Skip to content
This repository has been archived by the owner on May 31, 2024. It is now read-only.

Account/auth features available outside DDP using GraphQL #2530

Merged
merged 15 commits into from
Apr 16, 2020
Merged

Account/auth features available outside DDP using GraphQL #2530

merged 15 commits into from
Apr 16, 2020

Conversation

eric-burel
Copy link
Contributor

@eric-burel eric-burel commented Feb 24, 2020
edited
Loading

  • Login draft OK
  • Logout draft OK
  • Signup draft => createUser is meant for the admin to create the new user. We need a specific endpoint for signup. OK
  • verification and forgotten password draft => to be tested though
  • Enrollment => not yet coded
  • test verification and email workflow
  • Meteor attemptLogin validation (logic to avoid brute forcing passwords by limiting rate for example) => note that Meteor simple rest doesn't do that either so we may merge without this feature
  • CORS
  • Handle same origin in cors (needs to handle "origin === undefined")
  • Demo with an external app, eg with Next or Gatsby
  • Document GraphQL endpoints => see packages/vulcan-users/test/server/mutation.test.js for sample queries
  • Create a new account ui that uses only GraphQL (and keep the old one for Meteor apps!)
  • Correctly split between queries and mutations (most are mutations)
  • Create reusable hooks (will probably come from the NPM new version of Vulcan) => useSignOut already done by Apollinaire Add useSignout hook to the accounts package #2521
  • fix body parser with "application/graphql" => see relevant PR
  • Finish unit tests

Note: this authentication mode through graphql is NOT compatible with DDP. If you actually use Meteor methods and publication system, instead use the traditionnal auth workflow with Accounts. Vulcan's login form will probably keep using Meteor methods.
This features targets other types of non-meteor clients like React Native, Next and so on.

This is an experimental feature, not yet secured. Use at your own risk and take time to read the code. Inputs welcome :)

To test: test should be doable using directly GraphQL Playground. To pass a token: provide HTTP header

Relevant discussion:
#1896
See example usage (not yet done but still a good demo of how to consume this API):
https://github.com/VulcanJS/vulcan-next-starter
Reusing Meteor server methods:
meteor/meteor#10937

@eric-burel eric-burel mentioned this pull request Feb 26, 2020
Open
26 tasks
@eric-burel eric-burel mentioned this pull request Mar 18, 2020
Merged
@eric-burel
Copy link
Contributor Author

Almost done! I only need to test more advanced endpoints using GraphQL Playground.

@eric-burel eric-burel changed the title [WIP] account/auth features available outside DDP using GraphQL Account/auth features available outside DDP using GraphQL Apr 16, 2020
@eric-burel eric-burel merged commit b1917b4 into devel Apr 16, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@eric-burel