RubyGems - graphql_devise - Versions diffs - 0.18.2 → 1.0.0 - Mend

graphql_devise 0.18.2 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (91) hide show

data/README.md CHANGED Viewed

@@ -23,31 +23,30 @@ GraphQL interface on top of the [Devise Token Auth](https://github.com/lynndylan
       * [Configuring Model](#configuring-model)
       * [Email Reconfirmation](#email-reconfirmation)
          * [Current flow](#current-flow)
-         * [Deprecated flow - Do Not Use](#deprecated-flow---do-not-use)
       * [Customizing Email Templates](#customizing-email-templates)
       * [I18n](#i18n)
       * [Authenticating Controller Actions](#authenticating-controller-actions)
          * [Authenticate Resource in the Controller (&gt;= v0.15.0)](#authenticate-resource-in-the-controller--v0150)
             * [Authentication Options](#authentication-options)
-         * [Authenticate Before Reaching Your GQL Schema (Deprecated)](#authenticate-before-reaching-your-gql-schema-deprecated)
-         * [Authenticate in an Existing Schema (Deprecated)](#authenticate-in-an-existing-schema-deprecated)
-            * [Authentication Options](#authentication-options-1)
-         * [Important](#important)
       * [Making Requests](#making-requests)
          * [Introspection query](#introspection-query)
          * [Mutations](#mutations)
-         * [Queries](#queries)
       * [Reset Password Flow](#reset-password-flow)
       * [More Configuration Options](#more-configuration-options)
          * [Devise Token Auth Initializer](#devise-token-auth-initializer)
          * [Devise Initializer](#devise-initializer)
+      * [GraphQL 2.0 Support (&gt;= v1.0.0)](#graphql-20-support--v100)
       * [GraphQL Interpreter](#graphql-interpreter)
       * [Using Alongside Standard Devise](#using-alongside-standard-devise)
+   * [Changelog](#changelog)
    * [Future Work](#future-work)
+   * [Buy Us a Coffee](#buy-us-a-coffee)
+            * [BTC](#btc)
+            * [ADA](#ada)
    * [Contributing](#contributing)
    * [License](#license)
-<!-- Added by: david, at: jue jun 24 18:32:27 -05 2021 -->
+<!-- Added by: mcelicalderon, at: Wed Aug  3 22:04:10 -05 2022 -->
 <!--te-->
@@ -297,17 +296,11 @@ The following is a list of the symbols you can provide to the `operations`, `ski
 ```ruby
 :login
 :logout
-:sign_up (deprecated)
 :register
-:update_password (deprecated)
 :update_password_with_token
-:send_password_reset (deprecated)
 :send_password_reset_with_token
-:resend_confirmation (deprecated)
 :resend_confirmation_with_token
 :confirm_registration_with_token
-:confirm_account (deprecated)
-:check_password_token (deprecated)
 ```
 ### Configuring Model
@@ -327,7 +320,7 @@ class User < ApplicationRecord
          :confirmable
   # including after calling the `devise` method is important.
-  include GraphqlDevise::Concerns::Model
+  include GraphqlDevise::Authenticatable
 end
 ```
@@ -369,31 +362,6 @@ user.update_with_email(
 )
 ```
-#### Deprecated flow - Do Not Use
-`update_with_email` requires two additional attributes when email will change or an error
-will be raised:
-- `schema_url`: The full url where your GQL schema is mounted. You can get this value from the
-controller available in the context of your mutations and queries like this:
-```ruby
-  context[:controller].full_url_without_params
-```
-- `confirmation_success_url`: This the full url where you want users to be redirected after
-the email has changed successfully (usually a front-end url). This value is mandatory
-unless you have set `default_confirm_success_url` in your devise_token_auth initializer.
-So, it's up to you where you require confirmation of changing emails.
-[Here's an example](https://github.com/graphql-devise/graphql_devise/blob/c4dcb17e98f8d84cc5ac002c66ed98a797d3bc82/spec/dummy/app/graphql/mutations/update_user.rb#L13)
-on how you might do this. And also a demonstration on the method usage:
-```ruby
-user.update_with_email(
-  name:                     'New Name',
-  email:                    'new@domain.com',
-  schema_url:               'http://localhost:3000/graphql',
-  confirmation_success_url: 'https://google.com'
-)
-```
 ### Customizing Email Templates
 The approach of this gem is a bit different from DeviseTokenAuth. We have placed our templates in `app/views/graphql_devise/mailer`,
 so if you want to change them, place yours on the same dir structure on your Rails project. You can customize these two templates:
@@ -420,7 +388,7 @@ GQL schema execution like this:
 # app/controllers/my_controller.rb
 class MyController < ApplicationController
-  include GraphqlDevise::Concerns::SetUserByToken
+  include GraphqlDevise::SetUserByToken
   def my_action
     result = DummySchema.execute(params[:query], context: gql_devise_context(User))
@@ -433,7 +401,7 @@ end
 # app/controllers/my_controller.rb
 class MyController < ApplicationController
-  include GraphqlDevise::Concerns::SetUserByToken
+  include GraphqlDevise::SetUserByToken
   def my_action
     result = DummySchema.execute(params[:query], context: gql_devise_context(User, Admin))
@@ -479,87 +447,6 @@ module Types
 end
 ```
-#### Authenticate Before Reaching Your GQL Schema (Deprecated)
-For this you will need to call `authenticate_<model>!` in a `before_action` controller hook.
-In our example our model is `User`, so it would look like this:
-```ruby
-# app/controllers/my_controller.rb
-class MyController < ApplicationController
-  include GraphqlDevise::Concerns::SetUserByToken
-  before_action :authenticate_user!
-  def my_action
-    result = DummySchema.execute(params[:query], context: { current_resource: current_user })
-    render json: result unless performed?
-  end
-end
-```
-The install generator can include the concern in you application controller.
-If authentication fails for a request, execution will halt and a REST error will be returned since the request never reaches your GQL schema.
-#### Authenticate in an Existing Schema (Deprecated)
-For this you will need to add the `GraphqlDevise::SchemaPlugin` to your schema as described
-[here](#mounting-operations-into-your-own-schema).
-```ruby
-# app/controllers/my_controller.rb
-class MyController < ApplicationController
-  include GraphqlDevise::Concerns::SetUserByToken
-  def my_action
-    result = DummySchema.execute(params[:query], context: graphql_context(:user))
-    render json: result unless performed?
-  end
-end
-```
-The `graphql_context` method receives a symbol identifying the resource you are trying
-to authenticate. So if you mounted the `User` resource, the symbol is `:user`. You can use
-this snippet to find the symbol for more complex scenarios
-`resource_klass.to_s.underscore.tr('/', '_').to_sym`. `graphql_context` can also take an
-array of resources if you mounted more than one into your schema. The gem will try to
-authenticate a resource for each element on the array until it finds one.
-Internally in your own mutations and queries a key `current_resource` will be available in
-the context if a resource was successfully authenticated or `nil` otherwise.
-Keep in mind that sending multiple values to the `graphql_context` method means that depending
-on who makes the request, the context value `current_resource` might contain instances of the
-different models you might have mounted into the schema.
-Please note that by using this mechanism your GQL schema will be in control of what queries are
-restricted to authenticated users and you can only do this at the root level fields of your GQL
-schema. Configure the plugin as explained [here](#mounting-operations-into-your-own-schema)
-so this can work.
-##### Authentication Options
-Whether you setup authentications as a default in the plugin, or you do it at the field level,
-these are the options you can use:
-1. **Any truthy value:** If `current_resource` is not `.present?`, query will return an authentication error.
-1. **A callable object:** Provided object will be called with `current_resource` as the only argument if `current_resource` is `.present?`. If return value of the callable object is false, query will return an authentication error.
-In your main app's schema this is how you might specify if a field needs to be authenticated or not:
-```ruby
-module Types
-  class QueryType < Types::BaseObject
-    # user field used the default set in the Plugin's initializer
-    field :user, resolver: Resolvers::UserShow
-    # this field will never require authentication
-    field :public_field, String, null: false, authenticate: false
-    # this field requires authentication
-    field :private_field, String, null: false, authenticate: true
-    # this field requires authenticated users to also be admins
-    field :admin_field, String, null: false, authenticate: ->(user) { user.admin? }
-  end
-end
-```
-#### Important
-Remember to check `performed?` before rendering the result of the graphql operation. This is required because some operations perform a redirect and without this check you will get a `AbstractController::DoubleRenderError`.
 ### Making Requests
 Here is a list of the available mutations and queries assuming your mounted model is `User`.
@@ -572,30 +459,10 @@ Operation | Description | Example
 :--- | :--- | :------------------:
 login | This mutation has a second field by default. `credentials` can be fetched directly on the mutation return type.<br>Credentials are still returned in the headers of the response. | userLogin(email: String!, password: String!): UserLoginPayload |
 logout | requires authentication headers. Deletes current session if successful. | userLogout: UserLogoutPayload |
-signUp **(Deprecated)** | The parameter `confirmSuccessUrl` is optional unless you are using the `confirmable` plugin from Devise in your `resource`'s model. If you have `confirmable` set up, you will have to provide it unless you have `config.default_confirm_success_url` set in `config/initializers/devise_token_auth.rb`. | userSignUp(email: String!, password: String!, passwordConfirmation: String!, confirmSuccessUrl: String): UserSignUpPayload |
 register | The parameter `confirmUrl` is optional unless you are using the `confirmable` plugin from Devise in your `resource`'s model. If you have `confirmable` set up, you will have to provide it unless you have `config.default_confirm_success_url` set in `config/initializers/devise_token_auth.rb`. | userRegister(email: String!, password: String!, passwordConfirmation: String!, confirmUrl: String): UserRegisterPayload |
 sendPasswordResetWithToken | Sends an email to the provided address with a link to reset the password of the resource. First step of the most recently implemented password reset flow. | userSendPasswordResetWithToken(email: String!, redirectUrl: String!): UserSendPasswordResetWithTokenPayload |
 updatePasswordWithToken | Uses a `resetPasswordToken` to update the password of a resource. Second and last step of the most recently implemented password reset flow. | userSendPasswordResetWithToken(resetPasswordToken: String!, password: String!, passwordConfirmation: String!): UserUpdatePasswordWithTokenPayload |
-resendConfirmation **(Deprecated)** | The `UserResendConfirmationPayload` will return a `message: String!` that can be used to notify a user what to do after the instructions were sent to them | userResendConfirmation(email: String!, redirectUrl: String!): UserResendConfirmationPayload |
 resendConfirmationWithToken | The `UserResendConfirmationWithTokenPayload` will return a `message: String!` that can be used to notify a user what to do after the instructions were sent to them. Email will contain a link to the provided `confirmUrl` and a `confirmationToken` query param. | userResendConfirmationWithToken(email: String!, confirmUrl: String!): UserResendConfirmationWithTokenPayload |
-sendResetPassword **(Deprecated)** | Sends an email to the provided address with a link to reset the password of the resource. **This mutation is part of the first and soon to be deprecated password reset flow.** | userSendResetPassword(email: String!, redirectUrl: String!): UserSendResetPasswordPayload |
-updatePassword **(Deprecated)** | The parameter `currentPassword` is optional if you have `config.check_current_password_before_update` set to false (disabled by default) on your generated `config/initializers/devise_token_aut.rb` or if the `resource` model supports the `recoverable` Devise plugin and the `resource`'s `allow_password_change` attribute is set to true (this is done in the `userCheckPasswordToken` query when you click on the sent email's link). **This mutation is part of the first and soon to be deprecated password reset flow.** | userUpdatePassword(password: String!, passwordConfirmation: String!, currentPassword: String): UserUpdatePasswordPayload |
-#### Queries
-Operation | Description | Example
-:--- | :--- | :------------------:
-confirmAccount **(Deprecated)** | Performs a redirect using the `redirectUrl` param | userConfirmAccount(confirmationToken: String!, redirectUrl: String!): User
-checkPasswordToken **(Deprecated)** | Performs a redirect using the `redirectUrl` param | userCheckPasswordToken(resetPasswordToken: String!, redirectUrl: String): User
-The reason for having 2 queries is that these 2 are going to be accessed when clicking on
-the confirmation and reset password email urls. There is no limitation for making mutation
-requests using the `GET` method on the Rails side, but looks like there might be a limitation
-on the [Apollo Client](https://www.apollographql.com/docs/apollo-server/v1/requests/#get-requests).
-We will continue to build better docs for the gem after this first release, but in the mean time
-you can use [our specs](spec/requests) to better understand how to use the gem.
-Also, the [dummy app](spec/dummy) used in our specs will give you
-a clear idea on how to configure the gem on your Rails application.
 ### Reset Password Flow
 This gem supports two password recovery flows. The most recently implemented is preferred and
@@ -638,6 +505,48 @@ In this section the most important configurations will be highlighted.
 **Note:** Remember this gem adds a layer on top of Devise, so some configurations might not apply.
+### GraphQL 2.0 Support (>= v1.0.0)
+This gem now supports [GraphQL Ruby](https://github.com/rmosolgo/graphql-ruby) v2.
+There's one manual step you need to take in order for this to work.
+You need a custom `field_class` in your `MutationType` and `QueryType`. If you don't have one setup already, you can simply add the one
+this gem provides, like this:
+```ruby
+module Types
+  class MutationType < BaseObject
+    field_class GraphqlDevise::Types::BaseField
+  end
+end
+module Types
+  class QueryType < Types::BaseObject
+    field_class GraphqlDevise::Types::BaseField
+  end
+end
+```
+If you already have a `field_class` defined in any of your types, the only thing you need to do is add another `kwarg`
+to that class initializer (`authenticate`) and make that value available through an attribute reader.
+The next example is this gem's implementation of a custom class, but you can implement your own however you see fit
+as long as you expose an `authenticate` public method with the value that was passed to the initializer.
+```ruby
+module GraphqlDevise
+  module Types
+    class BaseField < GraphQL::Schema::Field
+      def initialize(*args, authenticate: nil, **kwargs, &block)
+        @authenticate = authenticate
+        super(*args, **kwargs, &block)
+      end
+      attr_reader :authenticate
+    end
+  end
+end
+```
 ### GraphQL Interpreter
 GraphQL-Ruby `>= 1.9.0` includes a new runtime module which you may use for your schema.
 Eventually, it will become the default. You can read more about it
@@ -653,6 +562,9 @@ information you can check [this answer here](https://github.com/lynndylanhurley/
 This gem supports the same and should be easier to handle email templates due to the fact we don't override
 standard Devise templates.
+## Changelog
+Full list of changes in [CHANGELOG.md](CHANGELOG.md)
 ## Future Work
 We will continue to improve the gem and add better docs.
@@ -661,6 +573,23 @@ We will continue to improve the gem and add better docs.
 1. Add support for unlockable and other Devise modules.
 1. Add feature specs for confirm account and reset password flows.
+We will continue to build better docs for the gem after this first release, but in the mean time
+you can use [our specs](spec/requests) to better understand how to use the gem.
+Also, the [dummy app](spec/dummy) used in our specs will give you
+a clear idea on how to configure the gem on your Rails application.
+## Buy Us a Coffee
+If you'd like to support our work, you are welcome to do so!
+##### BTC
+```
+bc1qntlmyl24wuf6y5jyn2vg8kduss57dwtyrcflyq
+```
+##### ADA
+```
+addr1q8e8cjzutzptcrfgjgsjl3k4t4xy5ucrmkf2dmq9qn966q8saucty53avujfc9yu9vfk7266auhdx9fz4fsryzeagqds893nfw
+```
 ## Contributing
 Bug reports and pull requests are welcome on GitHub at https://github.com/graphql-devise/graphql_devise.

data/app/controllers/graphql_devise/graphql_controller.rb CHANGED Viewed

@@ -4,17 +4,17 @@ require_dependency 'graphql_devise/application_controller'
 module GraphqlDevise
   class GraphqlController < ApplicationController
-    include GraphqlDevise::SetUserByToken
+    include SetUserByToken
     def auth
       result = if params[:_json]
-        GraphqlDevise::Schema.multiplex(
+        Schema.multiplex(
           params[:_json].map do |param|
             { query: param[:query] }.merge(execute_params(param))
           end
         )
       else
-        GraphqlDevise::Schema.execute(params[:query], **execute_params(params))
+        Schema.execute(params[:query], **execute_params(params))
       end
       render json: result unless performed?

data/app/views/graphql_devise/mailer/confirmation_instructions.html.erb CHANGED Viewed

@@ -3,9 +3,5 @@
 <p><%= t('.confirm_link_msg') %></p>
 <p>
-  <% if message['schema_url'].present? %>
-    <%= link_to t('.confirm_account_link'), "#{message['schema_url']}?#{confirmation_query(resource_name: @resource.class.to_s, redirect_url: message['redirect-url'], token: @token).to_query}" %>
-  <% else %>
-    <%= link_to t('.confirm_account_link'), "#{CGI.escape(message['redirect-url'].to_s)}?#{{ confirmationToken: @token }.to_query}" %>
-  <% end %>
+  <%= link_to t('.confirm_account_link'), "#{message['redirect-url'].to_s}?#{{ confirmationToken: @token }.to_query}" %>
 </p>

data/config/routes.rb CHANGED Viewed

@@ -14,7 +14,5 @@ GraphqlDevise::Engine.routes.draw do
     GraphqlDevise::Schema.query(GraphqlDevise::Types::QueryType)
     GraphqlDevise.load_schema
-    Devise.mailer.helper(GraphqlDevise::MailerHelper)
   end
 end

data/graphql_devise.gemspec CHANGED Viewed

@@ -25,11 +25,12 @@ Gem::Specification.new do |spec|
     `git ls-files -z`.split("\x0").select { |f| f.match(%r{^spec/}) }
   end
-  spec.required_ruby_version = '>= 2.2.0'
+  spec.required_ruby_version = '>= 2.4.4'
   spec.add_dependency 'devise_token_auth', '>= 0.1.43', '< 2.0'
-  spec.add_dependency 'graphql', '>= 1.8', '< 1.14.0'
+  spec.add_dependency 'graphql', '>= 1.8', '< 2.1'
   spec.add_dependency 'rails', '>= 4.2', '< 6.2'
+  spec.add_dependency 'zeitwerk'
   spec.add_development_dependency 'appraisal'
   spec.add_development_dependency 'coveralls-ruby', '~> 0.2'
@@ -41,8 +42,9 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'pry-byebug'
   spec.add_development_dependency 'rake', '>= 12.3.3'
   spec.add_development_dependency 'rspec-rails', '~> 4.0'
-  spec.add_development_dependency 'rubocop', '0.68.1'
-  spec.add_development_dependency 'rubocop-performance'
-  spec.add_development_dependency 'rubocop-rspec'
+  spec.add_development_dependency 'rubocop', '< 0.82.0'
+  spec.add_development_dependency 'rubocop-performance', '< 1.6.0'
+  spec.add_development_dependency 'rubocop-rails', '< 2.6.0'
+  spec.add_development_dependency 'rubocop-rspec', '< 1.39.0'
   spec.add_development_dependency 'sqlite3', '~> 1.3'
 end

data/lib/graphql_devise/concerns/additional_controller_methods.rb ADDED Viewed

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+module GraphqlDevise
+  module AdditionalControllerMethods
+    extend ActiveSupport::Concern
+    included do
+      attr_accessor :client_id, :token, :resource
+    end
+    def gql_devise_context(*models)
+      {
+        current_resource: authenticate_model(*models),
+        controller:       self
+      }
+    end
+    def authenticate_model(*models)
+      models.each do |model|
+        set_resource_by_token(model)
+        return @resource if @resource.present?
+      end
+      nil
+    end
+    def resource_class(resource = nil)
+      # Return the resource class instead of looking for a Devise mapping if resource is already a resource class
+      return resource if resource.respond_to?(:find_by)
+      super
+    end
+    def set_resource_by_token(resource)
+      set_user_by_token(resource)
+    end
+    def build_redirect_headers(access_token, client, redirect_header_options = {})
+      {
+        DeviseTokenAuth.headers_names[:"access-token"] => access_token,
+        DeviseTokenAuth.headers_names[:client] => client,
+        :config => params[:config],
+        :client_id => client,
+        :token => access_token
+      }.merge(redirect_header_options)
+    end
+  end
+end

data/lib/graphql_devise/concerns/additional_model_methods.rb ADDED Viewed

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+module GraphqlDevise
+  module AdditionalModelMethods
+    extend ActiveSupport::Concern
+    class_methods do
+      def reconfirmable
+        devise_modules.include?(:confirmable) && column_names.include?('unconfirmed_email')
+      end
+    end
+    def update_with_email(attributes = {})
+      GraphqlDevise::Model::WithEmailUpdater.new(self, attributes).call
+    end
+  end
+end

data/lib/graphql_devise/concerns/authenticatable.rb CHANGED Viewed

@@ -6,7 +6,7 @@ module GraphqlDevise
     included do
       include DeviseTokenAuth::Concerns::User
-      include GraphqlDevise::Concerns::AdditionalModelMethods
+      include AdditionalModelMethods
       ::GraphqlDevise.configure_warden_serializer_for_model(self)
     end

data/lib/graphql_devise/concerns/controller_methods.rb CHANGED Viewed

@@ -1,122 +1,99 @@
 # frozen_string_literal: true
 module GraphqlDevise
-  module Concerns
-    module ControllerMethods
-      extend ActiveSupport::Concern
+  module ControllerMethods
+    extend ActiveSupport::Concern
-      private
+    private
-      def check_redirect_url_whitelist!(redirect_url)
-        if blacklisted_redirect_url?(redirect_url)
-          raise_user_error(I18n.t('graphql_devise.redirect_url_not_allowed', redirect_url: redirect_url))
-        end
-      end
-      def raise_user_error(message)
-        raise GraphqlDevise::UserError, message
-      end
-      def raise_user_error_list(message, errors:)
-        raise GraphqlDevise::DetailedUserError.new(message, errors: errors)
-      end
-      def remove_resource
-        controller.resource = nil
-        controller.client_id = nil
-        controller.token = nil
+    def check_redirect_url_whitelist!(redirect_url)
+      if blacklisted_redirect_url?(redirect_url)
+        raise_user_error(I18n.t('graphql_devise.redirect_url_not_allowed', redirect_url: redirect_url))
       end
+    end
-      def request
-        controller.request
-      end
+    def raise_user_error(message)
+      raise UserError, message
+    end
-      def response
-        controller.response
-      end
+    def raise_user_error_list(message, errors:)
+      raise DetailedUserError.new(message, errors: errors)
+    end
-      def controller
-        context[:controller]
-      end
+    def remove_resource
+      controller.resource = nil
+      controller.client_id = nil
+      controller.token = nil
+    end
-      def resource_name
-        GraphqlDevise.to_mapping_name(resource_class)
-      end
+    def response
+      controller.response
+    end
-      def resource_class
-        self.class.instance_variable_get(:@resource_klass)
-      end
+    def controller
+      context[:controller]
+    end
-      def recoverable_enabled?
-        resource_class.devise_modules.include?(:recoverable)
-      end
+    def resource_name
+      ::GraphqlDevise.to_mapping_name(resource_class)
+    end
-      def confirmable_enabled?
-        resource_class.devise_modules.include?(:confirmable)
-      end
+    def resource_class
+      self.class.instance_variable_get(:@resource_klass)
+    end
-      def blacklisted_redirect_url?(redirect_url)
-        DeviseTokenAuth.redirect_whitelist && !DeviseTokenAuth::Url.whitelisted?(redirect_url)
-      end
+    def recoverable_enabled?
+      resource_class.devise_modules.include?(:recoverable)
+    end
-      def current_resource
-        @current_resource ||= controller.send(:set_resource_by_token, resource_class)
-      end
+    def confirmable_enabled?
+      resource_class.devise_modules.include?(:confirmable)
+    end
-      def client
-        if Gem::Version.new(DeviseTokenAuth::VERSION) <= Gem::Version.new('1.1.0')
-          controller.client_id
-        else
-          controller.token.client if controller.token.present?
-        end
-      end
+    def blacklisted_redirect_url?(redirect_url)
+      DeviseTokenAuth.redirect_whitelist && !DeviseTokenAuth::Url.whitelisted?(redirect_url)
+    end
-      def set_auth_headers(resource)
-        auth_headers = resource.create_new_auth_token
-        response.headers.merge!(auth_headers)
+    def current_resource
+      @current_resource ||= controller.send(:set_resource_by_token, resource_class)
+    end
-        auth_headers
+    def client
+      if Gem::Version.new(DeviseTokenAuth::VERSION) <= Gem::Version.new('1.1.0')
+        controller.client_id
+      else
+        controller.token.client if controller.token.present?
       end
+    end
-      def client_and_token(token)
-        if Gem::Version.new(DeviseTokenAuth::VERSION) <= Gem::Version.new('1.1.0')
-          { client_id: token.first, token: token.last }
-        else
-          { client_id: token.client, token: token.token }
-        end
-      end
+    def set_auth_headers(resource)
+      auth_headers = resource.create_new_auth_token
+      response.headers.merge!(auth_headers)
-      def redirect_headers(token_info, redirect_header_options)
-        controller.send(
-          :build_redirect_headers,
-          token_info.fetch(:token),
-          token_info.fetch(:client_id),
-          redirect_header_options
-        )
-      end
+      auth_headers
+    end
-      def find_resource(field, value)
-        if resource_class.connection.adapter_name.downcase.include?('mysql')
-          # fix for mysql default case insensitivity
-          resource_class.where("BINARY #{field} = ? AND provider= ?", value, provider).first
-        elsif Gem::Version.new(DeviseTokenAuth::VERSION) < Gem::Version.new('1.1.0')
-          resource_class.find_by(field => value, :provider => provider)
-        else
-          resource_class.dta_find_by(field => value, :provider => provider)
-        end
+    def find_resource(field, value)
+      if resource_class.connection.adapter_name.downcase.include?('mysql')
+        # fix for mysql default case insensitivity
+        resource_class.where("BINARY #{field} = ? AND provider= ?", value, provider).first
+      elsif Gem::Version.new(DeviseTokenAuth::VERSION) < Gem::Version.new('1.1.0')
+        resource_class.find_by(field => value, :provider => provider)
+      else
+        resource_class.dta_find_by(field => value, :provider => provider)
       end
+    end
-      def get_case_insensitive_field(field, value)
-        if resource_class.case_insensitive_keys.include?(field)
-          value.downcase
-        else
-          value
-        end
+    def get_case_insensitive_field(field, value)
+      if resource_class.case_insensitive_keys.include?(field)
+        value.downcase
+      else
+        value
       end
+    end
-      def provider
-        :email
-      end
+    def provider
+      :email
     end
   end
 end

data/lib/graphql_devise/concerns/field_authentication.rb ADDED Viewed

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+module GraphqlDevise
+  module FieldAuthentication
+    extend ActiveSupport::Concern
+    def initialize(*args, authenticate: nil, **kwargs, &block)
+      @authenticate = authenticate
+      super(*args, **kwargs, &block)
+    end
+    attr_reader :authenticate
+  end
+end