graphql_devise 0.14.3 → 0.17.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8babaa3e2f0ece19b6abd429ea42fb2f87f93490beb6a781329756506c90a00b
-  data.tar.gz: 599bb62bff4fa27c19f83a75ba328d1af3915b2fb726553168678a8a47a8a8ee
+  metadata.gz: 0a627bf05673e2c42f24eeb15db1101c060caade6270485146676c6e30840e5d
+  data.tar.gz: 9e97f20e1c073225d884e4d2e4fd9e0c9bddbf4eab52fc214c7c1cd5a113411f
 SHA512:
-  metadata.gz: dd833162fd74b0174358424a5ef0ec59ce663577c1ce6de6b84b712d05856cba2e226aece27e07c03eef681483862ef181ef4dc61674b2b74e6c8f939e6c7e0a
-  data.tar.gz: 8e7af3981a3ad1d4a199ddf31cc3242f603205a02181b76d9e63be7ff09979927acd0305578d1583a421c08e076a666778a15d62e4fb1c9517d54f91a3b39111
+  metadata.gz: 2b4026ea6635fdb87856a57eb50ae58cd5406605ffc46347957e1839da04586e2015792905a8214aa24b4ba0b991102ea0edc4e4713e510e42fa23bc13569a9f
+  data.tar.gz: 9b24ea5c67644952818cb0dce4119696aa552e1cc9aeda5c67fbe045d15a64312be4c868eed5b9780f2114e4d6e50a73edf6ca13513fda0c5745213a10a9586f

data/Appraisals

@@ -3,6 +3,7 @@ appraise 'rails4.2-graphql1.8' do
   gem 'bundler', '~> 1.17'
   gem 'rails', github: 'rails/rails', branch: '4-2-stable'
   gem 'graphql', '~> 1.8.0'
+  gem 'devise_token_auth', '< 1.2'
   gem 'rspec-rails', '< 4.0'
 end
 
@@ -19,6 +20,7 @@ appraise 'rails5.0-graphql1.9' do
   gem 'sqlite3', '~> 1.3.6'
   gem 'rails', github: 'rails/rails', branch: '5-0-stable'
   gem 'graphql', '~> 1.9.0'
+  gem 'devise_token_auth', '< 1.2'
   gem 'rspec-rails', '< 4.0'
 end
 
@@ -35,6 +37,7 @@ appraise 'rails5.1-graphql1.9' do
   gem 'sqlite3', '~> 1.3.6'
   gem 'rails', github: 'rails/rails', branch: '5-1-stable'
   gem 'graphql', '~> 1.9.0'
+  gem 'devise_token_auth', '< 1.2'
   gem 'rspec-rails', '< 4.0'
 end
 
@@ -51,6 +54,7 @@ appraise 'rails5.2-graphql1.9' do
   gem 'sqlite3', '~> 1.3.6'
   gem 'rails', github: 'rails/rails', branch: '5-2-stable'
   gem 'graphql', '~> 1.9.0'
+  gem 'devise_token_auth', '< 1.2'
   gem 'rspec-rails', '< 4.0'
 end
 
@@ -58,6 +62,7 @@ appraise 'rails5.2-graphql1.10' do
   gem 'sqlite3', '~> 1.3.6'
   gem 'rails', github: 'rails/rails', branch: '5-2-stable'
   gem 'graphql', '~> 1.10.0'
+  gem 'devise_token_auth', '< 1.2'
   gem 'rspec-rails', '< 4.0'
 end
 
@@ -65,6 +70,7 @@ appraise 'rails5.2-graphql1.11' do
   gem 'sqlite3', '~> 1.3.6'
   gem 'rails', github: 'rails/rails', branch: '5-2-stable'
   gem 'graphql', '~> 1.11.0'
+  gem 'devise_token_auth', '< 1.2'
   gem 'rspec-rails', '< 4.0'
 end
 
@@ -72,6 +78,7 @@ appraise 'rails5.2-graphql1.12' do
   gem 'sqlite3', '~> 1.3.6'
   gem 'rails', github: 'rails/rails', branch: '5-2-stable'
   gem 'graphql', '~> 1.12.0'
+  gem 'devise_token_auth', '< 1.2'
   gem 'rspec-rails', '< 4.0'
 end
 

data/CHANGELOG.md

@@ -1,5 +1,63 @@
 # Changelog
 
+## [v0.17.1](https://github.com/graphql-devise/graphql_devise/tree/v0.17.1) (2021-08-02)
+
+[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.17.0...v0.17.1)
+
+**Implemented enhancements:**
+
+- Set context\[:current\_resource\] upon login [\#193](https://github.com/graphql-devise/graphql_devise/pull/193) ([TomasBarry](https://github.com/TomasBarry))
+
+**Merged pull requests:**
+
+- Improve README [\#190](https://github.com/graphql-devise/graphql_devise/pull/190) ([00dav00](https://github.com/00dav00))
+
+## [v0.17.0](https://github.com/graphql-devise/graphql_devise/tree/v0.17.0) (2021-06-09)
+
+[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.16.0...v0.17.0)
+
+**Implemented enhancements:**
+
+- Another click in confirm account results in error [\#184](https://github.com/graphql-devise/graphql_devise/issues/184)
+- Add resendConfirmationWithToken mutation [\#186](https://github.com/graphql-devise/graphql_devise/pull/186) ([mcelicalderon](https://github.com/mcelicalderon))
+- Add register mutation and alternate confirmation flow [\#185](https://github.com/graphql-devise/graphql_devise/pull/185) ([mcelicalderon](https://github.com/mcelicalderon))
+
+**Deprecated:**
+
+- Deprecate mutations and queries that required a redirect [\#187](https://github.com/graphql-devise/graphql_devise/pull/187) ([mcelicalderon](https://github.com/mcelicalderon))
+
+**Merged pull requests:**
+
+- Document new registration and confirmation flow [\#188](https://github.com/graphql-devise/graphql_devise/pull/188) ([mcelicalderon](https://github.com/mcelicalderon))
+
+## [v0.16.0](https://github.com/graphql-devise/graphql_devise/tree/v0.16.0) (2021-05-20)
+
+[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.15.0...v0.16.0)
+
+**Implemented enhancements:**
+
+- Allow checking of authenticaded resource via callable object [\#180](https://github.com/graphql-devise/graphql_devise/pull/180) ([mcelicalderon](https://github.com/mcelicalderon))
+
+**Merged pull requests:**
+
+- Document authenticate with callable [\#181](https://github.com/graphql-devise/graphql_devise/pull/181) ([mcelicalderon](https://github.com/mcelicalderon))
+
+## [v0.15.0](https://github.com/graphql-devise/graphql_devise/tree/v0.15.0) (2021-05-09)
+
+[Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.14.3...v0.15.0)
+
+**Implemented enhancements:**
+
+- Allow controller level authentication [\#175](https://github.com/graphql-devise/graphql_devise/pull/175) ([mcelicalderon](https://github.com/mcelicalderon))
+
+**Deprecated:**
+
+- Deprecate authenticating resources inside the GQL schema [\#176](https://github.com/graphql-devise/graphql_devise/pull/176) ([mcelicalderon](https://github.com/mcelicalderon))
+
+**Merged pull requests:**
+
+- Add controller level auth documentation [\#177](https://github.com/graphql-devise/graphql_devise/pull/177) ([mcelicalderon](https://github.com/mcelicalderon))
+
 ## [v0.14.3](https://github.com/graphql-devise/graphql_devise/tree/v0.14.3) (2021-04-28)
 
 [Full Changelog](https://github.com/graphql-devise/graphql_devise/compare/v0.14.2...v0.14.3)

data/README.md

@@ -8,43 +8,46 @@ GraphQL interface on top of the [Devise Token Auth](https://github.com/lynndylan
 ## Table of Contents
 
 <!--ts-->
-   * [GraphqlDevise](#graphqldevise)
-      * [Table of Contents](#table-of-contents)
-      * [Introduction](#introduction)
-      * [Installation](#installation)
-         * [Running the Generator](#running-the-generator)
-            * [Mounting the Schema in a Separate Route](#mounting-the-schema-in-a-separate-route)
-               * [Important](#important)
-            * [Mounting Operations in Your Own Schema (&gt; v0.12.0)](#mounting-operations-in-your-own-schema--v0120)
-               * [Important](#important-1)
-      * [Usage](#usage)
-         * [Mounting Auth Schema on a Separate Route](#mounting-auth-schema-on-a-separate-route)
-         * [Mounting Operations Into Your Own Schema](#mounting-operations-into-your-own-schema)
-         * [Available Mount Options](#available-mount-options)
-         * [Available Operations](#available-operations)
-         * [Configuring Model](#configuring-model)
-         * [Email Reconfirmation](#email-reconfirmation)
-         * [Customizing Email Templates](#customizing-email-templates)
-         * [I18n](#i18n)
-         * [Authenticating Controller Actions](#authenticating-controller-actions)
-            * [Authenticate Before Reaching Your GQL Schema](#authenticate-before-reaching-your-gql-schema)
-            * [Authenticate in Your GQL Schema](#authenticate-in-your-gql-schema)
-            * [Important](#important-2)
-         * [Making Requests](#making-requests)
-            * [Introspection query](#introspection-query)
-            * [Mutations](#mutations)
-            * [Queries](#queries)
-         * [Reset Password Flow](#reset-password-flow)
-         * [More Configuration Options](#more-configuration-options)
-            * [Devise Token Auth Initializer](#devise-token-auth-initializer)
-            * [Devise Initializer](#devise-initializer)
-         * [GraphQL Interpreter](#graphql-interpreter)
-         * [Using Alongside Standard Devise](#using-alongside-standard-devise)
-      * [Future Work](#future-work)
-      * [Contributing](#contributing)
-      * [License](#license)
-
-<!-- Added by: mcelicalderon, at: Mon Jan 25 22:48:17 -05 2021 -->
+* [GraphqlDevise](#graphqldevise)
+   * [Table of Contents](#table-of-contents)
+   * [Introduction](#introduction)
+   * [Installation](#installation)
+      * [Running the Generator](#running-the-generator)
+         * [Mounting the Schema in a Separate Route](#mounting-the-schema-in-a-separate-route)
+         * [Mounting Operations in an Existing Schema (&gt; v0.12.0)](#mounting-operations-in-an-existing-schema--v0120)
+   * [Usage](#usage)
+      * [Mounting Auth Schema on a Separate Route](#mounting-auth-schema-on-a-separate-route)
+      * [Mounting Operations In an Existing Schema](#mounting-operations-in-an-existing-schema)
+      * [Available Mount Options](#available-mount-options)
+      * [Available Operations](#available-operations)
+      * [Configuring Model](#configuring-model)
+      * [Email Reconfirmation](#email-reconfirmation)
+         * [Current flow](#current-flow)
+         * [Deprecated flow - Do Not Use](#deprecated-flow---do-not-use)
+      * [Customizing Email Templates](#customizing-email-templates)
+      * [I18n](#i18n)
+      * [Authenticating Controller Actions](#authenticating-controller-actions)
+         * [Authenticate Resource in the Controller (&gt;= v0.15.0)](#authenticate-resource-in-the-controller--v0150)
+            * [Authentication Options](#authentication-options)
+         * [Authenticate Before Reaching Your GQL Schema (Deprecated)](#authenticate-before-reaching-your-gql-schema-deprecated)
+         * [Authenticate in an Existing Schema (Deprecated)](#authenticate-in-an-existing-schema-deprecated)
+            * [Authentication Options](#authentication-options-1)
+         * [Important](#important)
+      * [Making Requests](#making-requests)
+         * [Introspection query](#introspection-query)
+         * [Mutations](#mutations)
+         * [Queries](#queries)
+      * [Reset Password Flow](#reset-password-flow)
+      * [More Configuration Options](#more-configuration-options)
+         * [Devise Token Auth Initializer](#devise-token-auth-initializer)
+         * [Devise Initializer](#devise-initializer)
+      * [GraphQL Interpreter](#graphql-interpreter)
+      * [Using Alongside Standard Devise](#using-alongside-standard-devise)
+   * [Future Work](#future-work)
+   * [Contributing](#contributing)
+   * [License](#license)
+
+<!-- Added by: david, at: jue jun 24 18:32:27 -05 2021 -->
 
 <!--te-->
 
@@ -78,11 +81,10 @@ Graphql Devise generator will execute `Devise` and `Devise Token Auth` generator
 ```bash
 $ bundle exec rails generate graphql_devise:install
 ```
-The generator accepts 2 params:
+The generator accepts 2 params and 1 option:
 - `user_class`: Model name in which `Devise` modules will be included. This uses a `find or create` strategy. Defaults to `User`.
 - `mount_path`: Path in which the dedicated graphql schema for devise will be mounted. Defaults to `/graphql_auth`.
-
-The option `mount` is available starting from `v0.12.0`. This option will allow you to mount the operations in your own schema instead of a dedicated one. When this option is provided `mount_path` param is not used.
+- `--mount`: This options is available starting from `v0.12.0`, it allows you to mount the operations in your own schema instead of a dedicated one. When provided `mount_path` param is ignored.
 
 #### Mounting the Schema in a Separate Route
 
@@ -100,17 +102,17 @@ Will do the following:
   - Add `devise` modules to `Admin` model
   - Other changes that you can find [here](https://devise-token-auth.gitbook.io/devise-token-auth/config)
 - Add the route to `config/routes.rb`
-  - `mount_graphql_devise_for 'Admin', at: 'api/auth'`
+  - `mount_graphql_devise_for Admin, at: 'api/auth'`
 
 `Admin` could be any model name you are going to be using for authentication,
 and `api/auth` could be any mount path you would like to use for auth.
 
-##### Important
+**Important**
  - Remember that by default this gem mounts a completely separate GraphQL schema on a separate controller in the route provided by the `at` option in the `mount_graphql_devise_for` method in the `config/routes.rb` file. If no `at` option is provided, the route will be `/graphql_auth`.
- - Avoid passing the `--mount` option or the gem will try to use an existing schema.
+ - Avoid passing the `--mount` option if you want to use a separate route and schema.
 
-#### Mounting Operations in Your Own Schema (> v0.12.0)
-To configure the gem to use your own GQL schema use the `--mount` option.
+#### Mounting Operations in an Existing Schema (> v0.12.0)
+To configure the gem to use an existing GQL schema use the `--mount` option.
 For instance the executing:
 
 ```bash
@@ -126,8 +128,8 @@ Will do the following:
   - Add `SchemaPlugin` to the specified schema.
 
 
-##### Important
- - When using the `--mount` option the `mount_path` params is ignored.
+**Important**
+ - When using the `--mount` option the `mount_path` param is ignored.
  - The generator will look for your schema under `app/graphql/` directory. We are expecting the name of the file is the same as the as the one passed in the mount option transformed with `underscore`. In the example, passing `MySchema`, will try to find the file `app/graphql/my_schema.rb`.
  - You can actually mount a resource's auth schema in a separate route and in your app's schema at the same time, but that's probably not a common scenario.
 
@@ -149,13 +151,13 @@ You can mount this gem's GraphQL auth schema in your routes file like this:
 
 Rails.application.routes.draw do
   mount_graphql_devise_for(
-    'User',
+    User,
     at: 'api/v1',
     authenticatable_type: Types::MyCustomUserType,
     operations: {
       login: Mutations::Login
     },
-    skip: [:sign_up],
+    skip: [:register],
     additional_mutations: {
       # generates mutation { adminUserSignUp }
       admin_user_sign_up: Mutations::AdminUserSignUp
@@ -172,10 +174,10 @@ The second argument of the `mount_graphql_devise` method is a hash of options wh
 customize how the queries and mutations are mounted into the schema. For a list of available
 options go [here](#available-mount-options)
 
-### Mounting Operations Into Your Own Schema
+### Mounting Operations In an Existing Schema
 
-Starting with `v0.12.0` you can now mount the GQL operations provided by this gem into your
-app's main schema.
+Starting with `v0.12.0` you can mount the GQL operations provided by this gem into an
+existing schema in you app.
 
 ```ruby
 # app/graphql/dummy_schema.rb
@@ -187,7 +189,7 @@ class DummySchema < GraphQL::Schema
     query:            Types::QueryType,
     mutation:         Types::MutationType,
     resource_loaders: [
-      GraphqlDevise::ResourceLoader.new('User', only: [:login, :confirm_account])
+      GraphqlDevise::ResourceLoader.new(User, only: [:login, :confirm_registration_with_token])
     ]
   )
 
@@ -242,10 +244,10 @@ this gem's auth operation into your schema, these are the options you can provid
 
 ```ruby
 # Using the mount method in your config/routes.rb file
-mount_graphql_devise_for('User', {})
+mount_graphql_devise_for(User, {})
 
 # Providing options to a GraphqlDevise::ResourceLoader
-GraphqlDevise::ResourceLoader.new('User', {})
+GraphqlDevise::ResourceLoader.new(User, {})
 ```
 
 1. `at`: Route where the GraphQL schema will be mounted on the Rails server.
@@ -295,13 +297,17 @@ The following is a list of the symbols you can provide to the `operations`, `ski
 ```ruby
 :login
 :logout
-:sign_up
-:confirm_account
-:send_password_reset
-:check_password_token
-:update_password
-:send_password_reset_with_token
+:sign_up (deprecated)
+:register
+:update_password (deprecated)
 :update_password_with_token
+:send_password_reset (deprecated)
+:send_password_reset_with_token
+:resend_confirmation (deprecated)
+:resend_confirmation_with_token
+:confirm_registration_with_token
+:confirm_account (deprecated)
+:check_password_token (deprecated)
 ```
 
 ### Configuring Model
@@ -329,6 +335,9 @@ The install generator can do this for you if you specify the `user_class` option
 See [Installation](#installation) for details.
 
 ### Email Reconfirmation
+We want reconfirmable in this gem to work separately
+from DTA's or Devise (too much complexity in the model based on callbacks).
+
 Email reconfirmation is supported just like in Devise and DTA, but we want reconfirmable
 in this gem to work on model basis instead of having a global configuration like in Devise.
 **For this reason Devise's global `reconfirmable` setting is ignored.**
@@ -337,19 +346,39 @@ For a resource to be considered reconfirmable it has to meet 2 conditions:
 1. Include the `:confirmable` module.
 1. Has an `unconfirmed_email` column in the resource's table.
 
-In order to trigger the reconfirmation email in a reconfirmable resource, you simply needi
+In order to trigger the reconfirmation email in a reconfirmable resource, you simply need
 to call a different update method on your resource,`update_with_email`.
 When the resource is not reconfirmable or the email is not updated, this method behaves exactly
 the same as ActiveRecord's `update`.
+
+#### Current flow
+`update_with_email` requires one additional attribute when email will change or an error
+will be raised:
+
+- `confirmation_url`: The full url of your client application. The confirmation email will contain this url plus
+a confirmation token. You need to call `confirmRegistrationWithToken` with the given token on
+your client application.
+
+So, it's up to you where you require confirmation of changing emails.
+Here's a demonstration on the method usage:
+```ruby
+user.update_with_email(
+  name:             'New Name',
+  email:            'new@domain.com',
+  confirmation_url: 'https://google.com'
+)
+```
+
+#### Deprecated flow - Do Not Use
 `update_with_email` requires two additional attributes when email will change or an error
 will be raised:
 
-1. `schema_url`: The full url where your GQL schema is mounted. You can get this value from the
+- `schema_url`: The full url where your GQL schema is mounted. You can get this value from the
 controller available in the context of your mutations and queries like this:
 ```ruby
   context[:controller].full_url_without_params
 ```
-1. `confirmation_success_url`: This the full url where you want users to be redirected after
+- `confirmation_success_url`: This the full url where you want users to be redirected after
 the email has changed successfully (usually a front-end url). This value is mandatory
 unless you have set `default_confirm_success_url` in your devise_token_auth initializer.
 
@@ -365,9 +394,6 @@ user.update_with_email(
 )
 ```
 
- We want reconfirmable in this gem to work separately
- from DTA's or Devise (too much complexity in the model based on callbacks).
-
 ### Customizing Email Templates
 The approach of this gem is a bit different from DeviseTokenAuth. We have placed our templates in `app/views/graphql_devise/mailer`,
 so if you want to change them, place yours on the same dir structure on your Rails project. You can customize these two templates:
@@ -385,7 +411,75 @@ Keep in mind that if your app uses multiple locales, you should set the `I18n.lo
 ### Authenticating Controller Actions
 When mounting the operation is in you own schema instead of a dedicated one, you will need to authenticate users in your controllers, just like in DTA. There are 2 alternatives to accomplish this.
 
-#### Authenticate Before Reaching Your GQL Schema
+#### Authenticate Resource in the Controller (>= v0.15.0)
+This authentication mechanism sets the resource by token in the controller, or it doesn't if credentials are invalid.
+You simply need to pass the return value of our `gql_devise_context` method in the context of your
+GQL schema execution like this:
+
+```ruby
+# app/controllers/my_controller.rb
+
+class MyController < ApplicationController
+  include GraphqlDevise::Concerns::SetUserByToken
+
+  def my_action
+    result = DummySchema.execute(params[:query], context: gql_devise_context(User))
+    render json: result unless performed?
+  end
+end
+```
+`gql_devise_context` receives as many models as you need to authenticate in the request, like this:
+```ruby
+# app/controllers/my_controller.rb
+
+class MyController < ApplicationController
+  include GraphqlDevise::Concerns::SetUserByToken
+
+  def my_action
+    result = DummySchema.execute(params[:query], context: gql_devise_context(User, Admin))
+    render json: result unless performed?
+  end
+end
+```
+Internally in your own mutations and queries a key `current_resource` will be available in
+the context if a resource was successfully authenticated or `nil` otherwise.
+
+Keep in mind that sending multiple models to the `gql_devise_context` method means that depending
+on who makes the request, the context value `current_resource` might contain instances of the
+different models you provided.
+
+**Note:** If for any reason you need more control over how users are authenticated, you can use the `authenticate_model`
+method anywhere in your controller. The method will return the authenticated resource or nil if authentication fails.
+It will also set the instance variable `@resource` in the controller.
+
+Please note that by using this mechanism your GQL schema will be in control of what queries are
+restricted to authenticated users and you can only do this at the root level fields of your GQL
+schema. Configure the plugin as explained [here](#mounting-operations-into-your-own-schema)
+so this can work.
+
+##### Authentication Options
+Whether you setup authentications as a default in the plugin, or you do it at the field level,
+these are the options you can use:
+1. **Any truthy value:** If `current_resource` is not `.present?`, query will return an authentication error.
+1. **A callable object:** Provided object will be called with `current_resource` as the only argument if `current_resource` is `.present?`. If return value of the callable object is false, query will return an authentication error.
+
+In your main app's schema this is how you might specify if a field needs to be authenticated or not:
+```ruby
+module Types
+  class QueryType < Types::BaseObject
+    # user field used the default set in the Plugin's initializer
+    field :user, resolver: Resolvers::UserShow
+    # this field will never require authentication
+    field :public_field, String, null: false, authenticate: false
+    # this field requires authentication
+    field :private_field, String, null: false, authenticate: true
+    # this field requires authenticated users to also be admins
+    field :admin_field, String, null: false, authenticate: ->(user) { user.admin? }
+  end
+end
+```
+
+#### Authenticate Before Reaching Your GQL Schema (Deprecated)
 For this you will need to call `authenticate_<model>!` in a `before_action` controller hook.
 In our example our model is `User`, so it would look like this:
 ```ruby
@@ -397,7 +491,7 @@ class MyController < ApplicationController
   before_action :authenticate_user!
 
   def my_action
-    result = DummySchema.execute(params[:query], context: current_user: current_user)
+    result = DummySchema.execute(params[:query], context: { current_resource: current_user })
     render json: result unless performed?
   end
 end
@@ -406,7 +500,7 @@ end
 The install generator can include the concern in you application controller.
 If authentication fails for a request, execution will halt and a REST error will be returned since the request never reaches your GQL schema.
 
-#### Authenticate in Your GQL Schema
+#### Authenticate in an Existing Schema (Deprecated)
 For this you will need to add the `GraphqlDevise::SchemaPlugin` to your schema as described
 [here](#mounting-operations-into-your-own-schema).
 
@@ -423,7 +517,7 @@ class MyController < ApplicationController
 end
 ```
 The `graphql_context` method receives a symbol identifying the resource you are trying
-to authenticate. So if you mounted the `'User'` resource, the symbol is `:user`. You can use
+to authenticate. So if you mounted the `User` resource, the symbol is `:user`. You can use
 this snippet to find the symbol for more complex scenarios
 `resource_klass.to_s.underscore.tr('/', '_').to_sym`. `graphql_context` can also take an
 array of resources if you mounted more than one into your schema. The gem will try to
@@ -441,7 +535,13 @@ restricted to authenticated users and you can only do this at the root level fie
 schema. Configure the plugin as explained [here](#mounting-operations-into-your-own-schema)
 so this can work.
 
-In you main app's schema this is how you might specify if a field needs to be authenticated or not:
+##### Authentication Options
+Whether you setup authentications as a default in the plugin, or you do it at the field level,
+these are the options you can use:
+1. **Any truthy value:** If `current_resource` is not `.present?`, query will return an authentication error.
+1. **A callable object:** Provided object will be called with `current_resource` as the only argument if `current_resource` is `.present?`. If return value of the callable object is false, query will return an authentication error.
+
+In your main app's schema this is how you might specify if a field needs to be authenticated or not:
 ```ruby
 module Types
   class QueryType < Types::BaseObject
@@ -451,6 +551,8 @@ module Types
     field :public_field, String, null: false, authenticate: false
     # this field requires authentication
     field :private_field, String, null: false, authenticate: true
+    # this field requires authenticated users to also be admins
+    field :admin_field, String, null: false, authenticate: ->(user) { user.admin? }
   end
 end
 ```
@@ -468,20 +570,22 @@ If you are using the schema plugin, you can require authentication before doing
 
 Operation | Description | Example
 :--- | :--- | :------------------:
-login | This mutation has a second field by default. `credentials` can be fetched directly on the mutation return type.<br>Credentials are still returned in the headers of the response. | userLogin(email: String!, password: String!): UserLoginPayload
-logout | | userLogout: UserLogoutPayload
-signUp | The parameter `confirmSuccessUrl` is optional unless you are using the `confirmable` plugin from Devise in your `resource`'s model. If you have `confirmable` set up, you will have to provide it unless you have `config.default_confirm_success_url` set in `config/initializers/devise_token_auth.rb`. | userSignUp(email: String!, password: String!, passwordConfirmation: String!, confirmSuccessUrl: String): UserSignUpPayload
-sendPasswordResetWithToken | Sends an email to the provided address with a link to reset the password of the resource. First step of the most recently implemented password reset flow. | userSendPasswordResetWithToken(email: String!, redirectUrl: String!): UserSendPasswordResetWithTokenPayload
-updatePasswordWithToken | Uses a `resetPasswordToken` to update the password of a resource. Second and last step of the most recently implemented password reset flow. | userSendPasswordResetWithToken(resetPasswordToken: String!, password: String!, passwordConfirmation: String!): UserUpdatePasswordWithTokenPayload
-resendConfirmation | The `UserResendConfirmationPayload` will return the `authenticatable` resource that was sent the confirmation instructions but also has a `message: String!` that can be used to notify a user what to do after the instructions were sent to them | userResendConfirmation(email: String!, redirectUrl: String!): UserResendConfirmationPayload
-sendResetPassword | Sends an email to the provided address with a link to reset the password of the resource. **This mutation is part of the first and soon to be deprecated password reset flow.** | userSendResetPassword(email: String!, redirectUrl: String!): UserSendReserPasswordPayload
-updatePassword | The parameter `currentPassword` is optional if you have `config.check_current_password_before_update` set to false (disabled by default) on your generated `config/initializers/devise_token_aut.rb` or if the `resource` model supports the `recoverable` Devise plugin and the `resource`'s `allow_password_change` attribute is set to true (this is done in the `userCheckPasswordToken` query when you click on the sent email's link). **This mutation is part of the first and soon to be deprecated password reset flow.** | userUpdatePassword(password: String!, passwordConfirmation: String!, currentPassword: String): UserUpdatePasswordPayload
+login | This mutation has a second field by default. `credentials` can be fetched directly on the mutation return type.<br>Credentials are still returned in the headers of the response. | userLogin(email: String!, password: String!): UserLoginPayload |
+logout | requires authentication headers. Deletes current session if successful. | userLogout: UserLogoutPayload |
+signUp **(Deprecated)** | The parameter `confirmSuccessUrl` is optional unless you are using the `confirmable` plugin from Devise in your `resource`'s model. If you have `confirmable` set up, you will have to provide it unless you have `config.default_confirm_success_url` set in `config/initializers/devise_token_auth.rb`. | userSignUp(email: String!, password: String!, passwordConfirmation: String!, confirmSuccessUrl: String): UserSignUpPayload |
+register | The parameter `confirmUrl` is optional unless you are using the `confirmable` plugin from Devise in your `resource`'s model. If you have `confirmable` set up, you will have to provide it unless you have `config.default_confirm_success_url` set in `config/initializers/devise_token_auth.rb`. | userRegister(email: String!, password: String!, passwordConfirmation: String!, confirmUrl: String): UserRegisterPayload |
+sendPasswordResetWithToken | Sends an email to the provided address with a link to reset the password of the resource. First step of the most recently implemented password reset flow. | userSendPasswordResetWithToken(email: String!, redirectUrl: String!): UserSendPasswordResetWithTokenPayload |
+updatePasswordWithToken | Uses a `resetPasswordToken` to update the password of a resource. Second and last step of the most recently implemented password reset flow. | userSendPasswordResetWithToken(resetPasswordToken: String!, password: String!, passwordConfirmation: String!): UserUpdatePasswordWithTokenPayload |
+resendConfirmation **(Deprecated)** | The `UserResendConfirmationPayload` will return a `message: String!` that can be used to notify a user what to do after the instructions were sent to them | userResendConfirmation(email: String!, redirectUrl: String!): UserResendConfirmationPayload |
+resendConfirmationWithToken | The `UserResendConfirmationWithTokenPayload` will return a `message: String!` that can be used to notify a user what to do after the instructions were sent to them. Email will contain a link to the provided `confirmUrl` and a `confirmationToken` query param. | userResendConfirmationWithToken(email: String!, confirmUrl: String!): UserResendConfirmationWithTokenPayload |
+sendResetPassword **(Deprecated)** | Sends an email to the provided address with a link to reset the password of the resource. **This mutation is part of the first and soon to be deprecated password reset flow.** | userSendResetPassword(email: String!, redirectUrl: String!): UserSendResetPasswordPayload |
+updatePassword **(Deprecated)** | The parameter `currentPassword` is optional if you have `config.check_current_password_before_update` set to false (disabled by default) on your generated `config/initializers/devise_token_aut.rb` or if the `resource` model supports the `recoverable` Devise plugin and the `resource`'s `allow_password_change` attribute is set to true (this is done in the `userCheckPasswordToken` query when you click on the sent email's link). **This mutation is part of the first and soon to be deprecated password reset flow.** | userUpdatePassword(password: String!, passwordConfirmation: String!, currentPassword: String): UserUpdatePasswordPayload |
 
 #### Queries
 Operation | Description | Example
 :--- | :--- | :------------------:
-confirmAccount | Performs a redirect using the `redirectUrl` param | userConfirmAccount(confirmationToken: String!, redirectUrl: String!): User
-checkPasswordToken | Performs a redirect using the `redirectUrl` param | userCheckPasswordToken(resetPasswordToken: String!, redirectUrl: String): User
+confirmAccount **(Deprecated)** | Performs a redirect using the `redirectUrl` param | userConfirmAccount(confirmationToken: String!, redirectUrl: String!): User
+checkPasswordToken **(Deprecated)** | Performs a redirect using the `redirectUrl` param | userCheckPasswordToken(resetPasswordToken: String!, redirectUrl: String): User
 
 The reason for having 2 queries is that these 2 are going to be accessed when clicking on
 the confirmation and reset password email urls. There is no limitation for making mutation