WIP: Graphql poc

Gemfile

@@ -46,6 +46,8 @@ gem 'activity_notification', '~> 1.7'
 gem 'pundit', '~> 2.1'
 # use twitter_cldr for localization improvements (sorting strings according to hungarian)
 gem 'twitter_cldr', '~> 6.4'
+# use graphql for graphql endpoints
+gem 'graphql', '1.9.18'
 
 group :development, :test do
   # Call 'byebug' anywhere in the code to stop execution and get a debugger console
@@ -78,4 +80,5 @@ group :development do
 
   gem 'better_errors'
   gem 'binding_of_caller'
+  gem 'graphiql-rails'
 end

Gemfile.lock

@@ -112,6 +112,10 @@ GEM
     ffi (1.11.1)
     globalid (0.4.2)
       activesupport (>= 4.2.0)
+    graphiql-rails (1.7.0)
+      railties
+      sprockets-rails
+    graphql (1.9.18)
     hashie (3.6.0)
     http_parser.rb (0.6.0)
     httparty (0.17.1)
@@ -315,6 +319,8 @@ DEPENDENCIES
   em-http-request
   exception_handler (~> 0.8.0.0)
   factory_bot_rails
+  graphiql-rails
+  graphql (= 1.9.18)
   jquery-rails
   kaminari
   minitest (~> 5.10.0)

app/assets/config/manifest.js

@@ -0,0 +1,3 @@
+//= link graphiql/rails/application.css
+//= link graphiql/rails/application.js
+

app/controllers/graphql_controller.rb

@@ -0,0 +1,48 @@
+class GraphqlController < ApplicationController
+  # If accessing from outside this domain, nullify the session
+  # This allows for outside API access while preventing CSRF attacks,
+  # but you'll have to authenticate your user separately
+  # protect_from_forgery with: :null_session
+
+  def execute
+    variables = ensure_hash(params[:variables])
+    query = params[:query]
+    operation_name = params[:operationName]
+    context = {
+      # Query context goes here, for example:
+      # current_user: current_user,
+    }
+    result = Schema.execute(query, variables: variables, context: context, operation_name: operation_name)
+    render json: result
+  rescue => e
+    raise e unless Rails.env.development?
+    handle_error_in_development e
+  end
+
+  private
+
+  # Handle form data, JSON body, or a blank value
+  def ensure_hash(ambiguous_param)
+    case ambiguous_param
+    when String
+      if ambiguous_param.present?
+        ensure_hash(JSON.parse(ambiguous_param))
+      else
+        {}
+      end
+    when Hash, ActionController::Parameters
+      ambiguous_param
+    when nil
+      {}
+    else
+      raise ArgumentError, "Unexpected parameter: #{ambiguous_param}"
+    end
+  end
+
+  def handle_error_in_development(e)
+    logger.error e.message
+    logger.error e.backtrace.join("\n")
+
+    render json: { error: { message: e.message, backtrace: e.backtrace }, data: {} }, status: 500
+  end
+end

app/graphql/mutations/base_mutation.rb

@@ -0,0 +1,8 @@
+module Mutations
+  class BaseMutation < GraphQL::Schema::RelayClassicMutation
+    argument_class Types::BaseArgument
+    field_class Types::BaseField
+    input_object_class Types::BaseInputObject
+    object_class Types::BaseObject
+  end
+end

app/graphql/mutations/sign_in_mutation.rb

@@ -0,0 +1,27 @@
+module Mutations
+  class SignInMutation < Mutations::BaseMutation
+    argument :access_token, String, required: true
+
+    type Types::AuthPayloadType
+
+    def resolve(access_token)
+      authenticator = Authenticator.new
+      user_info = authenticator.authentication(access_token)
+      user = User.find_by(auth_sch_id: user_info[:auth_sch_id])
+
+      if user 
+        user.update_last_login!
+        payload = { id: user.id }
+        token = JWT.encode payload, "S3cR3T", 'HS256'
+        {
+          token: token
+        }
+      else
+        # TODO: Registration
+        {
+          token: nil
+        }
+      end
+    end
+  end
+end

app/graphql/queries/base_query.rb

@@ -0,0 +1,4 @@
+module Queries
+  class BaseQuery < GraphQL::Schema::Resolver
+  end
+end

app/graphql/queries/fetch_groups.rb

@@ -0,0 +1,11 @@
+module Queries
+  class FetchGroups < Queries::BaseQuery
+    argument :only_active, Boolean, required: false
+    type Types::GroupType.connection_type, null: false
+
+    def resolve(only_active: nil)
+      return Group.order(:name).reject(&:inactive?) if only_active
+      Group.order(:name)
+    end
+  end
+end

app/graphql/schema.rb

@@ -0,0 +1,4 @@
+class Schema < GraphQL::Schema
+  mutation(Types::MutationType)
+  query(Types::QueryType)
+end

app/graphql/types/auth_payload_type.rb

@@ -0,0 +1,5 @@
+module Types
+  class AuthPayloadType < Types::BaseObject
+    field :token, String, null: true
+  end
+end

app/graphql/types/base_argument.rb

@@ -0,0 +1,4 @@
+module Types
+  class BaseArgument < GraphQL::Schema::Argument
+  end
+end

app/graphql/types/base_enum.rb

@@ -0,0 +1,4 @@
+module Types
+  class BaseEnum < GraphQL::Schema::Enum
+  end
+end

app/graphql/types/base_field.rb

@@ -0,0 +1,5 @@
+module Types
+  class BaseField < GraphQL::Schema::Field
+    argument_class Types::BaseArgument
+  end
+end

app/graphql/types/base_input_object.rb

@@ -0,0 +1,5 @@
+module Types
+  class BaseInputObject < GraphQL::Schema::InputObject
+    argument_class Types::BaseArgument
+  end
+end

app/graphql/types/base_interface.rb

@@ -0,0 +1,7 @@
+module Types
+  module BaseInterface
+    include GraphQL::Schema::Interface
+
+    field_class Types::BaseField
+  end
+end

app/graphql/types/base_object.rb

@@ -0,0 +1,5 @@
+module Types
+  class BaseObject < GraphQL::Schema::Object
+    field_class Types::BaseField
+  end
+end

app/graphql/types/base_scalar.rb

@@ -0,0 +1,4 @@
+module Types
+  class BaseScalar < GraphQL::Schema::Scalar
+  end
+end

app/graphql/types/base_union.rb

@@ -0,0 +1,4 @@
+module Types
+  class BaseUnion < GraphQL::Schema::Union
+  end
+end

app/graphql/types/group_type.rb

@@ -0,0 +1,6 @@
+module Types
+  class GroupType < Types::BaseObject
+    field :id, ID, null: false, description: "The ID of the Group"
+    field :name, String, null: false
+  end
+end

app/graphql/types/mutation_type.rb

@@ -0,0 +1,7 @@
+module Types
+  class MutationType < Types::BaseObject
+    field :sign_in, resolver: Mutations::SignInMutation do
+      description 'Sign in with access token'
+    end
+  end
+end

app/graphql/types/query_type.rb

@@ -0,0 +1,7 @@
+module Types
+  class QueryType < Types::BaseObject
+    field :groups, resolver: Queries::FetchGroups do
+      description 'Find all group'
+    end
+  end
+end

app/lib/authenticator.rb

@@ -0,0 +1,23 @@
+class Authenticator
+  def initialize(connection = Faraday.new)
+    @connection = connection
+  end
+
+  def authentication(access_token)
+    user = fetch_user_info(access_token)
+    {
+      auth_sch_id: user['internal_id']
+    }
+  end
+
+  private
+
+  def fetch_user_info(access_token)
+    response = @connection.get 'https://auth.sch.bme.hu/api/profile', {
+      access_token: access_token
+    }
+    parsed_response = JSON.parse(response.body)
+    raise IOError, parsed_response['error'] unless response.success?
+    parsed_response
+  end
+end

app/models/svie_post_request.rb

@@ -5,7 +5,6 @@
 #  id          :integer          not null, primary key
 #  member_type :string
 #  user_id     :integer
-#
 # Foreign Keys
 #
 #  fk_rails_...  (user_id => users.id)

config/application.rb

@@ -21,6 +21,8 @@ class Application < Rails::Application
       }
     }
 
+    require "sprockets/railtie"
+
     # Custom directories with classes and modules you want to be autoloadable.
     config.autoload_paths << Rails.root.join('lib')
 

config/database.yml

@@ -9,8 +9,8 @@ default: &default
   encoding: unicode
   pool: 5
   host: localhost
-  username: pek-next
-  password: pek-next
+  username: postgres
+  password: password
 
 development:
   <<: *default

config/routes.rb

@@ -1,5 +1,10 @@
 Rails.application.routes.draw do
 
+  if Rails.env.development?
+    mount GraphiQL::Rails::Engine, at: "/graphiql", graphql_path: "/graphql"
+  end
+
+  post '/graphql', to: 'graphql#execute'
   get '/logout', to: 'sessions#destroy', as: :logout
   get '/login', to: 'sessions#new', as: :login
   get '/auth/oauth/callback', to: 'sessions#create'