graphql_devise 0.14.3 → 0.17.1

data/app/controllers/graphql_devise/concerns/additional_controller_methods.rb

@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+module GraphqlDevise
+  module Concerns
+    module AdditionalControllerMethods
+      extend ActiveSupport::Concern
+
+      included do
+        attr_accessor :client_id, :token, :resource
+      end
+
+      def gql_devise_context(*models)
+        {
+          current_resource: authenticate_model(*models),
+          controller:       self
+        }
+      end
+
+      def authenticate_model(*models)
+        models.each do |model|
+          set_resource_by_token(model)
+          return @resource if @resource.present?
+        end
+
+        nil
+      end
+
+      def resource_class(resource = nil)
+        # Return the resource class instead of looking for a Devise mapping if resource is already a resource class
+        return resource if resource.respond_to?(:find_by)
+
+        super
+      end
+
+      def full_url_without_params
+        request.base_url + request.path
+      end
+
+      def set_resource_by_token(resource)
+        set_user_by_token(resource)
+      end
+
+      def graphql_context(resource_name)
+        ActiveSupport::Deprecation.warn(<<-DEPRECATION.strip_heredoc, caller)
+          `graphql_context` is deprecated and will be removed in a future version of this gem.
+           Use `gql_devise_context(model)` instead.
+
+           EXAMPLE
+           include GraphqlDevise::Concerns::SetUserByToken
+
+           DummySchema.execute(params[:query], context: gql_devise_context(User))
+           DummySchema.execute(params[:query], context: gql_devise_context(User, Admin))
+        DEPRECATION
+
+        {
+          resource_name: resource_name,
+          controller:    self
+        }
+      end
+
+      def build_redirect_headers(access_token, client, redirect_header_options = {})
+        {
+          DeviseTokenAuth.headers_names[:"access-token"] => access_token,
+          DeviseTokenAuth.headers_names[:client] => client,
+          :config => params[:config],
+          :client_id => client,
+          :token => access_token
+        }.merge(redirect_header_options)
+      end
+    end
+  end
+end

data/app/controllers/graphql_devise/concerns/set_user_by_token.rb

@@ -2,34 +2,12 @@
 
 module GraphqlDevise
   module Concerns
-    SetUserByToken = DeviseTokenAuth::Concerns::SetUserByToken
+    module SetUserByToken
+      extend ActiveSupport::Concern
 
-    SetUserByToken.module_eval do
-      attr_accessor :client_id, :token, :resource
-
-      def full_url_without_params
-        request.base_url + request.path
-      end
-
-      def set_resource_by_token(resource)
-        set_user_by_token(resource)
-      end
-
-      def graphql_context(resource_name)
-        {
-          resource_name: resource_name,
-          controller:    self
-        }
-      end
-
-      def build_redirect_headers(access_token, client, redirect_header_options = {})
-        {
-          DeviseTokenAuth.headers_names[:"access-token"] => access_token,
-          DeviseTokenAuth.headers_names[:client] => client,
-          :config => params[:config],
-          :client_id => client,
-          :token => access_token
-        }.merge(redirect_header_options)
+      included do
+        include DeviseTokenAuth::Concerns::SetUserByToken
+        include GraphqlDevise::Concerns::AdditionalControllerMethods
       end
     end
   end

data/app/helpers/graphql_devise/mailer_helper.rb

@@ -3,7 +3,7 @@
 module GraphqlDevise
   module MailerHelper
     def confirmation_query(resource_name:, token:, redirect_url:)
-      name = "#{resource_name.underscore.tr('/', '_').camelize(:lower)}ConfirmAccount"
+      name = "#{GraphqlDevise.to_mapping_name(resource_name).camelize(:lower)}ConfirmAccount"
       raw = <<-GRAPHQL
         query($token:String!,$redirectUrl:String!){
           #{name}(confirmationToken:$token,redirectUrl:$redirectUrl){
@@ -19,7 +19,7 @@ module GraphqlDevise
     end
 
     def password_reset_query(token:, redirect_url:, resource_name:)
-      name = "#{resource_name.underscore.tr('/', '_').camelize(:lower)}CheckPasswordToken"
+      name = "#{GraphqlDevise.to_mapping_name(resource_name).camelize(:lower)}CheckPasswordToken"
       raw = <<-GRAPHQL
         query($token:String!,$redirectUrl:String!){
           #{name}(resetPasswordToken:$token,redirectUrl:$redirectUrl){

data/app/models/graphql_devise/concerns/additional_model_methods.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+require 'graphql_devise/model/with_email_updater'
+
+module GraphqlDevise
+  module Concerns
+    module AdditionalModelMethods
+      extend ActiveSupport::Concern
+
+      class_methods do
+        def reconfirmable
+          devise_modules.include?(:confirmable) && column_names.include?('unconfirmed_email')
+        end
+      end
+
+      def update_with_email(attributes = {})
+        GraphqlDevise::Model::WithEmailUpdater.new(self, attributes).call
+      end
+    end
+  end
+end

data/app/models/graphql_devise/concerns/model.rb

@@ -4,17 +4,14 @@ require 'graphql_devise/model/with_email_updater'
 
 module GraphqlDevise
   module Concerns
-    Model = DeviseTokenAuth::Concerns::User
+    module Model
+      extend ActiveSupport::Concern
 
-    Model.module_eval do
-      class_methods do
-        def reconfirmable
-          devise_modules.include?(:confirmable) && column_names.include?('unconfirmed_email')
-        end
-      end
+      included do
+        include DeviseTokenAuth::Concerns::User
+        include GraphqlDevise::Concerns::AdditionalModelMethods
 
-      def update_with_email(attributes = {})
-        GraphqlDevise::Model::WithEmailUpdater.new(self, attributes).call
+        GraphqlDevise.configure_warden_serializer_for_model(self)
       end
     end
   end

data/app/views/graphql_devise/mailer/confirmation_instructions.html.erb

@@ -2,4 +2,10 @@
 
 <p><%= t('.confirm_link_msg') %></p>
 
-<p><%= link_to t('.confirm_account_link'), "#{message['schema_url']}?#{confirmation_query(resource_name: @resource.class.to_s, redirect_url: message['redirect-url'], token: @token).to_query}" %></p>
+<p>
+  <% if message['schema_url'].present? %>
+    <%= link_to t('.confirm_account_link'), "#{message['schema_url']}?#{confirmation_query(resource_name: @resource.class.to_s, redirect_url: message['redirect-url'], token: @token).to_query}" %>
+  <% else %>
+    <%= link_to t('.confirm_account_link'), "#{CGI.escape(message['redirect-url'].to_s)}?#{{ confirmationToken: @token }.to_query}" %>
+  <% end %>
+</p>

data/lib/generators/graphql_devise/install_generator.rb

@@ -83,7 +83,7 @@ module GraphqlDevise
     query:            Types::QueryType,
     mutation:         Types::MutationType,
     resource_loaders: [
-      GraphqlDevise::ResourceLoader.new('#{user_class}'),
+      GraphqlDevise::ResourceLoader.new(#{user_class})
     ]
   )
 RUBY

data/lib/graphql_devise.rb

@@ -20,22 +20,36 @@ module GraphqlDevise
     @schema_loaded = true
   end
 
-  def self.resource_mounted?(mapping_name)
-    @mounted_resources.include?(mapping_name)
+  def self.resource_mounted?(model)
+    @mounted_resources.include?(model)
   end
 
-  def self.mount_resource(mapping_name)
-    @mounted_resources << mapping_name
+  def self.mount_resource(model)
+    @mounted_resources << model
   end
 
   def self.add_mapping(mapping_name, resource)
-    return if Devise.mappings.key?(mapping_name)
+    return if Devise.mappings.key?(mapping_name.to_sym)
 
     Devise.add_mapping(
       mapping_name.to_s.pluralize.to_sym,
-      module: :devise, class_name: resource
+      module: :devise, class_name: resource.to_s
     )
   end
+
+  def self.to_mapping_name(resource)
+    resource.to_s.underscore.tr('/', '_')
+  end
+
+  def self.configure_warden_serializer_for_model(model)
+    Devise.warden_config.serialize_into_session(to_mapping_name(model)) do |record|
+      model.serialize_into_session(record)
+    end
+
+    Devise.warden_config.serialize_from_session(to_mapping_name(model)) do |args|
+      model.serialize_from_session(*args)
+    end
+  end
 end
 
 require 'graphql_devise/engine'

data/lib/graphql_devise/concerns/controller_methods.rb

@@ -40,11 +40,11 @@ module GraphqlDevise
       end
 
       def resource_name
-        self.class.instance_variable_get(:@resource_name)
+        GraphqlDevise.to_mapping_name(resource_class)
       end
 
       def resource_class
-        controller.send(:resource_class, resource_name)
+        self.class.instance_variable_get(:@resource_klass)
       end
 
       def recoverable_enabled?
@@ -60,7 +60,7 @@ module GraphqlDevise
       end
 
       def current_resource
-        @current_resource ||= controller.send(:set_user_by_token, resource_name)
+        @current_resource ||= controller.send(:set_resource_by_token, resource_class)
       end
 
       def client

data/lib/graphql_devise/default_operations/mutations.rb

@@ -4,23 +4,29 @@ require 'graphql_devise/mutations/base'
 require 'graphql_devise/mutations/login'
 require 'graphql_devise/mutations/logout'
 require 'graphql_devise/mutations/resend_confirmation'
+require 'graphql_devise/mutations/resend_confirmation_with_token'
 require 'graphql_devise/mutations/send_password_reset'
 require 'graphql_devise/mutations/send_password_reset_with_token'
 require 'graphql_devise/mutations/sign_up'
+require 'graphql_devise/mutations/register'
 require 'graphql_devise/mutations/update_password'
 require 'graphql_devise/mutations/update_password_with_token'
+require 'graphql_devise/mutations/confirm_registration_with_token'
 
 module GraphqlDevise
   module DefaultOperations
     MUTATIONS = {
-      login:                          { klass: GraphqlDevise::Mutations::Login, authenticatable: true },
-      logout:                         { klass: GraphqlDevise::Mutations::Logout, authenticatable: true },
-      sign_up:                        { klass: GraphqlDevise::Mutations::SignUp, authenticatable: true },
-      update_password:                { klass: GraphqlDevise::Mutations::UpdatePassword, authenticatable: true },
-      update_password_with_token:     { klass: GraphqlDevise::Mutations::UpdatePasswordWithToken, authenticatable: true },
-      send_password_reset:            { klass: GraphqlDevise::Mutations::SendPasswordReset, authenticatable: false },
-      send_password_reset_with_token: { klass: GraphqlDevise::Mutations::SendPasswordResetWithToken, authenticatable: false },
-      resend_confirmation:            { klass: GraphqlDevise::Mutations::ResendConfirmation, authenticatable: false }
+      login:                           { klass: GraphqlDevise::Mutations::Login, authenticatable: true },
+      logout:                          { klass: GraphqlDevise::Mutations::Logout, authenticatable: true },
+      sign_up:                         { klass: GraphqlDevise::Mutations::SignUp, authenticatable: true, deprecation_reason: 'use register instead' },
+      register:                        { klass: GraphqlDevise::Mutations::Register, authenticatable: true },
+      update_password:                 { klass: GraphqlDevise::Mutations::UpdatePassword, authenticatable: true, deprecation_reason: 'use update_password_with_token instead' },
+      update_password_with_token:      { klass: GraphqlDevise::Mutations::UpdatePasswordWithToken, authenticatable: true },
+      send_password_reset:             { klass: GraphqlDevise::Mutations::SendPasswordReset, authenticatable: false, deprecation_reason: 'use send_password_reset_with_token instead' },
+      send_password_reset_with_token:  { klass: GraphqlDevise::Mutations::SendPasswordResetWithToken, authenticatable: false },
+      resend_confirmation:             { klass: GraphqlDevise::Mutations::ResendConfirmation, authenticatable: false, deprecation_reason: 'use resend_confirmation_with_token instead' },
+      resend_confirmation_with_token:  { klass: GraphqlDevise::Mutations::ResendConfirmationWithToken, authenticatable: false },
+      confirm_registration_with_token: { klass: GraphqlDevise::Mutations::ConfirmRegistrationWithToken, authenticatable: true }
     }.freeze
   end
 end

data/lib/graphql_devise/default_operations/resolvers.rb

@@ -7,8 +7,8 @@ require 'graphql_devise/resolvers/confirm_account'
 module GraphqlDevise
   module DefaultOperations
     QUERIES = {
-      confirm_account:      { klass: GraphqlDevise::Resolvers::ConfirmAccount },
-      check_password_token: { klass: GraphqlDevise::Resolvers::CheckPasswordToken }
+      confirm_account:      { klass: GraphqlDevise::Resolvers::ConfirmAccount, deprecation_reason: 'use the new confirmation flow as it does not require this query anymore' },
+      check_password_token: { klass: GraphqlDevise::Resolvers::CheckPasswordToken, deprecation_reason: 'use the new password reset flow as it does not require this query anymore' }
     }.freeze
   end
 end

data/lib/graphql_devise/model/with_email_updater.rb

@@ -4,12 +4,14 @@ module GraphqlDevise
   module Model
     class WithEmailUpdater
       def initialize(resource, attributes)
-        @attributes = attributes
+        @attributes = attributes.with_indifferent_access
         @resource   = resource
       end
 
       def call
-        resource_attributes = @attributes.except(:schema_url, :confirmation_success_url)
+        check_deprecated_attributes
+
+        resource_attributes = @attributes.except(:schema_url, :confirmation_success_url, :confirmation_url)
         return @resource.update(resource_attributes) unless requires_reconfirmation?(resource_attributes)
 
         @resource.assign_attributes(resource_attributes)
@@ -27,16 +29,31 @@ module GraphqlDevise
         else
           raise(
             GraphqlDevise::Error,
-            'Method `update_with_email` requires attributes `confirmation_success_url` and `schema_url` for email reconfirmation to work'
+            'Method `update_with_email` requires attribute `confirmation_url` for email reconfirmation to work'
           )
         end
       end
 
       private
 
+      def check_deprecated_attributes
+        if [@attributes[:schema_url], @attributes[:confirmation_success_url]].any?(&:present?)
+          ActiveSupport::Deprecation.warn(<<-DEPRECATION.strip_heredoc, caller)
+            Providing `schema_url` and `confirmation_success_url` to `update_with_email` is deprecated and will be
+            removed in a future version of this gem.
+
+            Now you must only provide `confirmation_url` and the email will contain the new format of the confirmation
+            url that needs to be used with the new `confirmRegistrationWithToken` on the client application.
+          DEPRECATION
+        end
+      end
+
       def required_reconfirm_attributes?
-        @attributes[:schema_url].present? &&
-          (@attributes[:confirmation_success_url].present? || DeviseTokenAuth.default_confirm_success_url.present?)
+        if @attributes[:schema_url].present?
+          [@attributes[:confirmation_success_url], DeviseTokenAuth.default_confirm_success_url].any?(&:present?)
+        else
+          [@attributes[:confirmation_url], DeviseTokenAuth.default_confirm_success_url].any?(&:present?)
+        end
       end
 
       def requires_reconfirmation?(resource_attributes)
@@ -60,13 +77,22 @@ module GraphqlDevise
         end
       end
 
+      def confirmation_method_params
+        if @attributes[:schema_url].present?
+          {
+            redirect_url: @attributes[:confirmation_success_url] || DeviseTokenAuth.default_confirm_success_url,
+            schema_url:   @attributes[:schema_url]
+          }
+        else
+          { redirect_url: @attributes[:confirmation_url] || DeviseTokenAuth.default_confirm_success_url }
+        end
+      end
+
       def send_confirmation_instructions(saved)
         return unless saved
 
         @resource.send_confirmation_instructions(
-          redirect_url:  @attributes[:confirmation_success_url] || DeviseTokenAuth.default_confirm_success_url,
-          template_path: ['graphql_devise/mailer'],
-          schema_url:    @attributes[:schema_url]
+          confirmation_method_params.merge(template_path: ['graphql_devise/mailer'])
         )
       end
     end

data/lib/graphql_devise/mount_method/operation_preparer.rb

@@ -3,17 +3,17 @@
 require_relative 'operation_preparers/gql_name_setter'
 require_relative 'operation_preparers/mutation_field_setter'
 require_relative 'operation_preparers/resolver_type_setter'
-require_relative 'operation_preparers/resource_name_setter'
+require_relative 'operation_preparers/resource_klass_setter'
 require_relative 'operation_preparers/default_operation_preparer'
 require_relative 'operation_preparers/custom_operation_preparer'
 
 module GraphqlDevise
   module MountMethod
     class OperationPreparer
-      def initialize(mapping_name:, selected_operations:, preparer:, custom:, additional_operations:)
+      def initialize(model:, selected_operations:, preparer:, custom:, additional_operations:)
         @selected_operations   = selected_operations
         @preparer              = preparer
-        @mapping_name          = mapping_name
+        @model                 = model
         @custom                = custom
         @additional_operations = additional_operations
       end
@@ -22,18 +22,18 @@ module GraphqlDevise
         default_operations = OperationPreparers::DefaultOperationPreparer.new(
           selected_operations: @selected_operations,
           custom_keys:         @custom.keys,
-          mapping_name:        @mapping_name,
+          model:               @model,
           preparer:            @preparer
         ).call
 
         custom_operations = OperationPreparers::CustomOperationPreparer.new(
           selected_keys:     @selected_operations.keys,
           custom_operations: @custom,
-          mapping_name:      @mapping_name
+          model:             @model
         ).call
 
         additional_operations = @additional_operations.each_with_object({}) do |(action, operation), result|
-          result[action] = OperationPreparers::ResourceNameSetter.new(@mapping_name).call(operation)
+          result[action] = OperationPreparers::ResourceKlassSetter.new(@model).call(operation)
         end
 
         default_operations.merge(custom_operations).merge(additional_operations)

data/lib/graphql_devise/mount_method/operation_preparers/custom_operation_preparer.rb

@@ -4,19 +4,21 @@ module GraphqlDevise
   module MountMethod
     module OperationPreparers
       class CustomOperationPreparer
-        def initialize(selected_keys:, custom_operations:, mapping_name:)
+        def initialize(selected_keys:, custom_operations:, model:)
           @selected_keys     = selected_keys
           @custom_operations = custom_operations
-          @mapping_name      = mapping_name
+          @model             = model
         end
 
         def call
+          mapping_name = GraphqlDevise.to_mapping_name(@model)
+
           @custom_operations.slice(*@selected_keys).each_with_object({}) do |(action, operation), result|
-            mapped_action = "#{@mapping_name}_#{action}"
+            mapped_action = "#{mapping_name}_#{action}"
 
             result[mapped_action.to_sym] = [
               OperationPreparers::GqlNameSetter.new(mapped_action),
-              OperationPreparers::ResourceNameSetter.new(@mapping_name)
+              OperationPreparers::ResourceKlassSetter.new(@model)
             ].reduce(operation) { |prepared_operation, preparer| preparer.call(prepared_operation) }
           end
         end