{"id":13748707,"url":"https://github.com/o2web/graphql-auth","last_synced_at":"2026-04-04T04:34:26.777Z","repository":{"id":55515450,"uuid":"151639199","full_name":"o2web/graphql-auth","owner":"o2web","description":"GraphQL authentication with JWT","archived":false,"fork":false,"pushed_at":"2023-02-06T13:35:44.000Z","size":135,"stargazers_count":26,"open_issues_count":11,"forks_count":27,"subscribers_count":5,"default_branch":"master","last_synced_at":"2024-11-15T23:30:56.798Z","etag":null,"topics":["devise","graphql","jwt"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/o2web.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-10-04T21:39:31.000Z","updated_at":"2024-05-20T13:14:05.000Z","dependencies_parsed_at":"2023-02-10T01:45:57.192Z","dependency_job_id":null,"html_url":"https://github.com/o2web/graphql-auth","commit_stats":null,"previous_names":[],"tags_count":12,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/o2web%2Fgraphql-auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/o2web%2Fgraphql-auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/o2web%2Fgraphql-auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/o2web%2Fgraphql-auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/o2web","download_url":"https://codeload.github.com/o2web/graphql-auth/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253240350,"owners_count":21876593,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["devise","graphql","jwt"],"created_at":"2024-08-03T07:00:47.832Z","updated_at":"2025-12-27T01:29:38.951Z","avatar_url":"https://github.com/o2web.png","language":"Ruby","readme":"# GraphQL Auth\n\n[![Build Status](https://travis-ci.org/o2web/graphql-auth.svg?branch=master)](https://travis-ci.org/o2web/graphql-auth) [![Maintainability](https://api.codeclimate.com/v1/badges/7e2515bb59f0b205a603/maintainability)](https://codeclimate.com/github/o2web/graphql-auth/maintainability)\n[![Downloads](https://img.shields.io/gem/dt/graphql-auth.svg)](https://rubygems.org/gems/graphql-auth)\n[![Latest Version](https://img.shields.io/gem/v/graphql-auth.svg)](https://rubygems.org/gems/graphql-auth)\n\nThis gem provides an authentication mechanism on a GraphQL API. It use JSON Web Token (JWT) and Devise logic.\n\n## Installation\n\nAdd this line to your application's Gemfile:\n\n```ruby\ngem 'graphql-auth'\n```\n\nAnd then execute:\n\n    $ bundle\n\nOr install it yourself as:\n\n    $ gem install graphql-auth\n\nThen run the installer to create `graphql_auth.rb` file in your initializers folder.\n\n```\nrails g graphql_auth:install\n```\n\nMake sure to read all configurations present inside the file and fill them with your own configs.\n\n## Devise gem\n\n Use Devise with a User model and skip all route\n\n ```ruby\nRails.application.routes.draw do\n  devise_for :users, skip: :all\nend\n```\n\n## Usage\n\nMake 'JWT_SECRET_KEY' and 'APP_URL' available to ENV\n\n```\nJWT_SECRET_KEY=\nAPP_URL=\n```\n\nMake sure the `Authorization` header is allowed in your api\n\n```ruby\nRails.application.config.middleware.insert_before 0, Rack::Cors do\n  allow do\n    origins '*'\n    resource '*',\n             headers: %w(Authorization Expires RefreshToken),\n             methods: :any,\n             expose: %w(Authorization Expires RefreshToken),\n             max_age: 600\n  end\nend\n```\n\nMake sure to include `Graphql::AuthHelper` in your `GraphqlController`. A context method returning the current_user will be available\n\n```ruby\nclass GraphqlController \u003c ActionController::API\n\n  include Graphql::AuthHelper\n\n  def execute\n    variables = ensure_hash(params[:variables])\n    query = params[:query]\n    operation_name = params[:operationName]\n    result = ::GraphqlSchema.execute(query, variables: variables, context: context, operation_name: operation_name)\n    render json: result\n\n    ...\n```\n\nMake sure to implement `GraphqlAuth` in your `MutationType` to make auth mutations available\n\n```ruby\nclass Types::MutationType \u003c Types::BaseObject\n  implements ::Types::GraphqlAuth\nend\n```\n\n## Customization\n\nIf you can to customize any mutation, make sure to update the configurations\n\n```ruby\nGraphQL::Auth.configure do |config|\n  # config.token_lifespan = 4.hours\n  # config.jwt_secret_key = ENV['JWT_SECRET_KEY']\n  # config.app_url = ENV['APP_URL']\n\n  # config.user_type = '::Types::Auth::User'\n\n  # Devise allowed actions\n  # Don't forget to enable the lockable setting in your Devise user model if you plan on using the lock_account feature\n  # config.allow_sign_up = true\n  # config.allow_lock_account = false\n  # config.allow_unlock_account = false\n\n  # Allow custom mutations for signup and update account\n  # config.sign_up_mutation = '::Mutations::Auth::SignUp'\n  # config.update_account_mutation = '::Mutations::Auth::UpdateAccount'\nend\n```\n\n## Development\n\nAfter checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.\n\nTo install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `graphql-auth.gemspec`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).\n\n## Contributing\n\nBug reports and pull requests are welcome on GitHub at https://github.com/o2web/graphql-auth. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.\n\n## License\n\nThe gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).\n\n## Code of Conduct\n\nEveryone interacting in the GraphQL Auth project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/o2web/graphql-auth/blob/master/CODE_OF_CONDUCT.md).\n","funding_links":[],"categories":["Libraries","Ruby","Implementations"],"sub_categories":["Ruby Libraries","Ruby"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fo2web%2Fgraphql-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fo2web%2Fgraphql-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fo2web%2Fgraphql-auth/lists"}