Add spec for cookie setting

app/controllers/graphql_devise/application_controller.rb

@@ -1,6 +1,9 @@
 # frozen_string_literal: true
 
 module GraphqlDevise
-  class ApplicationController < Devise.parent_controller.constantize
+  ApplicationController = if Rails::VERSION::MAJOR >= 5
+    Class.new(ActionController::API)
+  else
+    Class.new(ActionController::Base)
   end
 end

spec/dummy/app/controllers/api/v1/graphql_controller.rb

@@ -4,6 +4,7 @@ module Api
   module V1
     class GraphqlController < ApplicationController
       include GraphqlDevise::SetUserByToken
+      include ActionController::Cookies
 
       def graphql
         result = DummySchema.execute(params[:query], **execute_params(params))

spec/dummy/app/controllers/application_controller.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 class ApplicationController < ActionController::Base
-  protect_from_forgery with: :null_session
+  protect_from_forgery with: :exception
 end

spec/requests/mutations/login_spec.rb

@@ -184,4 +184,37 @@
       )
     end
   end
+
+
+  context 'when using cookies for auth' do
+    let!(:user) { create(:user, :confirmed, password: password, email: 'vvega@wallaceinc.com') }
+    let(:email) { user.email }
+    let(:query) do
+      <<-GRAPHQL
+        mutation {
+          userLogin(
+            email: "#{email}",
+            password: "#{password}"
+          ) {
+            authenticatable { email }
+            credentials { accessToken uid tokenType client expiry }
+          }
+        }
+      GRAPHQL
+    end
+
+    around do |example|
+      byebug
+      DeviseTokenAuth.cookie_enabled = true
+      example.run
+      DeviseTokenAuth.cookie_enabled = false
+    end
+
+    before { post_request('/api/v1/graphql') }
+
+    it 'honors DTA configuration of setting auth info in cookies' do
+      cookie = cookies.get_cookie('auth_cookie')
+      expect(JSON.parse(cookie.value).keys).to include(*%w[uid access-token client])
+    end
+  end
 end