Honor Devise's case insensitive fields

Author: mcelicalderon

lib/graphql_devise/concerns/controller_methods.rb

@@ -98,6 +98,14 @@ def find_resource(field, value)
         end
       end
 
+      def get_case_insensitive_field(field, value)
+        if resource_class.case_insensitive_keys.include?(field)
+          value.downcase
+        else
+          value
+        end
+      end
+
       def provider
         :email
       end

lib/graphql_devise/mutations/login.rb

@@ -9,7 +9,7 @@ class Login < Base
       def resolve(email:, password:)
         resource = find_resource(
           :email,
-          email
+          get_case_insensitive_field(:email, email)
         )
 
         if resource && active_for_authentication?(resource)

lib/graphql_devise/mutations/resend_confirmation.rb

@@ -7,7 +7,10 @@ class ResendConfirmation < Base
       field :message, String, null: false
 
       def resolve(email:, redirect_url:)
-        resource = find_resource(:uid, email)
+        resource = find_resource(
+          :email,
+          get_case_insensitive_field(:email, email)
+        )
 
         if resource
           yield resource if block_given?

lib/graphql_devise/mutations/send_password_reset.rb

@@ -1,14 +1,15 @@
 module GraphqlDevise
   module Mutations
     class SendPasswordReset < Base
-      argument :email,        String, required: true, prepare: ->(email, _) { email.downcase }
+      argument :email,        String, required: true
       argument :redirect_url, String, required: true
 
       def resolve(email:, redirect_url:)
-        resource = find_resource(:uid, email)
+        resource = find_resource(:email, get_case_insensitive_field(:email, email))
 
         if resource
           yield resource if block_given?
+
           resource.send_reset_password_instructions(
             email:         email,
             provider:      'email',

spec/requests/mutations/login_spec.rb

@@ -6,12 +6,13 @@
   let(:password) { '12345678' }
 
   context 'when using the user model' do
-    let(:user) { create(:user, :confirmed, password: password) }
+    let!(:user) { create(:user, :confirmed, password: password, email: 'vvega@wallaceinc.com') }
+    let(:email) { user.email }
     let(:query) do
       <<-GRAPHQL
         mutation {
           userLogin(
-            email: "#{user.email}",
+            email: "#{email}",
             password: "#{password}"
           ) {
             user { email name signInCount }
@@ -40,6 +41,17 @@
           )
           expect(json_response[:errors]).to be_nil
         end
+
+        context 'when email address uses different casing' do
+          let(:email) { 'vVeGa@wallaceinc.com' }
+
+          it 'honors devise configuration for case insensitive fields' do
+            expect(response).to include_auth_headers
+            expect(json_response[:data][:userLogin]).to include(
+              user: { email: user.email, name: user.name, signInCount: 1 }
+            )
+          end
+        end
       end
 
       context 'when credentials are invalid' do

spec/requests/mutations/resend_confirmation_spec.rb

@@ -3,7 +3,7 @@
 RSpec.describe 'Resend confirmation' do
   include_context 'with graphql query request'
 
-  let(:user)     { create(:user, confirmed_at: nil) }
+  let!(:user)    { create(:user, confirmed_at: nil, email: 'mwallace@wallaceinc.com') }
   let(:email)    { user.email }
   let(:id)       { user.id }
   let(:redirect) { Faker::Internet.url }
@@ -28,20 +28,20 @@
     it 'sends an email to the user with confirmation url and returns a success message' do
       expect { post_request }.to change(ActionMailer::Base.deliveries, :count).by(1)
       expect(json_response[:data][:userResendConfirmation]).to include(
+        message:         'You will receive an email with instructions for how to confirm your email address in a few minutes.',
         authenticatable: {
-          id: id,
+          id:    id,
           email: email
-        },
-        message: "You will receive an email with instructions for how to confirm your email address in a few minutes."
+        }
       )
-      
+
       email = Nokogiri::HTML(ActionMailer::Base.deliveries.last.body.encoded)
       link  = email.css('a').first
       confirm_link_msg_text = email.css('p')[1].inner_html
       confirm_account_link_text = link.inner_html
 
-      expect(confirm_link_msg_text).to eq("You can confirm your account email through the link below:")
-      expect(confirm_account_link_text).to eq("Confirm my account")
+      expect(confirm_link_msg_text).to eq('You can confirm your account email through the link below:')
+      expect(confirm_account_link_text).to eq('Confirm my account')
 
       # TODO: Move to feature spec
       expect do
@@ -50,6 +50,21 @@
       end.to change(user, :confirmed_at).from(NilClass).to(ActiveSupport::TimeWithZone)
     end
 
+    context 'when email address uses different casing' do
+      let(:email) { 'mWallace@wallaceinc.com' }
+
+      it 'honors devise configuration for case insensitive fields' do
+        expect { post_request }.to change(ActionMailer::Base.deliveries, :count).by(1)
+        expect(json_response[:data][:userResendConfirmation]).to include(
+          message:         'You will receive an email with instructions for how to confirm your email address in a few minutes.',
+          authenticatable: {
+            id:    id,
+            email: user.email
+          }
+        )
+      end
+    end
+
     context 'when the user has already been confirmed' do
       before { user.confirm }
 
@@ -58,7 +73,7 @@
         expect(json_response[:data][:userResendConfirmation]).to be_nil
         expect(json_response[:errors]).to contain_exactly(
           hash_including(
-            message: "Email was already confirmed, please try signing in",
+            message:    'Email was already confirmed, please try signing in',
             extensions: { code: 'USER_ERROR' }
           )
         )
@@ -74,7 +89,7 @@
       expect(json_response[:data][:userResendConfirmation]).to be_nil
       expect(json_response[:errors]).to contain_exactly(
         hash_including(
-          message: "Unable to find user with email '#{email}'.",
+          message:    "Unable to find user with email '#{email}'.",
           extensions: { code: 'USER_ERROR' }
         )
       )

spec/requests/mutations/send_password_reset_spec.rb

@@ -3,7 +3,7 @@
 RSpec.describe 'Send Password Reset Requests' do
   include_context 'with graphql query request'
 
-  let(:user)         { create(:user, :confirmed) }
+  let!(:user)        { create(:user, :confirmed, email: 'jwinnfield@wallaceinc.com') }
   let(:email)        { user.email }
   let(:redirect_url) { Faker::Internet.url }
   let(:query) do
@@ -36,6 +36,14 @@
     end
   end
 
+  context 'when email address uses different casing' do
+    let(:email) { 'jWinnfield@wallaceinc.com' }
+
+    it 'honors devise configuration for case insensitive fields' do
+      expect { post_request }.to change(ActionMailer::Base.deliveries, :count).by(1)
+    end
+  end
+
   context 'when user email is not found' do
     let(:email) { 'nothere@gmail.com' }
 

spec/requests/mutations/sign_up_spec.rb

@@ -55,6 +55,16 @@
           user.reload
         end.to change { user.active_for_authentication? }.to(true)
       end
+
+      context 'when email address uses different casing' do
+        let(:email) { 'miaWallace@wallaceinc.com' }
+
+        it 'honors devise configuration for case insensitive fields' do
+          expect { post_request }.to change(ActionMailer::Base.deliveries, :count).by(1)
+          expect(User.last.email).to eq('miawallace@wallaceinc.com')
+          expect(json_response[:data][:userSignUp]).to include(user: { email: 'miawallace@wallaceinc.com', name: name })
+        end
+      end
     end
 
     context 'when required params are missing' do