Add first POC login mutation

Author: mcelicalderon

app/controllers/graphql_devise/graphql_controller.rb

@@ -3,6 +3,49 @@
 module GraphqlDevise
   class GraphqlController < ApplicationController
     def auth
+      result = if params[:_json]
+        GraphqlDevise::Schema.multiplex(
+          params[:_json].map do |param|
+            { query: param[:query] }.merge(execute_params(param))
+          end
+        )
+      else
+        GraphqlDevise::Schema.execute(params[:query], execute_params(params))
+      end
+
+      render json: result
+    end
+
+    private
+
+    def execute_params(item, user = current_user)
+      {
+        operation_name: item[:operationName],
+        variables:      ensure_hash(item[:variables]),
+        context:        {
+          current_user: user,
+          request: request,
+          response: response,
+          resource_class: resource_class
+        }
+      }
+    end
+
+    def ensure_hash(ambiguous_param)
+      case ambiguous_param
+      when String
+        if ambiguous_param.present?
+          ensure_hash(JSON.parse(ambiguous_param))
+        else
+          {}
+        end
+      when Hash, ActionController::Parameters
+        ambiguous_param
+      when nil
+        {}
+      else
+        raise ArgumentError, "Unexpected parameter: #{ambiguous_param}"
+      end
     end
   end
 end

app/graphql/graphql_devise/mutations/login.rb

@@ -0,0 +1,34 @@
+module GraphqlDevise
+  module Mutations
+    class Login < GraphQL::Schema::Mutation
+      argument :email,    String, required: true
+      argument :password, String, required: true
+
+      field :authenticable, GraphqlDevise::Types::AuthenticableType, null: true
+
+      def resolve(email:, password:)
+        resource = context[:resource_class].find_by(email: email)
+
+        if resource && (!resource.respond_to?(:active_for_authentication?) || resource.active_for_authentication?)
+          valid_password = resource.valid_password?(password)
+          if (resource.respond_to?(:valid_for_authentication?) && !resource.valid_for_authentication? { valid_password }) || !valid_password
+            return {}
+          end
+
+          auth_headers = resource.create_new_auth_token
+          context[:response].headers.merge!(auth_headers)
+
+          { authenticable: resource }
+        elsif resource && !(!resource.respond_to?(:active_for_authentication?) || resource.active_for_authentication?)
+          if resource.respond_to?(:locked_at) && resource.locked_at
+            return {}
+          else
+            return {}
+          end
+        else
+          return {}
+        end
+      end
+    end
+  end
+end

app/graphql/graphql_devise/schema.rb

@@ -0,0 +1,6 @@
+module GraphqlDevise
+  class Schema < GraphQL::Schema
+    mutation(GraphqlDevise::Types::MutationType)
+    query(GraphqlDevise::Types::QueryType)
+  end
+end

app/graphql/graphql_devise/types/authenticable_type.rb

@@ -0,0 +1,7 @@
+module GraphqlDevise
+  module Types
+    class AuthenticableType < GraphQL::Schema::Object
+      field :email, String, null: false
+    end
+  end
+end

app/graphql/graphql_devise/types/mutation_type.rb

@@ -0,0 +1,7 @@
+module GraphqlDevise
+  module Types
+    class MutationType < GraphQL::Schema::Object
+      field :login, mutation: GraphqlDevise::Mutations::Login
+    end
+  end
+end

app/graphql/graphql_devise/types/query_type.rb

@@ -0,0 +1,6 @@
+module GraphqlDevise
+  module Types
+    class QueryType < GraphQL::Schema::Object
+    end
+  end
+end