not_allowed: "Redirect to '%{redirect_url}' not allowed."
|
3
4
|
registration_failed: "User couldn't be registered"
|
4
5
|
resource_build_failed: "Resource couldn't be built, execution stopped."
|
5
6
|
not_authenticated: "User is not logged in."
|
@@ -7,8 +8,8 @@ en:
|
|
7
8
|
invalid_resource: "Errors present in the resource."
|
8
9
|
registrations:
|
9
10
|
missing_confirm_redirect_url: "Missing 'confirm_success_url' parameter. Required when confirmable module is enabled."
|
10
|
-
redirect_url_not_allowed: "Redirect to '%{redirect_url}' not allowed."
|
11
11
|
passwords:
|
12
|
+
password_recovery_disabled: "You must enable password recovery for this model."
|
12
13
|
update_password_error: "Unable to update user password"
|
13
14
|
missing_passwords: "You must fill out the fields labeled 'Password' and 'Password confirmation'."
|
14
15
|
password_not_required: "This account does not require a password. Sign in using your '%{provider}' account instead."
|
@@ -0,0 +1,90 @@
|
|
1
|
+
# Reset Password Flow
|
2
|
+
This gem supports two different ways to reset a password on a resource. Each password reset flow has it's own set of
|
3
|
+
operations and this document will explain in more detail how to use each.
|
4
|
+
The first and most recently implemented flow is preferred as it requires less steps and doesn't require a mutation
|
5
|
+
to return a redirect on the response. Flow 2 might be deprecated in the future.
|
6
|
+
|
7
|
+
## Flow #1 (Preferred)
|
8
|
+
This flow only has two steps. Each step name refers to the operation name you can use in the mount options to skip or override.
|
9
|
+
|
10
|
+
### 1. send_password_reset_with_token
|
11
|
+
This mutation will send an email to the specified address if it's found on the system. Returns an error if the email is not found. Here's an example assuming the resource used
|
12
|
+
for authentication is `User`:
|
13
|
+
```graphql
|
14
|
+
mutation {
|
15
|
+
userSendPasswordResetWithToken(
|
16
|
+
email: "vvega@wallaceinc.com",
|
17
|
+
redirectUrl: "https://google.com"
|
18
|
+
) {
|
19
|
+
message
|
20
|
+
}
|
21
|
+
}
|
22
|
+
```
|
23
|
+
The email will contain a link to the `redirectUrl` (https://google.com in the example) and append a `reset_password_token` query param. This is the token you will
|
24
|
+
need to use in the next step in order to reset the password.
|
25
|
+
|
26
|
+
### 2. update_password_with_token
|
27
|
+
This mutation uses the token sent on the email to find the resource you are trying to recover.
|
28
|
+
All you have to do is send a valid token together with the new password and password confirmation.
|
29
|
+
Here's an example assuming the resource used for authentication is `User`:
|
30
|
+
|
31
|
+
```graphql
|
32
|
+
mutation {
|
33
|
+
userUpdatePasswordWithToken(
|
34
|
+
resetPasswordToken: "token_here",
|
35
|
+
password: "password123",
|
36
|
+
passwordConfirmation: "password123"
|
37
|
+
) {
|
38
|
+
authenticatable { email }
|
39
|
+
credentials { accessToken }
|
40
|
+
}
|
41
|
+
}
|
42
|
+
```
|
43
|
+
The mutation has two fields:
|
44
|
+
1. `authenticatable`: Just like other mutations, returns the actual resource you just recover the password for.
|
45
|
+
1. `credentials`: This is a nullable field. It will only return credentials as if you had just logged
|
46
|
+
in into the app if you explicitly say so by overriding the mutation. The docs have more detail
|
47
|
+
on how to extend the default behavior of mutations, but
|
48
|
+
[here](https://github.com/graphql-devise/graphql_devise/blob/8c7c8a5ff1b35fb026e4c9499c70dc5f90b9187a/spec/dummy/app/graphql/mutations/reset_admin_password_with_token.rb)
|
49
|
+
you can find an example mutation on what needs to be done in order for the mutation to return
|
50
|
+
credentials after updating the password.
|
51
|
+
|
52
|
+
## Flow 2 (Deprecated)
|
53
|
+
This was the first flow to be implemented, requires an additional step and also to encode a GQL query in a url, so this is not the preferred method.
|
54
|
+
Each step name refers to the operation name you can use in the mount options to skip or override.
|
55
|
+
|
56
|
+
### 1. send_password_reset
|
57
|
+
This mutation will send an email to the specified address if it's found on the system. Returns an error if the email is not found. Here's an example assuming the resource used
|
58
|
+
for authentication is `User`:
|
59
|
+
```graphql
|
60
|
+
mutation {
|
61
|
+
userSendPasswordReset(
|
62
|
+
email: "vvega@wallaceinc.com",
|
63
|
+
redirectUrl: "https://google.com"
|
64
|
+
) {
|
65
|
+
message
|
66
|
+
}
|
67
|
+
}
|
68
|
+
```
|
69
|
+
The email will contain an encoded GraphQL query that holds the reset token and redirectUrl.
|
70
|
+
The query is described in the next step.
|
71
|
+
|
72
|
+
### 2. check_password_token
|
73
|
+
This query checks the reset password token and if successful changes a column in the DB (`allow_password_change`) to true.
|
74
|
+
This change will allow for the next step to update the password without providing the current password.
|
75
|
+
Then, this query will redirect to the provided `redirectUrl` with credentials.
|
76
|
+
|
77
|
+
### 3. update_password
|
78
|
+
This step requires the request to include authentication headers and will allow the user to
|
79
|
+
update the password if step 2 was successful.
|
80
|
+
Here's an example assuming the resource used for authentication is `User`:
|
81
|
+
```graphql
|
82
|
+
mutation {
|
83
|
+
userUpdatePassword(
|
84
|
+
password: "password123",
|
85
|
+
passwordConfirmation: "password123"
|
86
|
+
) {
|
87
|
+
authenticatable { email }
|
88
|
+
}
|
89
|
+
}
|
90
|
+
```
|