Update to RW v0.37

api/package.json

@@ -3,6 +3,7 @@
   "version": "0.0.0",
   "private": true,
   "dependencies": {
-    "@redwoodjs/api": "^0.36.0"
+    "@redwoodjs/api": "^0.37.0",
+    "@redwoodjs/graphql-server": "0.37.0"
   }
 }

api/src/directives/requireAuth/requireAuth.js

@@ -0,0 +1,22 @@
+import gql from 'graphql-tag'
+
+import { createValidatorDirective } from '@redwoodjs/graphql-server'
+
+import { requireAuth as applicationRequireAuth } from 'src/lib/auth'
+
+export const schema = gql`
+  """
+  Use to check whether or not a user is authenticated and is associated
+  with an optional set of roles.
+  """
+  directive @requireAuth(roles: [String]) on FIELD_DEFINITION
+`
+
+const validate = ({ directiveArgs }) => {
+  const { roles } = directiveArgs
+  applicationRequireAuth({ roles })
+}
+
+const requireAuth = createValidatorDirective(schema, validate)
+
+export default requireAuth

api/src/directives/requireAuth/requireAuth.test.js

@@ -0,0 +1,18 @@
+import { mockRedwoodDirective, getDirectiveName } from '@redwoodjs/testing/api'
+
+import requireAuth from './requireAuth'
+
+describe('requireAuth directive', () => {
+  it('declares the directive sdl as schema, with the correct name', () => {
+    expect(requireAuth.schema).toBeTruthy()
+    expect(getDirectiveName(requireAuth.schema)).toBe('requireAuth')
+  })
+
+  it('requireAuth has stub implementation. Should not throw when current user', () => {
+    // If you want to set values in context, pass it through e.g.
+    // mockRedwoodDirective(requireAuth, { context: { currentUser: { id: 1, name: 'Lebron McGretzky' } }})
+    const mockExecution = mockRedwoodDirective(requireAuth, { context: {} })
+
+    expect(mockExecution).not.toThrowError()
+  })
+})

api/src/directives/skipAuth/skipAuth.js

@@ -0,0 +1,16 @@
+import gql from 'graphql-tag'
+
+import { createValidatorDirective } from '@redwoodjs/graphql-server'
+
+export const schema = gql`
+  """
+  Use to skip authentication checks and allow public access.
+  """
+  directive @skipAuth on FIELD_DEFINITION
+`
+
+const skipAuth = createValidatorDirective(schema, () => {
+  return
+})
+
+export default skipAuth

api/src/directives/skipAuth/skipAuth.test.js

@@ -0,0 +1,10 @@
+import { getDirectiveName } from '@redwoodjs/testing/api'
+
+import skipAuth from './skipAuth'
+
+describe('skipAuth directive', () => {
+  it('declares the directive sdl as schema, with the correct name', () => {
+    expect(skipAuth.schema).toBeTruthy()
+    expect(getDirectiveName(skipAuth.schema)).toBe('skipAuth')
+  })
+})

api/src/functions/graphql.js

@@ -1,22 +1,18 @@
-import {
-  createGraphQLHandler,
-  makeMergedSchema,
-  makeServices,
-} from '@redwoodjs/api'
+import { createGraphQLHandler } from '@redwoodjs/graphql-server'
 import { logger } from 'src/lib/logger'
 
-import schemas from 'src/graphql/**/*.{js,ts}'
+import directives from 'src/directives/**/*.{js,ts}'
+import sdls from 'src/graphql/**/*.sdl.{js,ts}'
 import services from 'src/services/**/*.{js,ts}'
 import { db } from 'src/lib/db'
 
 export const handler = createGraphQLHandler({
-  loggerConfig: { logger, options: {} },
-  schema: makeMergedSchema({
-    schemas,
-    services: makeServices({ services }),
-  }),
+  loggerConfig: { logger, options: { operationName: true, query: true } },
+  directives,
+  sdls,
+  services,
   onException: () => {
     // Disconnect from your database with an unhandled exception.
     db.$disconnect()
-  }
+  },
 })

api/src/graphql/todos.sdl.js

@@ -6,12 +6,12 @@ export const schema = gql`
   }
 
   type Query {
-    todos: [Todo]
+    todos: [Todo] @skipAuth
   }
 
   type Mutation {
-    createTodo(body: String!): Todo
-    updateTodoStatus(id: Int!, status: String!): Todo
-    renameTodo(id: Int!, body: String!): Todo
+    createTodo(body: String!): Todo @skipAuth
+    updateTodoStatus(id: Int!, status: String!): Todo @skipAuth
+    renameTodo(id: Int!, body: String!): Todo @skipAuth
   }
 `

api/src/lib/auth.js

@@ -0,0 +1,25 @@
+/**
+ * Once you are ready to add authentication to your application
+ * you'll build out requireAuth() with real functionality. For
+ * now we just return `true` so that the calls in services
+ * have something to check against, simulating a logged
+ * in user that is allowed to access that service.
+ *
+ * See https://redwoodjs.com/docs/authentication for more info.
+ */
+export const isAuthenticated = () => {
+  return true
+}
+
+export const hasRole = ({ roles }) => {
+  return roles !== undefined
+}
+
+// This is used by the redwood directive
+// in ./api/src/directives/requireAuth
+
+// Roles are passed in by the requireAuth directive if you have auth setup
+// eslint-disable-next-line @typescript-eslint/no-unused-vars
+export const requireAuth = ({ roles }) => {
+  return isAuthenticated()
+}

package.json

@@ -6,7 +6,7 @@
     "packages/*"
   ],
   "devDependencies": {
-    "@redwoodjs/core": "^0.36.0"
+    "@redwoodjs/core": "^0.37.0"
   },
   "eslintConfig": {
     "extends": "@redwoodjs/eslint-config"
@@ -15,4 +15,4 @@
     "node": ">=14",
     "yarn": ">=1.15"
   }
-}
+}

web/package.json

@@ -13,13 +13,13 @@
     ]
   },
   "dependencies": {
-    "@redwoodjs/auth": "^0.36.0",
-    "@redwoodjs/forms": "^0.36.0",
-    "@redwoodjs/router": "^0.36.0",
-    "@redwoodjs/web": "^0.36.0",
+    "@redwoodjs/auth": "^0.37.0",
+    "@redwoodjs/forms": "^0.37.0",
+    "@redwoodjs/router": "^0.37.0",
+    "@redwoodjs/web": "^0.37.0",
     "prop-types": "^15.7.2",
     "react": "^17.0.2",
     "react-dom": "^17.0.2",
     "styled-components": "^5.1.0"
   }
-}
+}