Merge pull request #55 from graphql-devise/add-credentials-field-logi…

…n-mutation

Return credentials field in login mutation

README.md

@@ -171,6 +171,10 @@ Here is a list of the available mutations and queries assuming your mounted mode
 
 #### Mutations
 1. `userLogin(email: String!, password: String!): UserLoginPayload`
+
+    This mutation has a second field by default. `credentials` can be fetched directly on the mutation return type.
+    Credentials are still returned in the headers of the response.
+
 1. `userLogout: UserLogoutPayload`
 1. `userSignUp(email: String!, password: String!, passwordConfirmation: String!, confirmSuccessUrl: String): UserSignUpPayload`
 

app/graphql/graphql_devise/mutations/login.rb

@@ -4,6 +4,8 @@ class Login < Base
       argument :email,    String, required: true
       argument :password, String, required: true
 
+      field :credentials, Types::CredentialType, null: false
+
       def resolve(email:, password:)
         resource = resource_class.find_by(email: email)
 
@@ -12,12 +14,12 @@ def resolve(email:, password:)
             raise_user_error(I18n.t('graphql_devise.sessions.bad_credentials'))
           end
 
-          set_auth_headers(resource)
+          new_headers = set_auth_headers(resource)
           controller.sign_in(:user, resource, store: false, bypass: false)
 
           yield resource if block_given?
 
-          { authenticatable: resource}
+          { authenticatable: resource, credentials: new_headers }
         elsif resource && !active_for_authentication?(resource)
           if locked?(resource)
             raise_user_error(I18n.t('graphql_devise.mailer.unlock_instructions.account_lock_msg'))

app/graphql/graphql_devise/types/credential_type.rb

@@ -0,0 +1,31 @@
+module GraphqlDevise
+  module Types
+    class CredentialType < GraphQL::Schema::Object
+      field :access_token, String, null: false
+      field :uid,          String, null: false
+      field :token_type,   String, null: false
+      field :client,       String, null: false
+      field :expiry,       Int,    null: false
+
+      def access_token
+        object[DeviseTokenAuth.headers_names[:"access-token"]]
+      end
+
+      def uid
+        object[DeviseTokenAuth.headers_names[:uid]]
+      end
+
+      def token_type
+        object[DeviseTokenAuth.headers_names[:"token-type"]]
+      end
+
+      def client
+        object[DeviseTokenAuth.headers_names[:client]]
+      end
+
+      def expiry
+        object[DeviseTokenAuth.headers_names[:expiry]]
+      end
+    end
+  end
+end

lib/graphql_devise/concerns/controller_methods.rb

@@ -66,6 +66,8 @@ def client
       def set_auth_headers(resource)
         auth_headers = resource.create_new_auth_token
         response.headers.merge!(auth_headers)
+
+        auth_headers
       end
 
       def client_and_token(token)

spec/requests/mutations/login_spec.rb

@@ -15,6 +15,7 @@
             password: "#{password}"
           ) {
             user { email name signInCount }
+            credentials { accessToken uid tokenType client expiry }
           }
         }
       GRAPHQL
@@ -24,11 +25,18 @@
 
     context 'when user is able to login' do
       context 'when credentials are valid' do
-        it 'return credentials in headers and user information' do
+        it 'return credentials in headers/field and user information' do
           expect(response).to include_auth_headers
           expect(user.reload.tokens.keys).to include(response.headers['client'])
           expect(json_response[:data][:userLogin]).to match(
-            user: { email: user.email, name: user.name, signInCount: 1 }
+            user:        { email: user.email, name: user.name, signInCount: 1 },
+            credentials: {
+              accessToken: response.headers['access-token'],
+              uid:         response.headers['uid'],
+              tokenType:   response.headers['token-type'],
+              client:      response.headers['client'],
+              expiry:      response.headers['expiry'].to_i
+            }
           )
           expect(json_response[:errors]).to be_nil
         end