From 357f878b5eee111a7009bcf47a307c96a86eaff1 Mon Sep 17 00:00:00 2001 From: Michael Bromley Date: Tue, 23 Jun 2020 16:17:03 +0200 Subject: [PATCH] feat(core): Implement `authenticate` mutation for Admin API --- .../src/api/resolvers/admin/auth.resolver.ts | 18 +++++++++++++++++- .../src/api/schema/admin-api/auth.api.graphql | 6 +++++- .../core/src/service/services/auth.service.ts | 10 ++++++++++ 3 files changed, 32 insertions(+), 2 deletions(-) diff --git a/packages/core/src/api/resolvers/admin/auth.resolver.ts b/packages/core/src/api/resolvers/admin/auth.resolver.ts index 3323616d70..8d200c7719 100644 --- a/packages/core/src/api/resolvers/admin/auth.resolver.ts +++ b/packages/core/src/api/resolvers/admin/auth.resolver.ts @@ -1,5 +1,10 @@ import { Args, Context, Mutation, Query, Resolver } from '@nestjs/graphql'; -import { LoginResult, MutationLoginArgs, Permission } from '@vendure/common/lib/generated-types'; +import { + LoginResult, + MutationAuthenticateArgs, + MutationLoginArgs, + Permission, +} from '@vendure/common/lib/generated-types'; import { Request, Response } from 'express'; import { ConfigService } from '../../../config/config.service'; @@ -35,6 +40,17 @@ export class AuthResolver extends BaseAuthResolver { return super.login(args, ctx, req, res, 'admin'); } + @Mutation() + @Allow(Permission.Public) + authenticate( + @Args() args: MutationAuthenticateArgs, + @Ctx() ctx: RequestContext, + @Context('req') req: Request, + @Context('res') res: Response, + ): Promise { + return this.createAuthenticatedSession(ctx, args, req, res, 'shop'); + } + @Mutation() @Allow(Permission.Public) logout( diff --git a/packages/core/src/api/schema/admin-api/auth.api.graphql b/packages/core/src/api/schema/admin-api/auth.api.graphql index e2de3c97e4..62e4288ef6 100644 --- a/packages/core/src/api/schema/admin-api/auth.api.graphql +++ b/packages/core/src/api/schema/admin-api/auth.api.graphql @@ -3,6 +3,10 @@ type Query { } type Mutation { - login(username: String!, password: String!, rememberMe: Boolean): LoginResult! + login(username: String!, password: String!, rememberMe: Boolean): LoginResult! @deprecated(reason: "Use `authenticate` mutation with the 'native' strategy instead.") + authenticate(input: AuthenticationInput!, rememberMe: Boolean): LoginResult! logout: Boolean! } + +# Populated at run-time +input AuthenticationInput diff --git a/packages/core/src/service/services/auth.service.ts b/packages/core/src/service/services/auth.service.ts index 58348d85de..84680325f3 100644 --- a/packages/core/src/service/services/auth.service.ts +++ b/packages/core/src/service/services/auth.service.ts @@ -59,6 +59,16 @@ export class AuthService { if (!user) { throw new UnauthorizedError(); } + if (!user.roles || !user.roles[0]?.channels) { + const userWithRoles = await this.connection + .getRepository(User) + .createQueryBuilder('user') + .leftJoinAndSelect('user.roles', 'role') + .leftJoinAndSelect('role.channels', 'channel') + .where('user.id = :userId', { userId: user.id }) + .getOne(); + user.roles = userWithRoles?.roles || []; + } if (this.configService.authOptions.requireVerification && !user.verified) { throw new NotVerifiedError();