send token and refreshToken on password change

PedroBern · Jan 27, 2020 · 72d3f15 · 72d3f15
1 parent cdba2db
commit 72d3f15
Show file tree

Hide file tree

Showing 6 changed files with 120 additions and 44 deletions.
diff --git a/CHANGES.md b/CHANGES.md
@@ -3,66 +3,69 @@
 
 ## v0.2
 
+### v0.2.7
+- return new token and refreshToken on password change.
+
 ### v0.2.7
 - allow login on register, returning token and refresh token.
 
 ### v0.2.6
-- review error fields in some mutations
+- review error fields in some mutations.
 
 ### v0.2.5
-- update apps config
-- nothing new
+- update apps config.
+- nothing new.
 
 
 ### v0.2.4
-- add mutation to remove secondary email
+- add mutation to remove secondary email.
 
 
 ### v0.2.3
-- user status is created on signal
+- user status is created on signal.
 
 
 ### v0.2.2
-- fix typo in setup
-- nothing new
+- fix typo in setup.
+- nothing new.
 
 
 
 ### v0.2.1
-- fix readme on pypi
-- nothing new
+- fix readme on pypi.
+- nothing new.
 
 
 ### v0.2.0
-- minor bug fixes
-- add user status model to track if user is archived, verified and secondary email
-- add new mutations to handle secondary email
-- allow login with secondary email
+- minor bug fixes.
+- add user status model to track if user is archived, verified and secondary email.
+- add new mutations to handle secondary email.
+- allow login with secondary email.
 
 
 ## v0.1
 
 
 ### 0.1.11
-- Fix minor bugs
+- Fix minor bugs.
 
 
 ### 0.1.10
-- Fix minor bugs
+- Fix minor bugs.
 
 
 ### 0.1.9
-- Rename settings params
+- Rename settings params.
 
 
 ### 0.1.8
 
-- Fix typo in settings
+- Fix typo in settings.
 
 
 ### 0.1.7
 
-- No changes (testing release on Travis)
+- No changes (testing release on Travis).
 
 
 ### 0.1.6
@@ -87,7 +90,7 @@
 
 ### 0.1.2
 
-- Update setup.py
+- Update setup.py.
 
 
 ### 0.1.1

diff --git a/docs/api.md b/docs/api.md
@@ -172,7 +172,9 @@ mutation {
     password2: "123456",
   ) {
     success,
-    errors
+    errors,
+    token,
+    refreshToken
   }
 }
 ```
@@ -197,7 +199,9 @@ mutation {
             "code": "password_entirely_numeric"
           }
         ]
-      }
+      },
+      "token": null
+      "refreshToken": null
     }
   }
 }
@@ -214,7 +218,9 @@ mutation {
     }
   ) {
     success,
-    errors
+    errors,
+    token,
+    refreshToken
   }
 }
 ```
@@ -333,7 +339,7 @@ mutation {
 ```bash tab="success"
 {
   "data": {
-    "register": {
+    "passwordReset": {
       "success": true,
       "errors": null
     }
@@ -500,7 +506,9 @@ mutation {
     password2:"qlr4nq3f3"
   ) {
     success,
-    errors
+    errors,
+    token,
+    refreshToken
   }
 }
 ```
@@ -510,7 +518,9 @@ mutation {
   "data": {
     "register": {
       "success": true,
-      "errors": null
+      "errors": null,
+      "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6ImpvZWpvZSIsImV4cCI6MTU4MDE0MjE0MCwib3JpZ0lhdCI6MTU4MDE0MTg0MH0.BGUSGKUUd7IuHnWKy8V6MU3slJ-DHsyAdAjGrGb_9fw",
+     "refreshToken":
     }
   }
 }
@@ -527,7 +537,9 @@ mutation {
     }
   ) {
     success,
-    errors
+    errors,
+    token,
+    refreshToken
   }
 }
 ```
@@ -545,7 +557,9 @@ mutation {
             "code": "unique"
           }
         ]
-      }
+      },
+      "token": null,
+      "refreshToken": null
     }
   }
 }
@@ -563,7 +577,9 @@ mutation {
             "code": "password_mismatch"
           }
         ]
-      }
+      },
+      "token": null,
+      "refreshToken": null
     }
   }
 }
@@ -589,7 +605,9 @@ mutation {
             "code": "password_entirely_numeric"
           }
         ]
-      }
+      },
+      "token": null,
+      "refreshToken": null
     }
   }
 }
@@ -607,7 +625,9 @@ mutation {
             "code": "invalid"
           }
         ]
-      }
+      },
+      "token": null,
+      "refreshToken": null
     }
   }
 }
@@ -1333,7 +1353,9 @@ mutation {
      newPassword2: "123456super"
   ) {
     success,
-    errors
+    errors,
+    token,
+    refreshToken
   }
 }
 ```
@@ -1343,7 +1365,9 @@ mutation {
   "data": {
     "passwordChange": {
       "success": true,
-      "errors": null
+      "errors": null,
+      "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6ImpvZWpvZSIsImV4cCI6MTU4MDE0MjE0MCwib3JpZ0lhdCI6MTU4MDE0MTg0MH0.BGUSGKUUd7IuHnWKy8V6MU3slJ-DHsyAdAjGrGb_9fw",
+      "refreshToken": "67eb63ba9d279876d3e9ae4d39c311e845e728fc"
     }
   }
 }
@@ -1359,7 +1383,9 @@ mutation {
     }
   ) {
     success,
-    errors
+    errors,
+    token,
+    refreshToken
   }
 }
 ```
@@ -1377,7 +1403,9 @@ mutation {
             "code": "unauthenticated"
           }
         ]
-      }
+      },
+      "token": null,
+      "refreshToken": null
     }
   }
 }
@@ -1395,7 +1423,9 @@ mutation {
             "code": "not_verified"
           }
         ]
-      }
+      },
+      "token": null,
+      "refreshToken": null
     }
   }
 }
@@ -1421,7 +1451,9 @@ mutation {
             "code": "password_entirely_numeric"
           }
         ]
-      }
+      },
+      "token": null,
+      "refreshToken": null
     }
   }
 }
@@ -1439,7 +1471,9 @@ mutation {
             "code": "password_mismatch"
           }
         ]
-      }
+      },
+      "token": null,
+      "refreshToken": null
     }
   }
 }
@@ -1457,7 +1491,9 @@ mutation {
             "code": "invalid_password"
           }
         ]
-      }
+      },
+      "token": null,
+      "refreshToken": null
     }
   }
 }

diff --git a/graphql_auth/__init__.py b/graphql_auth/__init__.py
@@ -1,3 +1,3 @@
-__version__ = "0.2.7"
+__version__ = "0.2.8"
 
 default_app_config = "graphql_auth.apps.GraphQLAuthConfig"
diff --git a/graphql_auth/mixins.py b/graphql_auth/mixins.py
@@ -395,11 +395,23 @@ class PasswordChangeMixin(Output):
     """
     Change account password when user knows the old password.
 
-    User must be verified.
+    A new token and refresh token are sent. User must be verified.
     """
 
     form = PasswordChangeForm
 
+    @classmethod
+    def Field(cls, *args, **kwargs):
+        if using_refresh_tokens():
+            cls._meta.fields["refresh_token"] = graphene.Field(graphene.String)
+        cls._meta.fields["token"] = graphene.Field(graphene.String)
+        return super().Field(*args, **kwargs)
+
+    @classmethod
+    @token_auth
+    def login_on_password_change(cls, root, info, **kwargs):
+        return cls()
+
     @classmethod
     @verification_required
     @password_confirmation_required
@@ -409,7 +421,16 @@ def resolve_mutation(cls, root, info, **kwargs):
         if f.is_valid():
             revoke_user_refresh_token(user)
             user = f.save()
-            return cls(success=True)
+            payload = cls.login_on_password_change(
+                root,
+                info,
+                password=kwargs.get("new_password1"),
+                username=getattr(user, user.USERNAME_FIELD),
+            )
+            return_value = {}
+            for field in cls._meta.fields:
+                return_value[field] = getattr(payload, field)
+            return cls(**return_value)
         else:
             return cls(success=False, errors=f.errors.get_json_data())
 

diff --git a/tests/testCases.py b/tests/testCases.py
@@ -1,4 +1,5 @@
 import re
+import pprint
 
 from graphene.test import Client
 from graphene.types.schema import Schema
@@ -73,7 +74,7 @@ def make_request(
             print("\nInvalid query!")
             raise Exception(executed["errors"])
         finally:
-            print(executed)
+            pprint.pprint(executed)
 
 
 class RelayTestCase(TestBase):