Merge pull request #3 from graphql-device/cleanup-sign-in

Cleanup login mutation

Author: mcelicalderon

.rubocop.yml

@@ -0,0 +1,117 @@
+require: rubocop-rspec
+require: rubocop-performance
+
+Rails:
+  Enabled: true
+
+AllCops:
+  TargetRubyVersion: 2.5
+  DisplayCopNames: true
+  Exclude:
+    - bin/**/*
+    - db/**/*
+    - vendor/**/*
+    - tmp/**/*
+
+Rails/HasAndBelongsToMany:
+  Enabled: false
+
+Rails/HasManyOrHasOneDependent:
+  Enabled: false
+
+Rails/OutputSafety:
+  Enabled: false
+
+RSpec/MultipleExpectations:
+  Enabled: false
+
+RSpec/ExampleLength:
+  Enabled: false
+
+RSpec/RepeatedDescription:
+  Enabled: false
+
+RSpec/MessageSpies:
+  EnforcedStyle: receive
+
+Style/AndOr:
+  Enabled: false
+
+Style/Documentation:
+  Enabled: false
+
+Style/MethodCalledOnDoEndBlock:
+  Enabled: true
+
+Style/CollectionMethods:
+  Enabled: true
+
+Style/SymbolArray:
+  Enabled: false
+
+Naming/AccessorMethodName:
+  Enabled: false
+
+Style/MethodCalledOnDoEndBlock:
+  Enabled: false
+
+Naming/VariableNumber:
+  Enabled: false
+
+Style/StringLiterals:
+  ConsistentQuotesInMultiline: true
+
+Style/ClassAndModuleChildren:
+  Enabled: false
+
+Style/GuardClause:
+  Enabled: false
+
+Style/EmptyMethod:
+  EnforcedStyle: expanded
+  SupportedStyles:
+    - compact
+    - expanded
+
+Style/FrozenStringLiteralComment:
+  Enabled: false
+
+Style/StringMethods:
+  Enabled: true
+
+Metrics/LineLength:
+  Max: 120
+
+Metrics/MethodLength:
+  Max: 15
+
+Metrics/BlockLength:
+  Enabled: false
+
+Layout/AlignHash:
+  EnforcedColonStyle: table
+
+Layout/AlignParameters:
+  EnforcedStyle: with_fixed_indentation
+  SupportedStyles:
+    - with_first_parameter
+    - with_fixed_indentation
+
+Lint/EndAlignment:
+  EnforcedStyleAlignWith: variable
+  SupportedStylesAlignWith:
+    - keyword
+    - variable
+
+Lint/MissingCopEnableDirective:
+  Enabled: false
+
+RSpec/NestedGroups:
+  Max: 7
+
+RSpec/ContextWording:
+  Prefixes:
+    - when
+    - with
+    - without
+    - and

Gemfile

@@ -2,5 +2,4 @@ source 'https://rubygems.org'
 
 gemspec
 
-gem 'bootsnap', require: false
 gem 'listen'

README.md

@@ -1,4 +1,5 @@
 # GraphqlDevise
+[![Build Status](https://travis-ci.org/graphql-device/graphql_devise.svg?branch=master)](https://travis-ci.org/graphql-device/graphql_devise)
 
 ## Installation
 

Rakefile

@@ -1,6 +1,28 @@
-require "bundler/gem_tasks"
-require "rspec/core/rake_task"
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'GraphqlDevise'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.md')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+APP_RAKEFILE = File.expand_path('spec/dummy/Rakefile', __dir__)
+load 'rails/tasks/engine.rake'
+
+load 'rails/tasks/statistics.rake'
+
+require 'bundler/gem_tasks'
+
+require 'rspec/core/rake_task'
 
 RSpec::Core::RakeTask.new(:spec)
 
-task :default => :spec
+task default: :spec

app/controllers/graphql_devise/graphql_controller.rb

@@ -2,6 +2,8 @@
 
 module GraphqlDevise
   class GraphqlController < ApplicationController
+    before_action :set_user_by_token
+
     def auth
       result = if params[:_json]
         GraphqlDevise::Schema.multiplex(
@@ -18,15 +20,14 @@ def auth
 
     private
 
-    def execute_params(item, user = current_user)
+    def execute_params(item)
       {
         operation_name: item[:operationName],
         variables:      ensure_hash(item[:variables]),
         context:        {
-          current_user: user,
-          request: request,
-          response: response,
-          resource_class: resource_class
+          current_resource: @resource,
+          controller:       self,
+          resource_class:   resource_class
         }
       }
     end

app/graphql/graphql_devise/mutations/base.rb

@@ -0,0 +1,31 @@
+module GraphqlDevise
+  module Mutations
+    class Base < GraphQL::Schema::Mutation
+      private
+
+      def single_error_object(error)
+        { success: false, errors: [error] }
+      end
+
+      def request
+        context[:controller].request
+      end
+
+      def response
+        context[:controller].response
+      end
+
+      def controller
+        context[:controller]
+      end
+
+      def resource_class
+        context[:resource_class]
+      end
+
+      def current_resource
+        context[:current_resource]
+      end
+    end
+  end
+end

app/graphql/graphql_devise/mutations/login.rb

@@ -1,34 +1,59 @@
 module GraphqlDevise
   module Mutations
-    class Login < GraphQL::Schema::Mutation
+    class Login < Base
       argument :email,    String, required: true
       argument :password, String, required: true
 
       field :authenticable, GraphqlDevise::Types::AuthenticableType, null: true
+      field :success,       Boolean,                                 null: false
+      field :errors,        [String],                                null: false
 
       def resolve(email:, password:)
-        resource = context[:resource_class].find_by(email: email)
+        resource = resource_class.find_by(email: email)
 
-        if resource && (!resource.respond_to?(:active_for_authentication?) || resource.active_for_authentication?)
-          valid_password = resource.valid_password?(password)
-          if (resource.respond_to?(:valid_for_authentication?) && !resource.valid_for_authentication? { valid_password }) || !valid_password
-            return {}
+        if resource && active_for_authentication?(resource)
+          if invalid_for_authentication?(resource, password)
+            return single_error_object(I18n.t('graphql_devise.sessions.bad_credentials'))
           end
 
-          auth_headers = resource.create_new_auth_token
-          context[:response].headers.merge!(auth_headers)
+          set_auth_headers(resource)
+          controller.sign_in(:user, resource, store: false, bypass: false)
 
-          { authenticable: resource }
-        elsif resource && !(!resource.respond_to?(:active_for_authentication?) || resource.active_for_authentication?)
-          if resource.respond_to?(:locked_at) && resource.locked_at
-            return {}
+          yield resource if block_given?
+
+          { success: true, authenticable: resource, errors: [] }
+        elsif resource && !active_for_authentication?(resource)
+          if locked?(resource)
+            single_error_object(I18n.t('graphql_devise.mailer.unlock_instructions.account_lock_msg'))
           else
-            return {}
+            single_error_object(I18n.t('devise_token_auth.sessions.not_confirmed', email: resource.email))
           end
         else
-          return {}
+          single_error_object(I18n.t('graphql_devise.sessions.bad_credentials'))
         end
       end
+
+      private
+
+      def set_auth_headers(resource)
+        auth_headers = resource.create_new_auth_token
+        response.headers.merge!(auth_headers)
+      end
+
+      def invalid_for_authentication?(resource, password)
+        valid_password = resource.valid_password?(password)
+
+        (resource.respond_to?(:valid_for_authentication?) && !resource.valid_for_authentication? { valid_password }) ||
+          !valid_password
+      end
+
+      def active_for_authentication?(resource)
+        !resource.respond_to?(:active_for_authentication?) || resource.active_for_authentication?
+      end
+
+      def locked?(resource)
+        resource.respond_to?(:locked_at) && resource.locked_at
+      end
     end
   end
 end

bin/rails

@@ -4,7 +4,7 @@
 
 ENGINE_ROOT = File.expand_path('..', __dir__)
 ENGINE_PATH = File.expand_path('../lib/graphql_devise/engine', __dir__)
-APP_PATH = File.expand_path('../test/dummy/config/application', __dir__)
+APP_PATH = File.expand_path('../spec/dummy/config/application', __dir__)
 
 # Set up gems listed in the Gemfile.
 ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)

config/locales/en.yml

@@ -0,0 +1,8 @@
+en:
+  graphql_devise:
+    sessions:
+      bad_credentials: "Invalid login credentials. Please try again."
+      not_confirmed: "A confirmation email was sent to your account at '%{email}'. You must follow the instructions in the email before your account can be activated"
+    mailer:
+      unlock_instructions:
+        account_lock_msg: "Your account has been locked due to an excessive number of unsuccessful sign in attempts."

graphql_devise.gemspec

@@ -28,7 +28,13 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'rails', '~> 5.0'
 
   spec.add_development_dependency 'bundler', '~> 2.0'
+  spec.add_development_dependency 'factory_bot'
+  spec.add_development_dependency 'faker'
+  spec.add_development_dependency 'pry'
   spec.add_development_dependency 'rake', '~> 10.0'
   spec.add_development_dependency 'rspec-rails'
+  spec.add_development_dependency 'rubocop'
+  spec.add_development_dependency 'rubocop-performance'
+  spec.add_development_dependency 'rubocop-rspec'
   spec.add_development_dependency 'sqlite3'
 end