From cbc37ae28c7f84e861e8046a73037668307ede92 Mon Sep 17 00:00:00 2001
From: Simon Franzen <simon@zauberware.com>
Date: Sun, 20 Sep 2020 12:16:29 +0200
Subject: [PATCH] * update gems * add email confirmable to graphqlauth

---
 Gemfile.lock                                  | 144 ++++++++----------
 .../auth/confirmations_controller.rb          |  25 +++
 app/controllers/auth/passwords_controller.rb  |  12 ++
 app/controllers/confirmations_controller.rb   |  23 ---
 config/initializers/graphql_auth.rb           |   1 +
 config/routes.rb                              |   7 +-
 6 files changed, 104 insertions(+), 108 deletions(-)
 create mode 100644 app/controllers/auth/confirmations_controller.rb
 create mode 100644 app/controllers/auth/passwords_controller.rb
 delete mode 100644 app/controllers/confirmations_controller.rb

diff --git a/Gemfile.lock b/Gemfile.lock
index d8c1dfc..3ecfed9 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,9 +1,9 @@
 GIT
   remote: https://github.com/simonfranzen/graphql-auth.git
-  revision: 087b1d8f30052a0b62654e6975e9f8e2b8d8cee7
+  revision: 0986bf43f16f024f464c173db670ad0accda51ed
   branch: rails6
   specs:
-    graphql-auth (0.7.1)
+    graphql-auth (0.7.3)
       devise (~> 4.6, >= 4.6.2)
       graphql (~> 1.9, >= 1.9.6)
       jwt (~> 2.1)
@@ -76,16 +76,16 @@ GEM
       rake (>= 10.4, < 14.0)
     ast (2.4.1)
     awesome_print (1.8.0)
-    bcrypt (3.1.13)
-    bootsnap (1.4.4)
+    bcrypt (3.1.16)
+    bootsnap (1.4.8)
       msgpack (~> 1.0)
     builder (3.2.4)
-    byebug (11.0.1)
+    byebug (11.1.3)
     cancancan (3.1.0)
     concurrent-ruby (1.1.7)
     crass (1.0.6)
-    database_cleaner (1.7.0)
-    devise (4.7.1)
+    database_cleaner (1.8.5)
+    devise (4.7.2)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)
@@ -93,34 +93,28 @@ GEM
       warden (~> 1.2.3)
     devise-i18n (1.9.2)
       devise (>= 4.7.1)
-    diff-lcs (1.3)
+    diff-lcs (1.4.4)
     docile (1.3.2)
-    dotenv (2.7.2)
-    dotenv-rails (2.7.2)
-      dotenv (= 2.7.2)
-      railties (>= 3.2, < 6.1)
-    equatable (0.6.0)
+    dotenv (2.7.6)
+    dotenv-rails (2.7.6)
+      dotenv (= 2.7.6)
+      railties (>= 3.2)
     erubi (1.9.0)
-    factory_bot (5.0.2)
-      activesupport (>= 4.2.0)
-    factory_bot_rails (5.0.2)
-      factory_bot (~> 5.0.2)
-      railties (>= 4.2.0)
-    faker (1.9.4)
+    factory_bot (6.1.0)
+      activesupport (>= 5.0.0)
+    factory_bot_rails (6.1.0)
+      factory_bot (~> 6.1.0)
+      railties (>= 5.0.0)
+    faker (1.9.6)
       i18n (>= 0.7)
-      pastel (~> 0.7.2)
-      thor (~> 0.20.0)
-      tty-pager (~> 0.12.0)
-      tty-screen (~> 0.6.5)
-      tty-tree (~> 0.3.0)
-    ffi (1.11.1)
+    ffi (1.13.1)
     foreman (0.87.2)
     friendly_id (5.3.0)
       activerecord (>= 4.0.0)
     globalid (0.4.2)
       activesupport (>= 4.2.0)
     graphql (1.11.4)
-    graphql-errors (0.3.0)
+    graphql-errors (0.4.0)
       graphql (>= 1.6.0, < 2)
     haml (5.1.2)
       temple (>= 0.8.0)
@@ -140,7 +134,6 @@ GEM
       thor (>= 0.14, < 2.0)
     jquery-ui-rails (6.0.1)
       railties (>= 3.2.16)
-    json (2.3.1)
     jwt (2.2.2)
     kaminari (1.2.1)
       activesupport (>= 4.1.0)
@@ -171,25 +164,22 @@ GEM
     mini_mime (1.0.2)
     mini_portile2 (2.4.0)
     minitest (5.14.2)
-    msgpack (1.3.0)
+    msgpack (1.3.3)
     nested_form (0.3.2)
-    nio4r (2.5.3)
+    nio4r (2.5.4)
     nokogiri (1.10.10)
       mini_portile2 (~> 2.4.0)
     orm_adapter (0.5.0)
     parallel (1.19.2)
     parser (2.7.1.4)
       ast (~> 2.4.1)
-    pastel (0.7.3)
-      equatable (~> 0.6)
-      tty-color (~> 0.5)
-    pg (1.1.4)
+    pg (1.2.3)
     puma (3.12.6)
     rack (2.2.3)
     rack-attack (6.3.1)
       rack (>= 1.0, < 3)
-    rack-cors (1.0.5)
-      rack (>= 1.6.0)
+    rack-cors (1.1.1)
+      rack (>= 2.0.0)
     rack-pjax (1.1.0)
       nokogiri (~> 1.5)
       rack (>= 1.1)
@@ -210,10 +200,10 @@ GEM
       bundler (>= 1.3.0)
       railties (= 6.0.3.3)
       sprockets-rails (>= 2.0.0)
-    rails-controller-testing (1.0.4)
-      actionpack (>= 5.0.1.x)
-      actionview (>= 5.0.1.x)
-      activesupport (>= 5.0.1.x)
+    rails-controller-testing (1.0.5)
+      actionpack (>= 5.0.1.rc1)
+      actionview (>= 5.0.1.rc1)
+      activesupport (>= 5.0.1.rc1)
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
@@ -234,7 +224,7 @@ GEM
       rails (>= 5.0, < 7)
       remotipart (~> 1.3)
       sassc-rails (>= 1.3, < 3)
-    rails_admin-i18n (1.12.0)
+    rails_admin-i18n (1.13.0)
     railties (6.0.3.3)
       actionpack (= 6.0.3.3)
       activesupport (= 6.0.3.3)
@@ -243,46 +233,47 @@ GEM
       thor (>= 0.20.3, < 2.0)
     rainbow (3.0.0)
     rake (13.0.1)
-    rb-fsevent (0.10.3)
-    rb-inotify (0.10.0)
+    rb-fsevent (0.10.4)
+    rb-inotify (0.10.1)
       ffi (~> 1.0)
     regexp_parser (1.7.1)
     remotipart (1.4.4)
-    responders (3.0.0)
+    responders (3.0.1)
       actionpack (>= 5.0)
       railties (>= 5.0)
     rexml (3.2.4)
-    rspec-core (3.8.1)
-      rspec-support (~> 3.8.0)
-    rspec-expectations (3.8.4)
+    rspec-core (3.9.2)
+      rspec-support (~> 3.9.3)
+    rspec-expectations (3.9.2)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-mocks (3.8.1)
+      rspec-support (~> 3.9.0)
+    rspec-mocks (3.9.1)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-rails (3.8.2)
+      rspec-support (~> 3.9.0)
+    rspec-rails (3.9.1)
       actionpack (>= 3.0)
       activesupport (>= 3.0)
       railties (>= 3.0)
-      rspec-core (~> 3.8.0)
-      rspec-expectations (~> 3.8.0)
-      rspec-mocks (~> 3.8.0)
-      rspec-support (~> 3.8.0)
-    rspec-support (3.8.2)
-    rubocop (0.90.0)
+      rspec-core (~> 3.9.0)
+      rspec-expectations (~> 3.9.0)
+      rspec-mocks (~> 3.9.0)
+      rspec-support (~> 3.9.0)
+    rspec-support (3.9.3)
+    rubocop (0.91.0)
       parallel (~> 1.10)
       parser (>= 2.7.1.1)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.7)
       rexml
-      rubocop-ast (>= 0.3.0, < 1.0)
+      rubocop-ast (>= 0.4.0, < 1.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 2.0)
-    rubocop-ast (0.3.0)
+    rubocop-ast (0.4.2)
       parser (>= 2.7.1.4)
-    rubocop-performance (1.8.0)
+    rubocop-performance (1.8.1)
       rubocop (>= 0.87.0)
-    rubocop-rails (2.8.0)
+      rubocop-ast (>= 0.4.0)
+    rubocop-rails (2.8.1)
       activesupport (>= 4.2.0)
       rack (>= 1.1)
       rubocop (>= 0.87.0)
@@ -306,46 +297,31 @@ GEM
       search_object (~> 1.2.2)
     shoulda-matchers (4.0.0.rc1)
       activesupport (>= 4.2.0)
-    simplecov (0.16.1)
+    simplecov (0.19.0)
       docile (~> 1.1)
-      json (>= 1.8, < 3)
-      simplecov-html (~> 0.10.0)
-    simplecov-html (0.10.2)
-    spring (2.1.0)
+      simplecov-html (~> 0.11)
+    simplecov-html (0.12.2)
+    spring (2.1.1)
     spring-watcher-listen (2.0.1)
       listen (>= 2.7, < 4.0)
       spring (>= 1.2, < 3.0)
     sprockets (4.0.2)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
-    sprockets-rails (3.2.1)
+    sprockets-rails (3.2.2)
       actionpack (>= 4.0)
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
-    strings (0.1.5)
-      strings-ansi (~> 0.1)
-      unicode-display_width (~> 1.5)
-      unicode_utils (~> 1.4)
-    strings-ansi (0.1.0)
     temple (0.8.2)
-    thor (0.20.3)
+    thor (1.0.1)
     thread_safe (0.3.6)
     tilt (2.0.10)
     timecop (0.9.1)
-    tty-color (0.5.0)
-    tty-pager (0.12.1)
-      strings (~> 0.1.4)
-      tty-screen (~> 0.6)
-      tty-which (~> 0.4)
-    tty-screen (0.6.5)
-    tty-tree (0.3.0)
-    tty-which (0.4.1)
     tzinfo (1.2.7)
       thread_safe (~> 0.1)
-    unicode-display_width (1.6.0)
-    unicode_utils (1.4.0)
-    warden (1.2.8)
-      rack (>= 2.0.6)
+    unicode-display_width (1.7.0)
+    warden (1.2.9)
+      rack (>= 2.0.9)
     websocket-driver (0.7.3)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.5)
diff --git a/app/controllers/auth/confirmations_controller.rb b/app/controllers/auth/confirmations_controller.rb
new file mode 100644
index 0000000..3017692
--- /dev/null
+++ b/app/controllers/auth/confirmations_controller.rb
@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Auth
+  # Custom confirmations controller
+  class ConfirmationsController < Devise::ConfirmationsController
+    # GET /resource/confirmation?confirmation_token=abcdef
+    def show
+      self.resource = resource_class.confirm_by_token(params[:confirmation_token])
+      yield resource if block_given?
+
+      if resource.errors.empty?
+        respond_with_navigational(resource) { redirect_to after_confirmation_path_for(resource_name, resource) }
+      else
+        redirect_to "http://#{ENV['CLIENT_URL']}?error=#{I18n.t('errors.messages.already_confirmed')}"
+      end
+    end
+
+    private
+
+    # redirect user to front end app after confirming the email adress.
+    def after_confirmation_path_for(_resource_name, _resource)
+      "http://#{ENV['CLIENT_URL']}?notice=#{I18n.t('devise.confirmations.confirmed')}"
+    end
+  end
+end
diff --git a/app/controllers/auth/passwords_controller.rb b/app/controllers/auth/passwords_controller.rb
new file mode 100644
index 0000000..a5abc67
--- /dev/null
+++ b/app/controllers/auth/passwords_controller.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module Auth
+  # Custom passwords controller
+  class PasswordsController < Devise::PasswordsController
+    # GET /resource/password/edit?reset_password_token=abcdef
+    # redirect user to front end to reset the passwords there
+    def edit
+      redirect_to "http://#{ENV['CLIENT_URL']}/users/password/edit?reset_password_token=#{params[:reset_password_token]}"
+    end
+  end
+end
\ No newline at end of file
diff --git a/app/controllers/confirmations_controller.rb b/app/controllers/confirmations_controller.rb
deleted file mode 100644
index 46022d5..0000000
--- a/app/controllers/confirmations_controller.rb
+++ /dev/null
@@ -1,23 +0,0 @@
-# frozen_string_literal: true
-
-# Custom confirmations controller
-class ConfirmationsController < Devise::ConfirmationsController
-  # GET /resource/confirmation?confirmation_token=abcdef
-  def show
-    self.resource = resource_class.confirm_by_token(params[:confirmation_token])
-    yield resource if block_given?
-
-    if resource.errors.empty?
-      respond_with_navigational(resource) { redirect_to after_confirmation_path_for(resource_name, resource) }
-    else
-      redirect_to "http://#{ENV['CLIENT_URL']}?error=#{I18n.t('errors.messages.already_confirmed')}"
-    end
-  end
-
-  private
-
-  # redirect user to front end app after confirming the email adress.
-  def after_confirmation_path_for(_resource_name, _resource)
-    "http://#{ENV['CLIENT_URL']}?notice=#{I18n.t('devise.confirmations.confirmed')}"
-  end
-end
diff --git a/config/initializers/graphql_auth.rb b/config/initializers/graphql_auth.rb
index 50b1acf..9331db9 100644
--- a/config/initializers/graphql_auth.rb
+++ b/config/initializers/graphql_auth.rb
@@ -12,6 +12,7 @@
   config.allow_sign_up = true
   config.allow_lock_account = true
   config.allow_unlock_account = true
+  config.allow_email_confirmable = true
 
   # Allow custom mutations for signup and update account
   # config.sign_up_mutation = '::Mutations::Auth::SignUp'
diff --git a/config/routes.rb b/config/routes.rb
index 6f3f0be..9fd62f4 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -5,7 +5,12 @@
 
   mount RailsAdmin::Engine => '/admin', as: 'rails_admin'
   post '/graphql', to: 'graphql#execute'
-  devise_for :users, controllers: { confirmations: 'confirmations' }, skip: :registrations # skip registration route
+  devise_for :users,
+             controllers: {
+               confirmations: 'auth/confirmations',
+               passwords: 'auth/passwords'
+             },
+             skip: :registrations # skip registration route
 
   # Just a blank root path
   root 'pages#blank'