Add GraphQL mutations to get tokens from passport for https://lighthouse-php.com/
Branch: master
Clone or download
Latest commit a8bd92d Jan 28, 2019

readme.md

Lighthouse GraphQL Passport Auth (Laravel 5.7+)

Build Status Total Downloads License

GraphQL mutations for Laravel Passport using Lighthouse PHP

Installation

Make sure you have Laravel Passport installed.

To install run composer require joselfonseca/lighthouse-graphql-passport-auth.

ServiceProvider will be attached automatically

Add the following env vars to your .env

PASSPORT_CLIENT_ID=
PASSPORT_CLIENT_SECRET=

You are done with the installation!

Default Schema

By default the schema is defined internally in the package, if you want to override the schema or resolvers, you can publish the package configuration and default schema by running:

php artisan vendor:publish --provider="Joselfonseca\LighthouseGraphQLPassport\Providers\LighthouseGraphQLPassportServiceProvider"

This command will publish a configuration file lighthouse-graphql-passport.php and a schema file in /graphql/auth.graphgl that looks like this:

input LoginInput {
    username: String!
    password: String!
}

input RefreshTokenInput {
    refresh_token: String
}

type AuthPayload {
    access_token: String!
    refresh_token: String!
    expires_in: Int!
    token_type: String!
}

type LogoutResponse {
    status: String!
    message: String
}

type ForgotPasswordResponse {
    status: String!
    message: String
}

input ForgotPasswordInput {
    email: String!
}

input NewPasswordWithCodeInput {
    email: String!
    token: String!
    password: String!
    password_confirmation: String!
}

extend type Mutation {
    login(data: LoginInput): AuthPayload! @field(resolver: "Joselfonseca\\LighthouseGraphQLPassport\\GraphQL\\Mutations\\Login@resolve")
    refreshToken(data: RefreshTokenInput): AuthPayload! @field(resolver: "Joselfonseca\\LighthouseGraphQLPassport\\GraphQL\\Mutations\\RefreshToken@resolve")
    logout: LogoutResponse! @field(resolver: "Joselfonseca\\LighthouseGraphQLPassport\\GraphQL\\Mutations\\Logout@resolve")
    forgotPassword(data: ForgotPasswordInput!): ForgotPasswordResponse! @field(resolver: "Joselfonseca\\LighthouseGraphQLPassport\\GraphQL\\Mutations\\ForgotPassword@resolve")
    updateForgottenPassword(data: NewPasswordWithCodeInput): ForgotPasswordResponse! @field(resolver: "Joselfonseca\\LighthouseGraphQLPassport\\GraphQL\\Mutations\\ResetPassword@resolve")
}

In the configuration file you can now set the schema file to be used for the exported one like this:

    /*
    |--------------------------------------------------------------------------
    | GraphQL schema
    |--------------------------------------------------------------------------
    |
    | File path of the GraphQL schema to be used, defaults to null so it uses
    | the default location
    |
    */
    'schema' => base_path('graphql/auth.graphql')

This will allow you to change the schema and resolvers if needed.

Usage

This will add 5 mutations to your GraphQL API

extend type Mutation {
    login(data: LoginInput): AuthPayload!
    refreshToken(data: RefreshTokenInput): AuthPayload!
    logout: LogoutResponse!
    forgotPassword(data: ForgotPasswordInput!): ForgotPasswordResponse!
    updateForgottenPassword(data: NewPasswordWithCodeInput): ForgotPasswordResponse!
}
  • login: Will allow your clients to log in by using the password grant client.
  • refreshToken: Will allow your clients to refresh a passport token by using the password grant client.
  • logout: Will allow your clients to invalidate a passport token.
  • forgotPassword: Will allow your clients to request the forgot password email.
  • updateForgottenPassword: Will allow your clients to update the forgotten password from the email received.

Why the OAuth client is used in the backend and not from the client application?

When an application that needs to be re compiled and re deploy to stores like an iOS app needs to change the client for whatever reason, it becomes a blocker for QA or even brakes the production app if the client is removed. The app will not work until the new version with the updated keys is deployed. There are alternatives to store this configuration in the client but for this use case we are relying on the backend to be the OAuth client

Change log

Please see the releases page https://github.com/joselfonseca/lighthouse-graphql-passport-auth/releases

Tests

To run the test in this package, navigate to the root folder of the project and run

    composer install

Then

    vendor/bin/phpunit

Contributing

Please see CONTRIBUTING for details.

Security

If you discover any security related issues, please email jose at ditecnologia dot com instead of using the issue tracker.

Credits

License

The MIT License (MIT). Please see License File for more information.