graphql_devise 0.13.5 → 0.14.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.circleci/config.yml +118 -0
- data/Appraisals +39 -5
- data/CHANGELOG.md +57 -6
- data/README.md +27 -7
- data/Rakefile +2 -1
- data/app/controllers/graphql_devise/graphql_controller.rb +1 -1
- data/app/views/graphql_devise/mailer/reset_password_instructions.html.erb +7 -1
- data/config/locales/en.yml +2 -1
- data/docs/usage/reset_password_flow.md +90 -0
- data/graphql_devise.gemspec +2 -2
- data/lib/graphql_devise/concerns/controller_methods.rb +6 -0
- data/lib/graphql_devise/default_operations/mutations.rb +10 -6
- data/lib/graphql_devise/mutations/resend_confirmation.rb +2 -0
- data/lib/graphql_devise/mutations/send_password_reset.rb +2 -0
- data/lib/graphql_devise/mutations/send_password_reset_with_token.rb +37 -0
- data/lib/graphql_devise/mutations/sign_up.rb +1 -3
- data/lib/graphql_devise/mutations/update_password_with_token.rb +38 -0
- data/lib/graphql_devise/resolvers/check_password_token.rb +1 -0
- data/lib/graphql_devise/resolvers/confirm_account.rb +2 -0
- data/lib/graphql_devise/schema_plugin.rb +22 -11
- data/lib/graphql_devise/version.rb +1 -1
- data/spec/dummy/app/controllers/api/v1/graphql_controller.rb +2 -2
- data/spec/dummy/app/graphql/dummy_schema.rb +4 -3
- data/spec/dummy/app/graphql/mutations/reset_admin_password_with_token.rb +13 -0
- data/spec/dummy/config/initializers/devise_token_auth.rb +2 -0
- data/spec/dummy/config/routes.rb +2 -1
- data/spec/dummy/db/migrate/20200623003142_create_schema_users.rb +0 -1
- data/spec/dummy/db/schema.rb +0 -1
- data/spec/graphql/user_queries_spec.rb +118 -0
- data/spec/requests/graphql_controller_spec.rb +12 -11
- data/spec/requests/mutations/additional_mutations_spec.rb +0 -1
- data/spec/requests/mutations/resend_confirmation_spec.rb +16 -1
- data/spec/requests/mutations/send_password_reset_spec.rb +16 -1
- data/spec/requests/mutations/send_password_reset_with_token_spec.rb +78 -0
- data/spec/requests/mutations/sign_up_spec.rb +19 -1
- data/spec/requests/mutations/update_password_with_token_spec.rb +119 -0
- data/spec/requests/queries/check_password_token_spec.rb +16 -1
- data/spec/requests/queries/confirm_account_spec.rb +17 -2
- data/spec/requests/queries/introspection_query_spec.rb +149 -0
- data/spec/requests/user_controller_spec.rb +9 -9
- data/spec/support/contexts/graphql_request.rb +12 -4
- data/spec/support/contexts/schema_test.rb +14 -0
- metadata +26 -11
- data/.travis.yml +0 -79
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8babaa3e2f0ece19b6abd429ea42fb2f87f93490beb6a781329756506c90a00b
|
4
|
+
data.tar.gz: 599bb62bff4fa27c19f83a75ba328d1af3915b2fb726553168678a8a47a8a8ee
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: dd833162fd74b0174358424a5ef0ec59ce663577c1ce6de6b84b712d05856cba2e226aece27e07c03eef681483862ef181ef4dc61674b2b74e6c8f939e6c7e0a
|
7
|
+
data.tar.gz: 8e7af3981a3ad1d4a199ddf31cc3242f603205a02181b76d9e63be7ff09979927acd0305578d1583a421c08e076a666778a15d62e4fb1c9517d54f91a3b39111
|
@@ -0,0 +1,118 @@
|
|
1
|
+
version: 2.1
|
2
|
+
orbs:
|
3
|
+
coveralls: coveralls/coveralls@1.0.6
|
4
|
+
|
5
|
+
jobs:
|
6
|
+
test:
|
7
|
+
parameters:
|
8
|
+
ruby-version:
|
9
|
+
type: string
|
10
|
+
gemfile:
|
11
|
+
type: string
|
12
|
+
docker:
|
13
|
+
- image: 'ruby:<< parameters.ruby-version >>'
|
14
|
+
environment:
|
15
|
+
BUNDLE_GEMFILE: << parameters.gemfile >>
|
16
|
+
BUNDLE_PATH: ../vendor/bundle
|
17
|
+
COVERALLS_PARALLEL: true
|
18
|
+
EAGER_LOAD: 'true'
|
19
|
+
steps:
|
20
|
+
- checkout
|
21
|
+
- restore_cache:
|
22
|
+
keys:
|
23
|
+
- v1.0-<< parameters.gemfile >>-<< parameters.ruby-version >>
|
24
|
+
- run: gem install bundler -v '1.17'
|
25
|
+
- run:
|
26
|
+
name: Install dependencies
|
27
|
+
command: bundle install
|
28
|
+
- save_cache:
|
29
|
+
key: v1.0-<< parameters.gemfile >>-<< parameters.ruby-version >>
|
30
|
+
paths:
|
31
|
+
- vendor/bundle
|
32
|
+
- run:
|
33
|
+
name: Run Specs
|
34
|
+
command:
|
35
|
+
bundle exec rspec
|
36
|
+
report-coverage:
|
37
|
+
docker:
|
38
|
+
- image: 'circleci/node:10.0.0'
|
39
|
+
steps:
|
40
|
+
- coveralls/upload:
|
41
|
+
parallel_finished: true
|
42
|
+
|
43
|
+
workflows:
|
44
|
+
test-suite:
|
45
|
+
jobs:
|
46
|
+
- test:
|
47
|
+
matrix:
|
48
|
+
parameters:
|
49
|
+
ruby-version:
|
50
|
+
- '2.2'
|
51
|
+
- '2.3'
|
52
|
+
- '2.4'
|
53
|
+
- '2.5'
|
54
|
+
- '2.6'
|
55
|
+
- '2.7'
|
56
|
+
- '3.0'
|
57
|
+
gemfile:
|
58
|
+
- gemfiles/rails4.2_graphql1.8.gemfile
|
59
|
+
- gemfiles/rails5.0_graphql1.8.gemfile
|
60
|
+
- gemfiles/rails5.0_graphql1.9.gemfile
|
61
|
+
- gemfiles/rails5.1_graphql1.8.gemfile
|
62
|
+
- gemfiles/rails5.1_graphql1.9.gemfile
|
63
|
+
- gemfiles/rails5.2_graphql1.8.gemfile
|
64
|
+
- gemfiles/rails5.2_graphql1.9.gemfile
|
65
|
+
- gemfiles/rails5.2_graphql1.10.gemfile
|
66
|
+
- gemfiles/rails5.2_graphql1.11.gemfile
|
67
|
+
- gemfiles/rails6.0_graphql1.11.gemfile
|
68
|
+
- gemfiles/rails6.0_graphql1.12.gemfile
|
69
|
+
- gemfiles/rails6.1_graphql1.11.gemfile
|
70
|
+
- gemfiles/rails6.1_graphql1.12.gemfile
|
71
|
+
exclude:
|
72
|
+
- ruby-version: '2.2'
|
73
|
+
gemfile: gemfiles/rails6.0_graphql1.11.gemfile
|
74
|
+
- ruby-version: '2.2'
|
75
|
+
gemfile: gemfiles/rails6.0_graphql1.12.gemfile
|
76
|
+
- ruby-version: '2.2'
|
77
|
+
gemfile: gemfiles/rails6.1_graphql1.11.gemfile
|
78
|
+
- ruby-version: '2.2'
|
79
|
+
gemfile: gemfiles/rails6.1_graphql1.12.gemfile
|
80
|
+
- ruby-version: '2.3'
|
81
|
+
gemfile: gemfiles/rails6.0_graphql1.11.gemfile
|
82
|
+
- ruby-version: '2.3'
|
83
|
+
gemfile: gemfiles/rails6.0_graphql1.12.gemfile
|
84
|
+
- ruby-version: '2.3'
|
85
|
+
gemfile: gemfiles/rails6.1_graphql1.11.gemfile
|
86
|
+
- ruby-version: '2.3'
|
87
|
+
gemfile: gemfiles/rails6.1_graphql1.12.gemfile
|
88
|
+
- ruby-version: '2.4'
|
89
|
+
gemfile: gemfiles/rails6.0_graphql1.11.gemfile
|
90
|
+
- ruby-version: '2.4'
|
91
|
+
gemfile: gemfiles/rails6.0_graphql1.12.gemfile
|
92
|
+
- ruby-version: '2.4'
|
93
|
+
gemfile: gemfiles/rails6.1_graphql1.11.gemfile
|
94
|
+
- ruby-version: '2.4'
|
95
|
+
gemfile: gemfiles/rails6.1_graphql1.12.gemfile
|
96
|
+
- ruby-version: '2.7'
|
97
|
+
gemfile: gemfiles/rails4.2_graphql1.8.gemfile
|
98
|
+
- ruby-version: '3.0'
|
99
|
+
gemfile: gemfiles/rails4.2_graphql1.8.gemfile
|
100
|
+
- ruby-version: '3.0'
|
101
|
+
gemfile: gemfiles/rails5.0_graphql1.8.gemfile
|
102
|
+
- ruby-version: '3.0'
|
103
|
+
gemfile: gemfiles/rails5.0_graphql1.9.gemfile
|
104
|
+
- ruby-version: '3.0'
|
105
|
+
gemfile: gemfiles/rails5.1_graphql1.8.gemfile
|
106
|
+
- ruby-version: '3.0'
|
107
|
+
gemfile: gemfiles/rails5.1_graphql1.9.gemfile
|
108
|
+
- ruby-version: '3.0'
|
109
|
+
gemfile: gemfiles/rails5.2_graphql1.8.gemfile
|
110
|
+
- ruby-version: '3.0'
|
111
|
+
gemfile: gemfiles/rails5.2_graphql1.9.gemfile
|
112
|
+
- ruby-version: '3.0'
|
113
|
+
gemfile: gemfiles/rails5.2_graphql1.10.gemfile
|
114
|
+
- ruby-version: '3.0'
|
115
|
+
gemfile: gemfiles/rails5.2_graphql1.11.gemfile
|
116
|
+
- report-coverage:
|
117
|
+
requires:
|
118
|
+
- test
|
data/Appraisals
CHANGED
@@ -68,6 +68,13 @@ appraise 'rails5.2-graphql1.11' do
|
|
68
68
|
gem 'rspec-rails', '< 4.0'
|
69
69
|
end
|
70
70
|
|
71
|
+
appraise 'rails5.2-graphql1.12' do
|
72
|
+
gem 'sqlite3', '~> 1.3.6'
|
73
|
+
gem 'rails', github: 'rails/rails', branch: '5-2-stable'
|
74
|
+
gem 'graphql', '~> 1.12.0'
|
75
|
+
gem 'rspec-rails', '< 4.0'
|
76
|
+
end
|
77
|
+
|
71
78
|
appraise 'rails6.0-graphql1.8' do
|
72
79
|
gem 'sqlite3', '~> 1.4'
|
73
80
|
gem 'devise', '>= 4.7'
|
@@ -96,18 +103,45 @@ appraise 'rails6.0-graphql1.11' do
|
|
96
103
|
gem 'graphql', '~> 1.11.0'
|
97
104
|
end
|
98
105
|
|
99
|
-
appraise 'rails6.0-
|
106
|
+
appraise 'rails6.0-graphql1.12' do
|
100
107
|
gem 'sqlite3', '~> 1.4'
|
101
|
-
gem 'devise_token_auth', github: 'lynndylanhurley/devise_token_auth', branch: 'master'
|
102
108
|
gem 'devise', '>= 4.7'
|
103
109
|
gem 'rails', github: 'rails/rails', branch: '6-0-stable'
|
104
|
-
gem 'graphql',
|
110
|
+
gem 'graphql', '~> 1.12.0'
|
111
|
+
end
|
112
|
+
|
113
|
+
appraise 'rails6.1-graphql1.9' do
|
114
|
+
gem 'sqlite3', '~> 1.4'
|
115
|
+
gem 'devise', '>= 4.7'
|
116
|
+
gem 'rails', github: 'rails/rails', branch: '6-1-stable'
|
117
|
+
gem 'graphql', '~> 1.9.0'
|
118
|
+
end
|
119
|
+
|
120
|
+
appraise 'rails6.1-graphql1.10' do
|
121
|
+
gem 'sqlite3', '~> 1.4'
|
122
|
+
gem 'devise', '>= 4.7'
|
123
|
+
gem 'rails', github: 'rails/rails', branch: '6-1-stable'
|
124
|
+
gem 'graphql', '~> 1.10.0'
|
125
|
+
end
|
126
|
+
|
127
|
+
appraise 'rails6.1-graphql1.11' do
|
128
|
+
gem 'sqlite3', '~> 1.4'
|
129
|
+
gem 'devise', '>= 4.7'
|
130
|
+
gem 'rails', github: 'rails/rails', branch: '6-1-stable'
|
131
|
+
gem 'graphql', '~> 1.11.0'
|
132
|
+
end
|
133
|
+
|
134
|
+
appraise 'rails6.1-graphql1.12' do
|
135
|
+
gem 'sqlite3', '~> 1.4'
|
136
|
+
gem 'devise', '>= 4.7'
|
137
|
+
gem 'rails', github: 'rails/rails', branch: '6-1-stable'
|
138
|
+
gem 'graphql', '~> 1.12.0'
|
105
139
|
end
|
106
140
|
|
107
|
-
appraise '
|
141
|
+
appraise 'rails6.1-graphql_edge' do
|
108
142
|
gem 'sqlite3', '~> 1.4'
|
109
143
|
gem 'devise_token_auth', github: 'lynndylanhurley/devise_token_auth', branch: 'master'
|
110
144
|
gem 'devise', '>= 4.7'
|
111
|
-
gem 'rails', github: 'rails/rails', branch: '
|
145
|
+
gem 'rails', github: 'rails/rails', branch: '6-1-stable'
|
112
146
|
gem 'graphql', github: 'rmosolgo/graphql-ruby', branch: 'master'
|
113
147
|
end
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,56 @@
|
|
1
1
|
# Changelog
|
2
2
|
|
3
|
+
## [v0.14.3](https://github.com/graphql-devise/graphql_devise/tree/v0.14.3) (2021-04-28)
|
4
|
+
|
5
|
+
[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.14.2...v0.14.3)
|
6
|
+
|
7
|
+
**Implemented enhancements:**
|
8
|
+
|
9
|
+
- Add Support for Ruby 3 [\#170](https://github.com/graphql-devise/graphql_devise/pull/170) ([00dav00](https://github.com/00dav00))
|
10
|
+
|
11
|
+
**Fixed bugs:**
|
12
|
+
|
13
|
+
- ArgumentError \(wrong number of arguments \(given 2, expected 0..1\)\) [\#169](https://github.com/graphql-devise/graphql_devise/issues/169)
|
14
|
+
|
15
|
+
## [v0.14.2](https://github.com/graphql-devise/graphql_devise/tree/v0.14.2) (2021-03-08)
|
16
|
+
|
17
|
+
[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.14.1...v0.14.2)
|
18
|
+
|
19
|
+
**Implemented enhancements:**
|
20
|
+
|
21
|
+
- Add config for public introspection query on schema plugin [\#154](https://github.com/graphql-devise/graphql_devise/pull/154) ([00dav00](https://github.com/00dav00))
|
22
|
+
|
23
|
+
## [v0.14.1](https://github.com/graphql-devise/graphql_devise/tree/v0.14.1) (2021-02-11)
|
24
|
+
|
25
|
+
[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.14.0...v0.14.1)
|
26
|
+
|
27
|
+
**Implemented enhancements:**
|
28
|
+
|
29
|
+
- Testing Authenticated Elements [\#138](https://github.com/graphql-devise/graphql_devise/issues/138)
|
30
|
+
- Add support for GraphQL 1.12 [\#150](https://github.com/graphql-devise/graphql_devise/pull/150) ([mengqing](https://github.com/mengqing))
|
31
|
+
- Allow setting current resource in tests [\#149](https://github.com/graphql-devise/graphql_devise/pull/149) ([00dav00](https://github.com/00dav00))
|
32
|
+
|
33
|
+
**Merged pull requests:**
|
34
|
+
|
35
|
+
- Document password reset flows [\#147](https://github.com/graphql-devise/graphql_devise/pull/147) ([mcelicalderon](https://github.com/mcelicalderon))
|
36
|
+
|
37
|
+
## [v0.14.0](https://github.com/graphql-devise/graphql_devise/tree/v0.14.0) (2021-01-19)
|
38
|
+
|
39
|
+
[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.13.6...v0.14.0)
|
40
|
+
|
41
|
+
**Implemented enhancements:**
|
42
|
+
|
43
|
+
- Alternate reset password flow, only 2 steps, no redirect [\#146](https://github.com/graphql-devise/graphql_devise/pull/146) ([mcelicalderon](https://github.com/mcelicalderon))
|
44
|
+
|
45
|
+
## [v0.13.6](https://github.com/graphql-devise/graphql_devise/tree/v0.13.6) (2020-12-22)
|
46
|
+
|
47
|
+
[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.13.5...v0.13.6)
|
48
|
+
|
49
|
+
**Security fixes:**
|
50
|
+
|
51
|
+
- Possible security issue with password reset and redirectUrl [\#136](https://github.com/graphql-devise/graphql_devise/issues/136)
|
52
|
+
- Add redirect whitelist validation to all queries and mutations [\#140](https://github.com/graphql-devise/graphql_devise/pull/140) ([mcelicalderon](https://github.com/mcelicalderon))
|
53
|
+
|
3
54
|
## [v0.13.5](https://github.com/graphql-devise/graphql_devise/tree/v0.13.5) (2020-11-20)
|
4
55
|
|
5
56
|
[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.13.4...v0.13.5)
|
@@ -8,7 +59,7 @@
|
|
8
59
|
|
9
60
|
- Fixes connection\_config deprecation warning [\#135](https://github.com/graphql-devise/graphql_devise/pull/135) ([artplan1](https://github.com/artplan1))
|
10
61
|
|
11
|
-
## [v0.13.4](https://github.com/graphql-devise/graphql_devise/tree/v0.13.4) (2020-08-
|
62
|
+
## [v0.13.4](https://github.com/graphql-devise/graphql_devise/tree/v0.13.4) (2020-08-16)
|
12
63
|
|
13
64
|
[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.13.3...v0.13.4)
|
14
65
|
|
@@ -32,7 +83,7 @@
|
|
32
83
|
|
33
84
|
- Save resource after generating credentials in resource confirmation [\#125](https://github.com/graphql-devise/graphql_devise/pull/125) ([mcelicalderon](https://github.com/mcelicalderon))
|
34
85
|
|
35
|
-
## [v0.13.1](https://github.com/graphql-devise/graphql_devise/tree/v0.13.1) (2020-07-
|
86
|
+
## [v0.13.1](https://github.com/graphql-devise/graphql_devise/tree/v0.13.1) (2020-07-30)
|
36
87
|
|
37
88
|
[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.13.0...v0.13.1)
|
38
89
|
|
@@ -45,7 +96,7 @@
|
|
45
96
|
- Checking for `performed?` when mounting into your graphql schema. [\#110](https://github.com/graphql-devise/graphql_devise/issues/110)
|
46
97
|
- no query string for email reset [\#104](https://github.com/graphql-devise/graphql_devise/issues/104)
|
47
98
|
|
48
|
-
## [v0.13.0](https://github.com/graphql-devise/graphql_devise/tree/v0.13.0) (2020-06-
|
99
|
+
## [v0.13.0](https://github.com/graphql-devise/graphql_devise/tree/v0.13.0) (2020-06-23)
|
49
100
|
|
50
101
|
[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.12.3...v0.13.0)
|
51
102
|
|
@@ -62,7 +113,7 @@
|
|
62
113
|
- CookieOverflow for Own Schema Mount [\#112](https://github.com/graphql-devise/graphql_devise/issues/112)
|
63
114
|
- Reconfirmable not setting unconfirmed\_email [\#102](https://github.com/graphql-devise/graphql_devise/issues/102)
|
64
115
|
|
65
|
-
## [v0.12.3](https://github.com/graphql-devise/graphql_devise/tree/v0.12.3) (2020-06-
|
116
|
+
## [v0.12.3](https://github.com/graphql-devise/graphql_devise/tree/v0.12.3) (2020-06-20)
|
66
117
|
|
67
118
|
[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.12.2...v0.12.3)
|
68
119
|
|
@@ -115,7 +166,7 @@
|
|
115
166
|
|
116
167
|
**Implemented enhancements:**
|
117
168
|
|
118
|
-
- Default `
|
169
|
+
- Default `change_headers_on_each_request` to false [\#76](https://github.com/graphql-devise/graphql_devise/issues/76)
|
119
170
|
- Replace the auth model concern on generator execution [\#53](https://github.com/graphql-devise/graphql_devise/issues/53)
|
120
171
|
- Generator. Use our modules, change defaults [\#91](https://github.com/graphql-devise/graphql_devise/pull/91) ([mcelicalderon](https://github.com/mcelicalderon))
|
121
172
|
|
@@ -133,6 +184,7 @@
|
|
133
184
|
|
134
185
|
**Implemented enhancements:**
|
135
186
|
|
187
|
+
- Add case insensitive fields to sign\_up and login [\#66](https://github.com/graphql-devise/graphql_devise/issues/66)
|
136
188
|
- Honor Devise's case insensitive fields [\#81](https://github.com/graphql-devise/graphql_devise/pull/81) ([mcelicalderon](https://github.com/mcelicalderon))
|
137
189
|
|
138
190
|
**Fixed bugs:**
|
@@ -143,7 +195,6 @@
|
|
143
195
|
|
144
196
|
- Get the Mutations going [\#83](https://github.com/graphql-devise/graphql_devise/issues/83)
|
145
197
|
- Improve docs. Better reference to Devise and DTA. [\#75](https://github.com/graphql-devise/graphql_devise/issues/75)
|
146
|
-
- Add case insensitive fields to sign\_up and login [\#66](https://github.com/graphql-devise/graphql_devise/issues/66)
|
147
198
|
|
148
199
|
**Merged pull requests:**
|
149
200
|
|
data/README.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# GraphqlDevise
|
2
|
-
[![Build Status](https://
|
3
|
-
[![Coverage Status](https://coveralls.io/repos/github/graphql-devise/graphql_devise/badge.svg
|
2
|
+
[![Build Status](https://circleci.com/gh/graphql-devise/graphql_devise.svg?style=svg)](https://app.circleci.com/pipelines/github/graphql-devise/graphql_devise)
|
3
|
+
[![Coverage Status](https://coveralls.io/repos/github/graphql-devise/graphql_devise/badge.svg)](https://coveralls.io/github/graphql-devise/graphql_devise)
|
4
4
|
[![Gem Version](https://badge.fury.io/rb/graphql_devise.svg)](https://badge.fury.io/rb/graphql_devise)
|
5
5
|
|
6
6
|
GraphQL interface on top of the [Devise Token Auth](https://github.com/lynndylanhurley/devise_token_auth) (DTA) gem.
|
@@ -31,8 +31,10 @@ GraphQL interface on top of the [Devise Token Auth](https://github.com/lynndylan
|
|
31
31
|
* [Authenticate in Your GQL Schema](#authenticate-in-your-gql-schema)
|
32
32
|
* [Important](#important-2)
|
33
33
|
* [Making Requests](#making-requests)
|
34
|
+
* [Introspection query](#introspection-query)
|
34
35
|
* [Mutations](#mutations)
|
35
36
|
* [Queries](#queries)
|
37
|
+
* [Reset Password Flow](#reset-password-flow)
|
36
38
|
* [More Configuration Options](#more-configuration-options)
|
37
39
|
* [Devise Token Auth Initializer](#devise-token-auth-initializer)
|
38
40
|
* [Devise Initializer](#devise-initializer)
|
@@ -42,7 +44,7 @@ GraphQL interface on top of the [Devise Token Auth](https://github.com/lynndylan
|
|
42
44
|
* [Contributing](#contributing)
|
43
45
|
* [License](#license)
|
44
46
|
|
45
|
-
<!-- Added by:
|
47
|
+
<!-- Added by: mcelicalderon, at: Mon Jan 25 22:48:17 -05 2021 -->
|
46
48
|
|
47
49
|
<!--te-->
|
48
50
|
|
@@ -225,6 +227,12 @@ authentication unless specified otherwise using the `authenticate: true` option
|
|
225
227
|
one argument (field name) and is called whenever a field that requires authentication
|
226
228
|
is called without an authenticated resource. By default a `GraphQL::ExecutionError` will be
|
227
229
|
raised if authentication fails. This will provide a GQL like error message on the response.
|
230
|
+
1. `public_introspection`: The [introspection query](https://graphql.org/learn/introspection/) is a very useful GQL resource that provides
|
231
|
+
information about what queries the schema supports. This query is very powerful and
|
232
|
+
there may be some case in which you want to limit its usage to authenticated users.
|
233
|
+
To accomplish this the schema plugin provides the `public_introspection` option. This option
|
234
|
+
accepts a boolean value and by default will consider introspection queries public in all
|
235
|
+
environments but production.
|
228
236
|
|
229
237
|
### Available Mount Options
|
230
238
|
Both the `mount_graphql_devise_for` method and the `GraphqlDevise::ResourceLoader` class
|
@@ -288,10 +296,12 @@ The following is a list of the symbols you can provide to the `operations`, `ski
|
|
288
296
|
:login
|
289
297
|
:logout
|
290
298
|
:sign_up
|
291
|
-
:update_password
|
292
|
-
:send_password_reset
|
293
299
|
:confirm_account
|
300
|
+
:send_password_reset
|
294
301
|
:check_password_token
|
302
|
+
:update_password
|
303
|
+
:send_password_reset_with_token
|
304
|
+
:update_password_with_token
|
295
305
|
```
|
296
306
|
|
297
307
|
### Configuring Model
|
@@ -451,6 +461,9 @@ Remember to check `performed?` before rendering the result of the graphql operat
|
|
451
461
|
### Making Requests
|
452
462
|
Here is a list of the available mutations and queries assuming your mounted model is `User`.
|
453
463
|
|
464
|
+
#### Introspection query
|
465
|
+
If you are using the schema plugin, you can require authentication before doing an introspection query by modifying the `public_introspection` option of the plugin. Check the [plugin config section](#mounting-operations-into-your-own-schema) for more information.
|
466
|
+
|
454
467
|
#### Mutations
|
455
468
|
|
456
469
|
Operation | Description | Example
|
@@ -458,9 +471,11 @@ Operation | Description | Example
|
|
458
471
|
login | This mutation has a second field by default. `credentials` can be fetched directly on the mutation return type.<br>Credentials are still returned in the headers of the response. | userLogin(email: String!, password: String!): UserLoginPayload
|
459
472
|
logout | | userLogout: UserLogoutPayload
|
460
473
|
signUp | The parameter `confirmSuccessUrl` is optional unless you are using the `confirmable` plugin from Devise in your `resource`'s model. If you have `confirmable` set up, you will have to provide it unless you have `config.default_confirm_success_url` set in `config/initializers/devise_token_auth.rb`. | userSignUp(email: String!, password: String!, passwordConfirmation: String!, confirmSuccessUrl: String): UserSignUpPayload
|
461
|
-
|
462
|
-
|
474
|
+
sendPasswordResetWithToken | Sends an email to the provided address with a link to reset the password of the resource. First step of the most recently implemented password reset flow. | userSendPasswordResetWithToken(email: String!, redirectUrl: String!): UserSendPasswordResetWithTokenPayload
|
475
|
+
updatePasswordWithToken | Uses a `resetPasswordToken` to update the password of a resource. Second and last step of the most recently implemented password reset flow. | userSendPasswordResetWithToken(resetPasswordToken: String!, password: String!, passwordConfirmation: String!): UserUpdatePasswordWithTokenPayload
|
463
476
|
resendConfirmation | The `UserResendConfirmationPayload` will return the `authenticatable` resource that was sent the confirmation instructions but also has a `message: String!` that can be used to notify a user what to do after the instructions were sent to them | userResendConfirmation(email: String!, redirectUrl: String!): UserResendConfirmationPayload
|
477
|
+
sendResetPassword | Sends an email to the provided address with a link to reset the password of the resource. **This mutation is part of the first and soon to be deprecated password reset flow.** | userSendResetPassword(email: String!, redirectUrl: String!): UserSendReserPasswordPayload
|
478
|
+
updatePassword | The parameter `currentPassword` is optional if you have `config.check_current_password_before_update` set to false (disabled by default) on your generated `config/initializers/devise_token_aut.rb` or if the `resource` model supports the `recoverable` Devise plugin and the `resource`'s `allow_password_change` attribute is set to true (this is done in the `userCheckPasswordToken` query when you click on the sent email's link). **This mutation is part of the first and soon to be deprecated password reset flow.** | userUpdatePassword(password: String!, passwordConfirmation: String!, currentPassword: String): UserUpdatePasswordPayload
|
464
479
|
|
465
480
|
#### Queries
|
466
481
|
Operation | Description | Example
|
@@ -478,6 +493,11 @@ you can use [our specs](spec/requests) to better understand how to use the gem.
|
|
478
493
|
Also, the [dummy app](spec/dummy) used in our specs will give you
|
479
494
|
a clear idea on how to configure the gem on your Rails application.
|
480
495
|
|
496
|
+
### Reset Password Flow
|
497
|
+
This gem supports two password recovery flows. The most recently implemented is preferred and
|
498
|
+
requires less steps. More detail on how it works can be found
|
499
|
+
[here](docs/usage/reset_password_flow.md).
|
500
|
+
|
481
501
|
### More Configuration Options
|
482
502
|
As mentioned in the introduction there are many configurations that will change how this gem behaves. You can change
|
483
503
|
this values on the initializer files generated by the installer.
|
data/Rakefile
CHANGED
@@ -18,11 +18,12 @@ end
|
|
18
18
|
|
19
19
|
require 'github_changelog_generator/task'
|
20
20
|
|
21
|
-
GitHubChangelogGenerator::RakeTask.new
|
21
|
+
GitHubChangelogGenerator::RakeTask.new do |config|
|
22
22
|
config.user = 'graphql-devise'
|
23
23
|
config.project = 'graphql_devise'
|
24
24
|
config.future_release = ENV['FUTURE_RELEASE']
|
25
25
|
config.add_issues_wo_labels = false
|
26
|
+
config.add_pr_wo_labels = false
|
26
27
|
end
|
27
28
|
|
28
29
|
APP_RAKEFILE = File.expand_path('spec/dummy/Rakefile', __dir__)
|
@@ -2,7 +2,13 @@
|
|
2
2
|
|
3
3
|
<p><%= t('.request_reset_link_msg') %></p>
|
4
4
|
|
5
|
-
<p
|
5
|
+
<p>
|
6
|
+
<% if message['schema_url'].present? %>
|
7
|
+
<%= link_to t('.password_change_link'), "#{message['schema_url']}?#{password_reset_query(token: @token, redirect_url: message['redirect-url'], resource_name: @resource.class.to_s).to_query}" %>
|
8
|
+
<% else %>
|
9
|
+
<%= link_to t('.password_change_link'), "#{message['redirect-url'].to_s}?#{{ reset_password_token: @token }.to_query}" %>
|
10
|
+
<% end %>
|
11
|
+
</p>
|
6
12
|
|
7
13
|
<p><%= t('.ignore_mail_msg') %></p>
|
8
14
|
<p><%= t('.no_changes_msg') %></p>
|
data/config/locales/en.yml
CHANGED
@@ -1,5 +1,6 @@
|
|
1
1
|
en:
|
2
2
|
graphql_devise:
|
3
|
+
redirect_url_not_allowed: "Redirect to '%{redirect_url}' not allowed."
|
3
4
|
registration_failed: "User couldn't be registered"
|
4
5
|
resource_build_failed: "Resource couldn't be built, execution stopped."
|
5
6
|
not_authenticated: "User is not logged in."
|
@@ -7,8 +8,8 @@ en:
|
|
7
8
|
invalid_resource: "Errors present in the resource."
|
8
9
|
registrations:
|
9
10
|
missing_confirm_redirect_url: "Missing 'confirm_success_url' parameter. Required when confirmable module is enabled."
|
10
|
-
redirect_url_not_allowed: "Redirect to '%{redirect_url}' not allowed."
|
11
11
|
passwords:
|
12
|
+
password_recovery_disabled: "You must enable password recovery for this model."
|
12
13
|
update_password_error: "Unable to update user password"
|
13
14
|
missing_passwords: "You must fill out the fields labeled 'Password' and 'Password confirmation'."
|
14
15
|
password_not_required: "This account does not require a password. Sign in using your '%{provider}' account instead."
|