| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051 |
- # frozen_string_literal: true
- module Mutations
- class User::Login < Mutations::BaseMutation
- include ControllerMethods
- field :user, Types::UserType, null: false
- argument :login, String, required: true
- argument :password, String, required: true
- def resolve(login:, password:)
- user = ::User.find_for_database_authentication(login: login)
- if user # && active_for_authentication?(user)
- raise_user_error('bad credentials') unless user.authenticate(password)
- # set_auth_headers(user)
- context[:controller].login(user)
- # controller.sign_in(:user, user, store: false, bypass: false)
- {user: user}
- elsif user && !active_for_authentication?(user)
- if locked?(user)
- raise_user_error('account locked')
- else
- raise_user_error('account not confirmed', email: user.email)
- end
- else
- raise_user_error('bad credentials given')
- end
- end
- private
- def invalid_for_authentication?(user, password)
- valid_password = user.valid_password?(password)
- (user.respond_to?(:valid_for_authentication?) && !user.valid_for_authentication? { valid_password }) ||
- !valid_password
- end
- def active_for_authentication?(user)
- !user.respond_to?(:active_for_authentication?) || user.active_for_authentication?
- end
- def locked?(user)
- user.respond_to?(:locked_at) && user.locked_at
- end
- end
- end
|
