-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feat/ Beta support for graphql #330
+395
−11
Merged
Changes from 1 commit
Commits
Show all changes
19 commits
Select commit
Hold shift + click to select a range
f0c627f
feat(gql): Add basic graphql installation with playground
ironcadiz df4e577
feat(gql): Add polling fix and renaming of base types
ironcadiz 17d2bd7
feat(gql): Add queries
ironcadiz 36fbfcb
feat(gql): Fix base mutation
ironcadiz 94dc120
feat(gql): Add authentication support with jwt
ironcadiz ba23747
chore(gql): update installed? on api recipe
ironcadiz c62a8ba
feat(gql): Add apollo installation to frontend
ironcadiz ab1a69c
fix(gql): gql server running
ironcadiz 1d13daa
fix(gql): Add skip CSRF token to controller
ironcadiz cb5a4f0
feat(gql): Remove hardcoded root path from frontend
ironcadiz 6edc88b
test(api): Fix pówer api tests
ironcadiz a240f50
test(gql): Add graphql specs
ironcadiz e009a76
test(gql): Add frontend spec
ironcadiz 1d19f49
chore(gql): monkey compliance
ironcadiz dcdfbec
chore(gql): Add readme
ironcadiz cc0efe1
refactor(gql): move apollo herdocs to methods
ironcadiz a9b44fb
chore(gql): remove extra comment
ironcadiz 36bfd87
chore(gql): Add jwt env variable
ironcadiz 31775e0
fix(gql): Fix production server not running due to config of dev gem
ironcadiz File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
feat(gql): Add authentication support with jwt
commit 94dc12040b9f3de9372898dbe8a4422228e8ff03
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
class GraphqlController < ApplicationController | ||
# If accessing from outside this domain, nullify the session | ||
# This allows for outside API access while preventing CSRF attacks, | ||
# but you'll have to authenticate your user separately | ||
# protect_from_forgery with: :null_session | ||
|
||
def execute | ||
variables = prepare_variables(params[:variables]) | ||
query = params[:query] | ||
operation_name = params[:operationName] | ||
context = { current_user: get_current_user } | ||
result = GqlTestSchema.execute(query, variables: variables, context: context, operation_name: operation_name) | ||
render json: result | ||
rescue => e | ||
raise e unless Rails.env.development? | ||
handle_error_in_development e | ||
end | ||
|
||
private | ||
|
||
# Handle variables in form data, JSON body, or a blank value | ||
def prepare_variables(variables_param) | ||
case variables_param | ||
when String | ||
if variables_param.present? | ||
JSON.parse(variables_param) || {} | ||
else | ||
{} | ||
end | ||
when Hash | ||
variables_param | ||
when ActionController::Parameters | ||
variables_param.to_unsafe_hash # GraphQL-Ruby will validate name and type of incoming variables. | ||
when nil | ||
{} | ||
else | ||
raise ArgumentError, "Unexpected parameter: #{variables_param}" | ||
end | ||
end | ||
|
||
def handle_error_in_development(e) | ||
logger.error e.message | ||
logger.error e.backtrace.join("\n") | ||
|
||
render json: { errors: [{ message: e.message, backtrace: e.backtrace }], data: {} }, status: 500 | ||
end | ||
|
||
def get_current_user | ||
if request.headers['Authorization'] | ||
_, token = request.headers['Authorization'].split | ||
decoded_token = JWT.decode token, ENV['HMAC_SECRET'], true, { algorithm: 'HS256' } | ||
User.find(decoded_token.first["id"]) | ||
end | ||
end | ||
end |
24 changes: 24 additions & 0 deletions
24
lib/potassium/assets/app/graphql/mutations/login_mutation.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
require 'jwt' | ||
|
||
class Mutations::LoginMutation < Mutations::BaseMutation | ||
null true | ||
|
||
# argument :user_id, ID, required: true, loads: Types::UserType | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. no caché esto There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. se me pasó jeje |
||
argument :email, String, required: true | ||
argument :password, String, required: true | ||
|
||
|
||
field :token, String, null: true | ||
|
||
def resolve(email:, password:) | ||
user = User.find_by(email: email) | ||
if user&.valid_password?(password) | ||
payload = { id: user.id, email: user.email, exp: (Time.zone.now + 24.hours).to_i } | ||
token = JWT.encode payload, ENV['HMAC_SECRET'], 'HS256' | ||
return { token: token } | ||
end | ||
GraphQL::ExecutionError.new("User or Password invalid") | ||
rescue ActiveRecord::RecordInvalid => e | ||
GraphQL::ExecutionError.new("Invalid input: #{e.record.errors.full_messages.join(', ')}") | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
creo que esto se parece a una de las cosas que teníamos en potassium antes y que terminamos sacando porque generaba problemas de replicabilidad development/prod y hacía el debugging más oscuro, no sé si es exacto el caso, pero en general tiendo a preferir que estas condiciones sean solo pa casos muy particulares. Porque si los errores pasan de forma distinta en prod que en dev, se vuelve cacho. Aquí está lo que decía.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Eso es parte del boiler plate de la gema.
Entiendo que es su forma de solucionar que solo cuando se caiga en development el endpoint de graphql te responda con el backtrace y el error.
Me hace sentido lo que dices de todas maneras, voy a revisar como se comporta sin eso