DEV Community: Jose Luis Fonseca The latest articles on DEV Community by Jose Luis Fonseca (@joselfonseca). https://dev.to/joselfonseca https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F205430%2F2614325f-d803-4db9-b85f-e71f541c7137.png DEV Community: Jose Luis Fonseca https://dev.to/joselfonseca en Do you really need an API? Jose Luis Fonseca Tue, 29 Sep 2020 03:00:38 +0000 https://dev.to/joselfonseca/do-you-really-need-an-api-7bm https://dev.to/joselfonseca/do-you-really-need-an-api-7bm <blockquote> <p>Disclaimer: I will not try to sell you whether or not you should build an API or not in your projects. This is an article based on my personal experience with GraphQL, JSON APIs and not API at all.</p> </blockquote> <h2> Let's start by talking about my experience with JSON APIs </h2> <p>I've been building this things for over 7 years, during that time I've been using many different tools to create, document and test them. Usually when building an application that needs an API, I would start by thinking about the resources we will need, <code>users</code> <code>roles</code> etc. Then I would think about the way we can store the information about them, a MySQL database? maybe a NoSQL? who knows?.</p> <p>One thing has been consistent across all of the options and flavors I've tried and that is the need to build a consistent, performant and useful API for the clients that will use it and for that I always consult the mobile and front end developers who at the end of the day are the ones that will interact with it.</p> <p>During the time I've been doing this, we ran into several issues with REST, issues that can be solved pretty quickly, let's talk about the most common ones one by one.</p> <h3> Relationships </h3> <p>Many times the users will need to get a list of resources that have a relation to another resource, the typical example is Posts and Authors. The post is written by an author. so every time you get a post you will need to get the author for that post. The naive way of doing this is looping through the resources and calling the authors endpoint to get the author and display it. So if you have a page with 10 posts, you will be making 11 API calls in total just for that, which is not ideal and is worse when you have pages of 50. The way we typically solve this is by using includes, meaning in your API call for the posts list you append a query string parameter to the endpoint asking to include the authors. It will look something like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">GET</span> <span class="o">/</span><span class="nx">api</span><span class="o">/</span><span class="nx">posts</span><span class="p">?</span><span class="nx">include</span><span class="o">=</span><span class="nx">authors</span> </code></pre> </div> <p>The API server can lazy load this relations and deliver all of the information needed in a single API call, our server is powerful enough to handle that and should not be any issue anymore.</p> <h3> Permissions </h3> <p>One other thing we usually come across is the ability to show or not show certain information depending on who is the user or entity requesting it, this is usually solved by using an Authorization system that is able to identify who is requesting the information and what is able to see, most of the times this is solved by using a combination of OAuth 2 and a permissions system tied to a role or permissions list attached to the user that we can check against.</p> <h3> Use Case specific endpoints </h3> <p>This is something that always comes up mostly when working with mobile applications that may have limited network connectivity, if we have a screen that requires information from multiple resources, we may be asked by the mobile or front end team to create specific endpoints to get all the data needed for the screen in a single network call, in this cases we may accept to create such endpoint or we can work together in a possible solution like caching or something like that. </p> <h3> Documentation </h3> <p>There are many ways to document an API, some people use Swagger or OpenAPI, others prefer using static site generators, others use API documentation tools like Readme.io or framework specific tools. I don't think there is a lot of tooling issues here other than developer laziness to properly document the endpoints and what they need. </p> <h2> Now let's talk about my experience with GraphQL </h2> <p>GraphQL has gained a lot of popularity over the last few years, I think is a great tool and specification and that it has a lot potential and use cases, the question is, Do you need GraphQL in your project?</p> <p>I started working with GraphQL because a friend of mine (and my boss at the time) presented me this idea of a query language over HTTP that would allow us to build better APIs for our clients. At first I though it was unnecessary and I could not really see the benefits I would get from it instead of using a normal JSON or REST API. However we decided to give it a try and after a little bit more than 2 years of working with it I feel more confident to talk about when you should and should not use it.</p> <p>The first thing you need to know about me is that I have never faced the issues GraphQL is designed to solve, so to me was really hard to reset my mindset of converting resources into queries and mutations and I was very exceptical about the idea in general.</p> <p>In GraphQL you don't use HTTP status codes, because those are tied to HTTP and one of the goals of GraphQL is to be protocol agnostic in that sense. So seeing errors in the API with a 200 OK status code was shocking.</p> <h3> What is GraphQL </h3> <p>First of all, REST and GraphQL are 2 different things, they are not to be compared because you would be comparing apples and oranges, however, many people compare them because they have a use case in common. Serve and receive information between systems. </p> <p>GraphQL is a query language, basically you define your data model using GraphQL SDL and then you allow your clients query or mutate the information in your backend using a typed system. If you think about it that way its great, because you can let your clients decide what they fetch and it will give you a lot of flexibility for the frontend. This also allows for smaller response bodies and depending on the engine you use to execute these queries your backend become more or less complex.<br> Of course I can't define every single aspect of GraphQL here but having this general idea will give us a few tools for the main topic. </p> <h3> How is that different from traditional APIs? </h3> <p>At first I did not really see any difference, it was more like a different way of doing things, our first GraphQL API was pretty much a port of the traditional CRUD operations defined on queries and mutations, so we first tried to make a 1:1 model of what we were used to do in a REST API, we ended up with something like this<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// GET api/users =&gt; users: [User]</span> </code></pre> </div> <p>Our GET users resource became a users query, returning an array of user objects<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// POST api/users =&gt; createUser(input: CreateUserInput!): User</span> </code></pre> </div> <p>Our POST users resource to create a user became a createUser mutation that receives the payload and returns a user object<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// PUT api/users/:id =&gt; updateUser(id: ID!, input: UpdateUserInput!): User</span> </code></pre> </div> <p>Our PUT users resource to update a user became the updateUser mutation receiving a user ID and a payload, returning a User Object.</p> <p>And so on...</p> <p>This felt weird to be honest, however we did get a few things out of the box like the documentation and a stronger typed system to define our schemas and data model, although we could have achieved something similar with OpenAPI and JSON Schema.</p> <p>As the timed passed we learned more and realized this was not really the way we should have done it, so our second API was more use case oriented, we started creating queries and mutations based on the actual need of the app instead of plain objects that mimic the database structure, we started creating queries like <code>dashboardCountsReport</code> or <code>upgradeUserPlan</code> and it felt a little better, we where creating the access to the information the frontend needed without worries that our API would be less REST like.</p> <p>So this project went good and everyone was happy and we though that we were conquering the GraphQL world. Then the next question came to my mind. What if another app needs this API and we don't have the use cases developed in the schema for it? isn't the purpose of GraphQL allowing the client to fetch what they need?.<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fi%2F5bddlm0gnewt21utm8kk.jpeg" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fi%2F5bddlm0gnewt21utm8kk.jpeg" alt="We may have done it wrong again" width="275" height="183"></a></p> <blockquote> <p>Don't get me wrong, the API works and it does what it is suppose to, it just feels weird again.</p> </blockquote> <p>This led me to believe that "one API fits all" approach is really hard to accomplish with both GraphQL and traditional JSON or REST APIs.</p> <p>I must say however that given the nature of native mobile apps and the limited connectivity they sometimes have, being able to deliver information in smaller response bodies and letting the client choose what to show including relationships in less network round trips was a huge gain for us. We really saw some of the potential GraphQL has in those situations.</p> <h2> So, do I need an API or not? </h2> <p>My answer to this questions in tech are always, "It depends". And the reason for that is that every use case is different, every problem may have different solutions and there are MANY factors to consider before choosing what to use.</p> <p>So in order to alleviate a little bit this issue, I've come up with the following reasons to consider when starting a project and deciding what to use.</p> <p>The first questions I ask myself are:</p> <h3> Is this a website or a web app? </h3> <p>Many times your clients will come to you saying they need an app, and after they expose their idea you realize they want to build a blog with a few sections that require some interactivity and maybe it needs to be responsive, but it does not need to be downloaded from an app store and probably needs really good SEO. In this situation I tend to run away from making an API with a React or Vue SPA, is just overkill, KISS! (Keep it simple Stunning young man/woman XD).</p> <h3> Is this a web app with a single point of access or client? </h3> <p>Let's say your client wants to build a web app with user registration, probably some Stripe integration for subscriptions and features that the client can access based on the tier of their plan, BUT, without other clients accessing this like a iOS app or a KIOSK Android app. In this situation I would think on a simple Laravel app with blade and a few Vue JS components for interactivity. I would not think of it as an SPA that needs an API. Still KISS! (Keep it simple Stunning young man/woman XD).</p> <h3> Is this a Mobile App that will go into a store? </h3> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fi%2Fczkkt323sy75c2zne517.jpeg" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fi%2Fczkkt323sy75c2zne517.jpeg" alt="Alt Text" width="275" height="183"></a></p> <p>So here, you are thinking about a backend that will serve the information for your App, app that will be deployed to a store and that won't persist information locally and needs to store it "In the cloud". Here is where I start asking a subset of questions about the use case to get a closer to our best solution for our use case.</p> <h4> How many clients will access this API? </h4> <h4> How many of those clients have different use cases? </h4> <h4> Is caching at the API Server level important? </h4> <p>To help here, I always refer to an old friend (we are not really friends, he is too famous and important to know about me XD), Phil Sturgeon who created a very effective and helping decision tree to choose the right API Paradigm. I encourage you to go read his article and come back. </p> <p><a href="https://phil.tech/2018/picking-an-api-paradigm-implementation/" rel="noopener noreferrer">https://phil.tech/2018/picking-an-api-paradigm-implementation/</a></p> <p>Now that you are back, you may have a better idea how the answer to those questions may help you identify if you need a JSON or REST API, or if you need to create GraphQL server.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fi%2Flisrslo4su0v4cgxf4h1.jpg" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fi%2Flisrslo4su0v4cgxf4h1.jpg" alt="Alt Text" width="300" height="148"></a></p> <p>I've used both, GraphQL and REST and I can say that you can really make a mess with both, but also you can make GREAT things with both, so be wise picking your paradigm and don't forget that with a great power, comes a great responsibility, and you should ALWAYS look for your client's, the systems or people that will use your API (or not) providing them the tools and information to set them up for success. No matter the paradigm you use, if you have a great developer experience your APIs will be loved.</p> <h3> What about BAAS? GRPC? other protocols? </h3> <p>Well I've never worked with GRPC so I can't talk about it. BAAS systems like Amplify (AWS AppSync) or Firebase are also great options if you are looking for vendor locking and auto scale and you are not worried about the costs, look for this options, they may be a good fit. What I do want to make sure you do is not create an API if you don't really need it. Working in a blog in react with a headless CMS when you just want to publish some articles is overkill.</p> <p>Happy Coding!</p> graphql api backend architecture Laravel GraphQL demo app Jose Luis Fonseca Wed, 29 Jul 2020 02:12:59 +0000 https://dev.to/joselfonseca/laravel-graphql-demo-app-17gi https://dev.to/joselfonseca/laravel-graphql-demo-app-17gi <p>In the last few months i've been working on a series of videos (18 in total) where I talked about how to create a GraphQL server with Laravel and then I added a Vue JS frontend, the videos are in Spanish and they were part of a small series of screencast I was doing at the time due to the Covid lockdown.</p> <p>I've decided to finish the demo app and put it online for anyone who wants to see a way of doing this kind of work and maybe it can also be education material some who ever wants to start writing GraphQL APIs with Laravel. </p> <p>I hope this is useful for some people!</p> <p>The code is in Github! </p> <div class="ltag-github-readme-tag"> <div class="readme-overview"> <h2> <img src="https://res.cloudinary.com/practicaldev/image/fetch/s--566lAguM--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev.to/assets/github-logo-5a155e1f9a670af7944dd5e12375bc76ed542ea80224905ecaf878b9157cdefc.svg" alt="GitHub logo"> <a href="https://github.com/joselfonseca"> joselfonseca </a> / <a href="https://github.com/joselfonseca/contable"> contable </a> </h2> <h3> </h3> </div> <div class="ltag-github-body"> <div id="readme" class="md"> <h1> Contable</h1> <p>This is just an example app with a GraphQL server and a Vue JS client.</p> <h2> Credits</h2> <ul> <li><a href="https://joselfonseca.dev" rel="nofollow">Jose Luis Fonseca</a></li> <li><a href="https://www.youtube.com/playlist?list=PLWIk9Jo3Sp-VTXF1e-vJ9KdM-7jFjXR1l" rel="nofollow">Mini Curso de GraphQL con laravel y vue JS</a></li> </ul> </div> </div> <br> <div class="gh-btn-container"><a class="gh-btn" href="https://github.com/joselfonseca/contable">View on GitHub</a></div> <br> </div> <br> <p>Happy Coding!</p> php graphql vue tailwindcss GraphQL Auth with Passport and Lighthouse PHP Jose Luis Fonseca Fri, 02 Aug 2019 02:49:45 +0000 https://dev.to/joselfonseca/graphql-auth-with-passport-and-lighthouse-php-14g5 https://dev.to/joselfonseca/graphql-auth-with-passport-and-lighthouse-php-14g5 <p>Writing a GraphQL API with Lighthouse PHP and Laravel is really fun, but something that you always have to do is add authentication. This is a common task that Laravel already covers with Passport, but what if you want to have your login and refresh token endpoints as mutations? That is actually a good idea since you don’t really have to document your authentication mechanisms apart from your GraphQL API. You can have it with mutations as well. This is what inspired me to write a little package called Lighthouse GraphQL Passport Auth which at first seems like a long name and to tell you the truth, it is. But let’s dive into how to use it and we worry about the name later XD.</p> <h2> Installation and configuration </h2> <p>First thing we need to do is install the package, now please keep in mind that Lighthouse PHP is required as well as passport, so why don’t we install it in one shot? In a brand new laravel app please enter:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>composer require nuwave/lighthouse laravel/passport joselfonseca/lighthouse-graphql-passport-auth </code></pre> </div> <p>Now let’s configure each of the packages starting with Laravel Passport, for that we are going to first run the migrations.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>php artisan migrate </code></pre> </div> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flfhg0bp3bzr2kvwn6wxu.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flfhg0bp3bzr2kvwn6wxu.png" width="800" height="430"></a></p> <p>Then we should run the passport Install command.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>php artisan passport:install </code></pre> </div> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fi0vxhrwhc30b76k0pkh0.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fi0vxhrwhc30b76k0pkh0.png" width="800" height="183"></a></p> <p>Then add the HasApiTokens trait to your user model<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code> <span class="kn">namespace</span> <span class="nn">App</span><span class="p">;</span> <span class="kn">use</span> <span class="nc">Laravel\Passport\HasApiTokens</span><span class="p">;</span> <span class="kn">use</span> <span class="nc">Illuminate\Notifications\Notifiable</span><span class="p">;</span> <span class="kn">use</span> <span class="nc">Illuminate\Foundation\Auth\User</span> <span class="k">as</span> <span class="nc">Authenticatable</span><span class="p">;</span> <span class="kd">class</span> <span class="nc">User</span> <span class="kd">extends</span> <span class="nc">Authenticatable</span> <span class="p">{</span> <span class="kn">use</span> <span class="nc">HasApiTokens</span><span class="p">,</span> <span class="nc">Notifiable</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p>Now we should register the passport routes as we still need them to be able to get tokens internally.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="kn">namespace</span> <span class="nn">App\Providers</span><span class="p">;</span> <span class="kn">use</span> <span class="nc">Laravel\Passport\Passport</span><span class="p">;</span> <span class="kn">use</span> <span class="nc">Illuminate\Support\Facades\Gate</span><span class="p">;</span> <span class="kn">use</span> <span class="nc">Illuminate\Foundation\Support\Providers\AuthServiceProvider</span> <span class="k">as</span> <span class="nc">ServiceProvider</span><span class="p">;</span> <span class="kd">class</span> <span class="nc">AuthServiceProvider</span> <span class="kd">extends</span> <span class="nc">ServiceProvider</span> <span class="p">{</span> <span class="cd">/** * The policy mappings for the application. * * @var array */</span> <span class="k">protected</span> <span class="nv">$policies</span> <span class="o">=</span> <span class="p">[</span> <span class="s1">'App\Model'</span> <span class="o">=&gt;</span> <span class="s1">'App\Policies\ModelPolicy'</span><span class="p">,</span> <span class="p">];</span> <span class="cd">/** * Register any authentication / authorization services. * * @return void */</span> <span class="k">public</span> <span class="k">function</span> <span class="n">boot</span><span class="p">()</span> <span class="p">{</span> <span class="nv">$this</span><span class="o">-&gt;</span><span class="nf">registerPolicies</span><span class="p">();</span> <span class="nc">Passport</span><span class="o">::</span><span class="nf">routes</span><span class="p">();</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Once we have this let’s add the passport driver to the API guard in the config/auth.php file.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="s1">'guards'</span> <span class="o">=&gt;</span> <span class="p">[</span> <span class="s1">'web'</span> <span class="o">=&gt;</span> <span class="p">[</span> <span class="s1">'driver'</span> <span class="o">=&gt;</span> <span class="s1">'session'</span><span class="p">,</span> <span class="s1">'provider'</span> <span class="o">=&gt;</span> <span class="s1">'users'</span><span class="p">,</span> <span class="p">],</span> <span class="s1">'api'</span> <span class="o">=&gt;</span> <span class="p">[</span> <span class="s1">'driver'</span> <span class="o">=&gt;</span> <span class="s1">'passport'</span><span class="p">,</span> <span class="s1">'provider'</span> <span class="o">=&gt;</span> <span class="s1">'users'</span><span class="p">,</span> <span class="p">],</span> <span class="p">],</span> </code></pre> </div> <p>This should conclude the passport configuration.</p> <p>Now let’s configure and install the Lighthouse PHP package. since it was already pulled from composer we just need to run the following commands to publish the default schema.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan vendor:publish <span class="nt">--tag</span><span class="o">=</span>lighthouse-schema </code></pre> </div> <p>This command will create a file in graphql/schema.graphql with the following schema<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight graphql"><code><span class="err">"A</span><span class="w"> </span><span class="err">datetime</span><span class="w"> </span><span class="err">string</span><span class="w"> </span><span class="err">with</span><span class="w"> </span><span class="err">format</span><span class="w"> </span><span class="err">`Y-m-d</span><span class="w"> </span><span class="err">H:i:s`</span><span class="p">,</span><span class="w"> </span><span class="err">e.g.</span><span class="w"> </span><span class="err">`2018-01-01</span><span class="w"> </span><span class="err">13:00:00`."</span><span class="w"> </span><span class="k">scalar</span><span class="w"> </span><span class="n">DateTime</span><span class="w"> </span><span class="err">@</span><span class="k">scalar</span><span class="err">(</span><span class="n">class</span><span class="err">:</span><span class="w"> </span><span class="err">"Nuwave\\Lighthouse\\Schema\\Types\\Scalars\\DateTime")</span><span class="w"> </span><span class="err">"A</span><span class="w"> </span><span class="err">date</span><span class="w"> </span><span class="err">string</span><span class="w"> </span><span class="err">with</span><span class="w"> </span><span class="err">format</span><span class="w"> </span><span class="err">`Y-m-d`</span><span class="p">,</span><span class="w"> </span><span class="err">e.g.</span><span class="w"> </span><span class="err">`2011-05-23`."</span><span class="w"> </span><span class="k">scalar</span><span class="w"> </span><span class="n">Date</span><span class="w"> </span><span class="err">@</span><span class="k">scalar</span><span class="err">(</span><span class="n">class</span><span class="err">:</span><span class="w"> </span><span class="err">"Nuwave\\Lighthouse\\Schema\\Types\\Scalars\\Date")</span><span class="w"> </span><span class="k">type</span><span class="w"> </span><span class="n">Query</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">users</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="n">User</span><span class="p">!]!</span><span class="w"> </span><span class="err">@</span><span class="n">paginate</span><span class="p">(</span><span class="n">type</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">paginator</span><span class="err">"</span><span class="w"> </span><span class="n">model</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">App</span><span class="err">\\</span><span class="n">User</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">user</span><span class="p">(</span><span class="n">id</span><span class="p">:</span><span class="w"> </span><span class="nb">ID</span><span class="w"> </span><span class="err">@</span><span class="n">eq</span><span class="p">):</span><span class="w"> </span><span class="n">User</span><span class="w"> </span><span class="err">@</span><span class="n">find</span><span class="p">(</span><span class="n">model</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">App</span><span class="err">\\</span><span class="n">User</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">type</span><span class="w"> </span><span class="n">User</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">id</span><span class="p">:</span><span class="w"> </span><span class="nb">ID</span><span class="p">!</span><span class="w"> </span><span class="n">name</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="n">email</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="n">created_at</span><span class="p">:</span><span class="w"> </span><span class="n">DateTime</span><span class="p">!</span><span class="w"> </span><span class="n">updated_at</span><span class="p">:</span><span class="w"> </span><span class="n">DateTime</span><span class="p">!</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>If you have this file you should be ready to continue with the Lighthouse GraphQL Passport Auth package. </p> <p>To get the values you need to open your database client and grab the password oauth client from the oauth_clients table, get the client id and secret and put them in the .env file<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>PASSPORT_CLIENT_ID=2 PASSPORT_CLIENT_SECRET=69YJomGV9plchWIkGD2PyKBBTHfkNA7H83iYGc6j </code></pre> </div> <p>Once you do that, publish the package configuration and default schema.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan vendor:publish <span class="nt">--provider</span><span class="o">=</span><span class="s2">"Joselfonseca</span><span class="se">\L</span><span class="s2">ighthouseGraphQLPassport</span><span class="se">\P</span><span class="s2">roviders</span><span class="se">\L</span><span class="s2">ighthouseGraphQLPassportServiceProvider"</span> </code></pre> </div> <p>This command should publish 2 files, the config/lighthouse-graphql-passport.php and graphql/auth.graphql file. For convenience and to be able to have better control over the auth schema lets update the config file to use the published schema by changing the value for the schema property to the path to the published file like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="s1">'schema'</span> <span class="o">=&gt;</span> <span class="nf">base_path</span><span class="p">(</span><span class="s1">'graphql/auth.graphql'</span><span class="p">)</span> </code></pre> </div> <p>This will allow us to manipulate the schema if we need to extend it or make changes to the resolvers.</p> <p>Now let’s remove the user type from the auth schema since we already have it in the default one exported before. Go to the graphql/auth/graphql file and remove the following type<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight graphql"><code><span class="k">type</span><span class="w"> </span><span class="n">User</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">id</span><span class="p">:</span><span class="w"> </span><span class="nb">ID</span><span class="p">!</span><span class="w"> </span><span class="n">name</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="n">email</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Once we do that, we need to add a default mutation to the schema so the auth can extend it or we can simply move the auth mutations to the Mutation type in the main schema file. So look for this code in the graphql/auth.graphql file and move it to graphql/schema.graphql file<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight graphql"><code><span class="k">extend</span><span class="w"> </span><span class="k">type</span><span class="w"> </span><span class="n">Mutation</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">login</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">LoginInput</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">AuthPayload</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">Login</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">refreshToken</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">RefreshTokenInput</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">RefreshTokenPayload</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">RefreshToken</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">logout</span><span class="p">:</span><span class="w"> </span><span class="n">LogoutResponse</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">Logout</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">forgotPassword</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">ForgotPasswordInput</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">ForgotPasswordResponse</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">ForgotPassword</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">updateForgottenPassword</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">NewPasswordWithCodeInput</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">ForgotPasswordResponse</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">ResetPassword</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">register</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">RegisterInput</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">RegisterResponse</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">Register</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">socialLogin</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">SocialLoginInput</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">AuthPayload</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">SocialLogin</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">verifyEmail</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">VerifyEmailInput</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">AuthPayload</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">VerifyEmail</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">updatePassword</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">UpdatePassword</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">UpdatePasswordResponse</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">UpdatePassword</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="err">@</span><span class="n">guard</span><span class="p">(</span><span class="n">with</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="err">"</span><span class="n">api</span><span class="err">"</span><span class="p">])</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Then remove the extend word<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight graphql"><code><span class="k">type</span><span class="w"> </span><span class="n">Mutation</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">login</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">LoginInput</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">AuthPayload</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">Login</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">refreshToken</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">RefreshTokenInput</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">RefreshTokenPayload</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">RefreshToken</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">logout</span><span class="p">:</span><span class="w"> </span><span class="n">LogoutResponse</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">Logout</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">forgotPassword</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">ForgotPasswordInput</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">ForgotPasswordResponse</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">ForgotPassword</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">updateForgottenPassword</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">NewPasswordWithCodeInput</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">ForgotPasswordResponse</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">ResetPassword</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">register</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">RegisterInput</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">RegisterResponse</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">Register</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">socialLogin</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">SocialLoginInput</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">AuthPayload</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">SocialLogin</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">verifyEmail</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">VerifyEmailInput</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">AuthPayload</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">VerifyEmail</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">updatePassword</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">UpdatePassword</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">UpdatePasswordResponse</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">UpdatePassword</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="err">@</span><span class="n">guard</span><span class="p">(</span><span class="n">with</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="err">"</span><span class="n">api</span><span class="err">"</span><span class="p">])</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>You should now have your schema files like this</p> <p><em>graphql/auth.graphql</em><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight graphql"><code><span class="k">input</span><span class="w"> </span><span class="n">LoginInput</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">username</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="n">password</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">input</span><span class="w"> </span><span class="n">RefreshTokenInput</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">refresh_token</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">type</span><span class="w"> </span><span class="n">User</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">id</span><span class="p">:</span><span class="w"> </span><span class="nb">ID</span><span class="p">!</span><span class="w"> </span><span class="n">name</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="n">email</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">type</span><span class="w"> </span><span class="n">AuthPayload</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">access_token</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="w"> </span><span class="n">refresh_token</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="w"> </span><span class="n">expires_in</span><span class="p">:</span><span class="w"> </span><span class="nb">Int</span><span class="w"> </span><span class="n">token_type</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="w"> </span><span class="n">user</span><span class="p">:</span><span class="w"> </span><span class="n">User</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">type</span><span class="w"> </span><span class="n">RefreshTokenPayload</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">access_token</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="n">refresh_token</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="n">expires_in</span><span class="p">:</span><span class="w"> </span><span class="nb">Int</span><span class="p">!</span><span class="w"> </span><span class="n">token_type</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">type</span><span class="w"> </span><span class="n">LogoutResponse</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">status</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="n">message</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">type</span><span class="w"> </span><span class="n">ForgotPasswordResponse</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">status</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="n">message</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">type</span><span class="w"> </span><span class="n">RegisterResponse</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">tokens</span><span class="p">:</span><span class="w"> </span><span class="n">AuthPayload</span><span class="w"> </span><span class="n">status</span><span class="p">:</span><span class="w"> </span><span class="n">RegisterStatuses</span><span class="p">!</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">type</span><span class="w"> </span><span class="n">UpdatePasswordResponse</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">status</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="n">message</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">enum</span><span class="w"> </span><span class="n">RegisterStatuses</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">MUST_VERIFY_EMAIL</span><span class="w"> </span><span class="n">SUCCESS</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">input</span><span class="w"> </span><span class="n">ForgotPasswordInput</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">email</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">rules</span><span class="p">(</span><span class="n">apply</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="err">"</span><span class="n">required</span><span class="err">"</span><span class="p">,</span><span class="w"> </span><span class="err">"</span><span class="n">email</span><span class="err">"</span><span class="p">])</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">input</span><span class="w"> </span><span class="n">NewPasswordWithCodeInput</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">email</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">rules</span><span class="p">(</span><span class="n">apply</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="err">"</span><span class="n">required</span><span class="err">"</span><span class="p">,</span><span class="w"> </span><span class="err">"</span><span class="n">email</span><span class="err">"</span><span class="p">])</span><span class="w"> </span><span class="n">token</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">rules</span><span class="p">(</span><span class="n">apply</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="err">"</span><span class="n">required</span><span class="err">"</span><span class="p">,</span><span class="w"> </span><span class="err">"</span><span class="n">string</span><span class="err">"</span><span class="p">])</span><span class="w"> </span><span class="n">password</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">rules</span><span class="p">(</span><span class="n">apply</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="err">"</span><span class="n">required</span><span class="err">"</span><span class="p">,</span><span class="w"> </span><span class="err">"</span><span class="n">confirmed</span><span class="err">"</span><span class="p">,</span><span class="w"> </span><span class="err">"</span><span class="n">min</span><span class="err">:8"</span><span class="p">])</span><span class="w"> </span><span class="n">password_confirmation</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">input</span><span class="w"> </span><span class="n">RegisterInput</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">name</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">rules</span><span class="p">(</span><span class="n">apply</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="err">"</span><span class="n">required</span><span class="err">"</span><span class="p">,</span><span class="w"> </span><span class="err">"</span><span class="n">string</span><span class="err">"</span><span class="p">])</span><span class="w"> </span><span class="n">email</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">rules</span><span class="p">(</span><span class="n">apply</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="err">"</span><span class="n">required</span><span class="err">"</span><span class="p">,</span><span class="w"> </span><span class="err">"</span><span class="n">email</span><span class="err">"</span><span class="p">,</span><span class="w"> </span><span class="err">"</span><span class="n">unique</span><span class="err">:</span><span class="n">users</span><span class="p">,</span><span class="n">email</span><span class="err">"</span><span class="p">])</span><span class="w"> </span><span class="n">password</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">rules</span><span class="p">(</span><span class="n">apply</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="err">"</span><span class="n">required</span><span class="err">"</span><span class="p">,</span><span class="w"> </span><span class="err">"</span><span class="n">confirmed</span><span class="err">"</span><span class="p">,</span><span class="w"> </span><span class="err">"</span><span class="n">min</span><span class="err">:8"</span><span class="p">])</span><span class="w"> </span><span class="n">password_confirmation</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">input</span><span class="w"> </span><span class="n">SocialLoginInput</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">provider</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">rules</span><span class="p">(</span><span class="n">apply</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="err">"</span><span class="n">required</span><span class="err">"</span><span class="p">])</span><span class="w"> </span><span class="n">token</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">rules</span><span class="p">(</span><span class="n">apply</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="err">"</span><span class="n">required</span><span class="err">"</span><span class="p">])</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">input</span><span class="w"> </span><span class="n">VerifyEmailInput</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">token</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">input</span><span class="w"> </span><span class="n">UpdatePassword</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">old_password</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="n">password</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">rules</span><span class="p">(</span><span class="n">apply</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="err">"</span><span class="n">required</span><span class="err">"</span><span class="p">,</span><span class="w"> </span><span class="err">"</span><span class="n">confirmed</span><span class="err">"</span><span class="p">,</span><span class="w"> </span><span class="err">"</span><span class="n">min</span><span class="err">:8"</span><span class="p">])</span><span class="w"> </span><span class="n">password_confirmation</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p><em>graphql/schema.graphql</em><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight graphql"><code><span class="err">"A</span><span class="w"> </span><span class="err">datetime</span><span class="w"> </span><span class="err">string</span><span class="w"> </span><span class="err">with</span><span class="w"> </span><span class="err">format</span><span class="w"> </span><span class="err">`Y-m-d</span><span class="w"> </span><span class="err">H:i:s`</span><span class="p">,</span><span class="w"> </span><span class="err">e.g.</span><span class="w"> </span><span class="err">`2018-01-01</span><span class="w"> </span><span class="err">13:00:00`."</span><span class="w"> </span><span class="k">scalar</span><span class="w"> </span><span class="n">DateTime</span><span class="w"> </span><span class="err">@</span><span class="k">scalar</span><span class="err">(</span><span class="n">class</span><span class="err">:</span><span class="w"> </span><span class="err">"Nuwave\\Lighthouse\\Schema\\Types\\Scalars\\DateTime")</span><span class="w"> </span><span class="err">"A</span><span class="w"> </span><span class="err">date</span><span class="w"> </span><span class="err">string</span><span class="w"> </span><span class="err">with</span><span class="w"> </span><span class="err">format</span><span class="w"> </span><span class="err">`Y-m-d`</span><span class="p">,</span><span class="w"> </span><span class="err">e.g.</span><span class="w"> </span><span class="err">`2011-05-23`."</span><span class="w"> </span><span class="k">scalar</span><span class="w"> </span><span class="n">Date</span><span class="w"> </span><span class="err">@</span><span class="k">scalar</span><span class="err">(</span><span class="n">class</span><span class="err">:</span><span class="w"> </span><span class="err">"Nuwave\\Lighthouse\\Schema\\Types\\Scalars\\Date")</span><span class="w"> </span><span class="k">type</span><span class="w"> </span><span class="n">Query</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">users</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="n">User</span><span class="p">!]!</span><span class="w"> </span><span class="err">@</span><span class="n">paginate</span><span class="p">(</span><span class="n">type</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">paginator</span><span class="err">"</span><span class="w"> </span><span class="n">model</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">App</span><span class="err">\\</span><span class="n">User</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">user</span><span class="p">(</span><span class="n">id</span><span class="p">:</span><span class="w"> </span><span class="nb">ID</span><span class="w"> </span><span class="err">@</span><span class="n">eq</span><span class="p">):</span><span class="w"> </span><span class="n">User</span><span class="w"> </span><span class="err">@</span><span class="n">find</span><span class="p">(</span><span class="n">model</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">App</span><span class="err">\\</span><span class="n">User</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">type</span><span class="w"> </span><span class="n">Mutation</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">login</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">LoginInput</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">AuthPayload</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">Login</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">refreshToken</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">RefreshTokenInput</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">RefreshTokenPayload</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">RefreshToken</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">logout</span><span class="p">:</span><span class="w"> </span><span class="n">LogoutResponse</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">Logout</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">forgotPassword</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">ForgotPasswordInput</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">ForgotPasswordResponse</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">ForgotPassword</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">updateForgottenPassword</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">NewPasswordWithCodeInput</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">ForgotPasswordResponse</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">ResetPassword</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">register</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">RegisterInput</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">RegisterResponse</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">Register</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">socialLogin</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">SocialLoginInput</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">AuthPayload</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">SocialLogin</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">verifyEmail</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">VerifyEmailInput</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">AuthPayload</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">VerifyEmail</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="n">updatePassword</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="n">UpdatePassword</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">spread</span><span class="p">):</span><span class="w"> </span><span class="n">UpdatePasswordResponse</span><span class="p">!</span><span class="w"> </span><span class="err">@</span><span class="n">field</span><span class="p">(</span><span class="n">resolver</span><span class="p">:</span><span class="w"> </span><span class="err">"</span><span class="n">Joselfonseca</span><span class="err">\\</span><span class="n">LighthouseGraphQLPassport</span><span class="err">\\</span><span class="n">GraphQL</span><span class="err">\\</span><span class="n">Mutations</span><span class="err">\\</span><span class="n">UpdatePassword</span><span class="err">@</span><span class="n">resolve</span><span class="err">"</span><span class="p">)</span><span class="w"> </span><span class="err">@</span><span class="n">guard</span><span class="p">(</span><span class="n">with</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="err">"</span><span class="n">api</span><span class="err">"</span><span class="p">])</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">type</span><span class="w"> </span><span class="n">User</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">id</span><span class="p">:</span><span class="w"> </span><span class="nb">ID</span><span class="p">!</span><span class="w"> </span><span class="n">name</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="n">email</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!</span><span class="w"> </span><span class="n">created_at</span><span class="p">:</span><span class="w"> </span><span class="n">DateTime</span><span class="p">!</span><span class="w"> </span><span class="n">updated_at</span><span class="p">:</span><span class="w"> </span><span class="n">DateTime</span><span class="p">!</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Lastly we need to install the GraphQL playground we will use to send queries and mutations to our GraphQL server, for that run the following command<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>composer require mll-lab/laravel-graphql-playground </code></pre> </div> <p>This is ready for tenting now!</p> <h2> Testing the auth mutations </h2> <p>Let’s start by running the PHP dev server<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>php artisan serve </code></pre> </div> <p>This will open the port 8000 in our localhost for us to run the project, let’s navigate to <a href="http://127.0.0.1:8000/graphql-playground" rel="noopener noreferrer">http://127.0.0.1:8000/graphql-playground</a> and you should see the playground like this</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fyplz9gpw4y6cvex0y4ey.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fyplz9gpw4y6cvex0y4ey.png" width="800" height="285"></a></p> <p>Now let’s create a user using a simple console command so we can log in using our graphql API. In the routes/console.php file enter<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="nc">Artisan</span><span class="o">::</span><span class="nf">command</span><span class="p">(</span><span class="s1">'user'</span><span class="p">,</span> <span class="k">function</span> <span class="p">()</span> <span class="p">{</span> <span class="nc">\App\User</span><span class="o">::</span><span class="nf">create</span><span class="p">([</span> <span class="s1">'name'</span> <span class="o">=&gt;</span> <span class="s1">'Jose Fonseca'</span><span class="p">,</span> <span class="s1">'email'</span> <span class="o">=&gt;</span> <span class="s1">'myemail@email.com'</span><span class="p">,</span> <span class="s1">'password'</span> <span class="o">=&gt;</span> <span class="nf">bcrypt</span><span class="p">(</span><span class="s1">'123456789qq'</span><span class="p">)</span> <span class="p">]);</span> <span class="p">})</span><span class="o">-&gt;</span><span class="nf">describe</span><span class="p">(</span><span class="s1">'Create sample user'</span><span class="p">);</span> </code></pre> </div> <p>Then run the command in the console<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan user </code></pre> </div> <p>Now that we have a user to test with, lets run the following mutation in the GraphQL Playground<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight graphql"><code><span class="k">mutation</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">login</span><span class="p">(</span><span class="n">input</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">username</span><span class="p">:</span><span class="w"> </span><span class="s2">"myemail@email.com"</span><span class="p">,</span><span class="w"> </span><span class="n">password</span><span class="p">:</span><span class="w"> </span><span class="s2">"123456789qq"</span><span class="w"> </span><span class="p">})</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">access_token</span><span class="w"> </span><span class="n">refresh_token</span><span class="w"> </span><span class="n">expires_in</span><span class="w"> </span><span class="n">token_type</span><span class="w"> </span><span class="n">user</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">id</span><span class="w"> </span><span class="n">email</span><span class="w"> </span><span class="n">name</span><span class="w"> </span><span class="n">created_at</span><span class="w"> </span><span class="n">updated_at</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>This should give you the following response<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"data"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"login"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"access_token"</span><span class="p">:</span><span class="w"> </span><span class="s2">"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6Ijk3NDE3MTI1YjBmNjQyZDNkZDljMDkwOGJiNTM2NDQ5YTYwZWU5ZTQ0ZTBkYzEzY2E5M2FhNGFjODI5ZWRiNzkwMWZhZmY5NzVhZTc5MjRiIn0.eyJhdWQiOiIyIiwianRpIjoiOTc0MTcxMjViMGY2NDJkM2RkOWMwOTA4YmI1MzY0NDlhNjBlZTllNDRlMGRjMTNjYTkzYWE0YWM4MjllZGI3OTAxZmFmZjk3NWFlNzkyNGIiLCJpYXQiOjE1NjE0MDkyMDMsIm5iZiI6MTU2MTQwOTIwMywiZXhwIjoxNTkzMDMxNjAzLCJzdWIiOiIxIiwic2NvcGVzIjpbXX0.CZOpXN0mFHXAQexpA4-FPMOcV-bdZRJD7zUK7guzethg9KUMrALhzgwfQZJv3w74Gnj54aAbdswHBwZEt9DREyEer7Ht0c8108amOllPqb-ydLET1RL1oYCE9H9vvUK0ZafLp09pMrXKot6UcViGOy97KF7YilAvaFfyGxSOmTTZyn0noe9F2ztIOPd3u9XuPuTR5yL-NqHufTTtyJkdQ2xPo03bF4tRfpMXQ5prnIJi4rxmBkpASwMwVraL4lVSZg_9STWMxXWWFdvmXydkNUtQSAftQyHmwMy33OOTxRtFRDN_1Y9wW7U9okVRM-gindkx0o_EB7ekcP1mvHc2PwxwWPMfFxezex98wYX3jTo8y7CN4vDrgUdXqrKkFc6JzwBgn8q_f7c5SzbzxR824h6ujFzSgMaUk_8zKtHX_qgDqaqPVzTebazQ0Pu9PNoYcCkQi5bNldCGuuaMsMxz3H-CWstR4_pAj9_jeKdvC5MA0OkQ30b3RlSmhSqb65LfZEU-y3wG62FKHD49JxBOpPh_Ga8SOQvfOCIL3SzURX9uOvSgcprQqLBYkhJNJC0gobAFgrKHbDhrBVvGH5U4BbIPVX-gnhR44aoyIf8sXFJQkPJJ7-p8HrCqDqjahrlDXsf4DRZGaVJJFhX2VcWAkCcQA2yJ1LSS1XpNU5oL-x4"</span><span class="p">,</span><span class="w"> </span><span class="nl">"refresh_token"</span><span class="p">:</span><span class="w"> </span><span class="s2">"def502004531ba2a174546464239e59c3d07332f8aec44bf95db59ba578bcb58c1986dd494d887c79282daf7379d2959b35816e07245ad237e5fa5e6b3ea1ff19ca0058aa82abc4d0abad427eb045b894c7591e4e248d684ea0c6772011ac1723d3d63805e0e148ec0875277072e39d9ecafcbe55d29b28607dc3ea9f85bdc0ca88aadca41b97e8f061b9b326dc922708f6826aee7e2e3296891e923fd9b5386b4c99d46e9832cb8e191c63bb31394a3dc92a8fc1b907925e9c1888d8b0c4d8c30ea330785dd429623e93979670856fdb5bf80c6c8cac08dc7d040d796e535aa082e241dd38b4ab7a4b0055d554cd85888533c76af594bed20dddcded751bfecd0ffdb741169f204c732cef0e2c49c26ec81de9dd8099b5ab1a481283f70c9685a11ca7018c259688601359722aee0f527c95b8b48062be81d414ce3e10a334d8b5c4f64c25b248c0b76bc40596b99580e38310e7d3a4e82c910276645101d821f"</span><span class="p">,</span><span class="w"> </span><span class="nl">"expires_in"</span><span class="p">:</span><span class="w"> </span><span class="mi">31622400</span><span class="p">,</span><span class="w"> </span><span class="nl">"token_type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Bearer"</span><span class="p">,</span><span class="w"> </span><span class="nl">"user"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"1"</span><span class="p">,</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="w"> </span><span class="s2">"myemail@email.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Jose Fonseca"</span><span class="p">,</span><span class="w"> </span><span class="nl">"created_at"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2019-06-24 20:43:53"</span><span class="p">,</span><span class="w"> </span><span class="nl">"updated_at"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2019-06-24 20:43:53"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>That is IT! you can now use the token in your GraphQL API!</p> <h2> Testing a protected query </h2> <p>Let’s modify the users query to require authentication with passport, for that open the graphql/schema.graphql file and update the users query with the following<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight graphql"><code><span class="err">users:</span><span class="w"> </span><span class="err">[User</span><span class="p">!</span><span class="err">]</span><span class="p">!</span><span class="w"> </span><span class="err">@guard(with:</span><span class="w"> </span><span class="err">["api"])</span><span class="w"> </span><span class="err">@paginate(</span><span class="k">type</span><span class="err">:</span><span class="w"> </span><span class="err">"</span><span class="n">paginator</span><span class="err">"</span><span class="w"> </span><span class="n">model</span><span class="err">:</span><span class="w"> </span><span class="err">"</span><span class="n">App</span><span class="err">\\</span><span class="n">User</span><span class="err">")</span><span class="w"> </span></code></pre> </div> <p>Now try to run the a users query<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight graphql"><code><span class="p">{</span><span class="w"> </span><span class="n">users</span><span class="p">(</span><span class="n">count</span><span class="p">:</span><span class="w"> </span><span class="mi">20</span><span class="p">){</span><span class="w"> </span><span class="n">data</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">id</span><span class="w"> </span><span class="n">email</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>This should give you an authentication error like the following<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"errors"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"debugMessage"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Unauthenticated."</span><span class="p">,</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Internal server error"</span><span class="p">,</span><span class="w"> </span><span class="nl">"extensions"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"category"</span><span class="p">:</span><span class="w"> </span><span class="s2">"internal"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"locations"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"line"</span><span class="p">:</span><span class="w"> </span><span class="mi">2</span><span class="p">,</span><span class="w"> </span><span class="nl">"column"</span><span class="p">:</span><span class="w"> </span><span class="mi">3</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"path"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="s2">"users"</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"trace"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="err">...</span><span class="w"> </span><span class="err">}</span><span class="w"> </span></code></pre> </div> <p>This means the query needs to have the access token in the request. To do that in the GraphQL Playground add the authorization header with the token we generated before</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgoj0hlq8ntrejpjqwf5o.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgoj0hlq8ntrejpjqwf5o.png" width="800" height="881"></a></p> <p>Re run the query and you should have the result just fine!</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fht7ir7w8gdvgkppgp2pv.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fht7ir7w8gdvgkppgp2pv.png" width="800" height="446"></a></p> <p>As you can see the query is protected and you can now use authentication in your GraphQL API.</p> <p>Now go a head and try the rest of the mutations available to like refresh the token or reset a password.</p> <p>If you like this little package please start it in Github and let me know if you run into any issues.</p> <div class="ltag-github-readme-tag"> <div class="readme-overview"> <h2> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fassets.dev.to%2Fassets%2Fgithub-logo-5a155e1f9a670af7944dd5e12375bc76ed542ea80224905ecaf878b9157cdefc.svg" alt="GitHub logo"> <a href="https://github.com/joselfonseca" rel="noopener noreferrer"> joselfonseca </a> / <a href="https://github.com/joselfonseca/lighthouse-graphql-passport-auth" rel="noopener noreferrer"> lighthouse-graphql-passport-auth </a> </h2> <h3> Add GraphQL mutations to get tokens from passport for https://lighthouse-php.com/ </h3> </div> <div class="ltag-github-body"> <div id="readme" class="md"> <div class="markdown-heading"> <h1 class="heading-element">Lighthouse GraphQL Passport Auth (Laravel ^7.0 / Lighthouse ^4.0)</h1> </div> <p><a href="https://packagist.org/packages/joselfonseca/lighthouse-graphql-passport-auth" rel="nofollow noopener noreferrer"><img src="https://camo.githubusercontent.com/a6e029a5f166fc59d13cf5c135340444d481bcb6f3affd1588bf7ce3d5ac38a5/68747470733a2f2f706f7365722e707567782e6f72672f6a6f73656c666f6e736563612f6c69676874686f7573652d6772617068716c2d70617373706f72742d617574682f646f776e6c6f6164732e737667" alt="Total Downloads"></a> <a href="https://styleci.io/repos/166881918" rel="nofollow noopener noreferrer"><img src="https://camo.githubusercontent.com/81d9f3eeb2ac2f7eeca6ad35577bc5fc2c3156858b9fbb9f23663327514eaeab/68747470733a2f2f7374796c6563692e696f2f7265706f732f3136363838313931382f736869656c643f6272616e63683d6d6173746572" alt="StyleCI"></a> <a href="https://packagist.org/packages/laravel/framework" rel="nofollow noopener noreferrer"><img src="https://camo.githubusercontent.com/9e6134f7329b53134f25f5f1d5232f6d4c82fafb01fde3b41e3e1c65af1c9dc5/68747470733a2f2f706f7365722e707567782e6f72672f6c61726176656c2f6672616d65776f726b2f6c6963656e73652e737667" alt="License"></a></p> <p>GraphQL mutations for Laravel Passport using Lighthouse PHP.</p> <div class="markdown-heading"> <h2 class="heading-element">Tutorial</h2> </div> <p>You can see <a href="https://lighthouse-php-auth.com/tutorials/getting-started/" rel="nofollow noopener noreferrer">this tutorial</a> for installation and usage.</p> <div class="markdown-heading"> <h2 class="heading-element">Documentation</h2> </div> <p>Find the detailed documentation in <a href="https://lighthouse-php-auth.com/" rel="nofollow noopener noreferrer">the documentation site</a></p> <div class="markdown-heading"> <h2 class="heading-element">Change log</h2> </div> <p>Please see the releases page <a href="https://github.com/joselfonseca/lighthouse-graphql-passport-auth/releases" rel="noopener noreferrer">https://github.com/joselfonseca/lighthouse-graphql-passport-auth/releases</a></p> <div class="markdown-heading"> <h2 class="heading-element">Tests</h2> </div> <p>To run the test in this package, navigate to the root folder of the project and run</p> <div class="highlight highlight-source-shell notranslate position-relative overflow-auto js-code-highlight"> <pre> composer install</pre> </div> <p>Then</p> <div class="highlight highlight-source-shell notranslate position-relative overflow-auto js-code-highlight"> <pre> vendor/bin/phpunit</pre> </div> <div class="markdown-heading"> <h2 class="heading-element">Contributing</h2> </div> <p>Please see <a href="https://github.com/joselfonseca/lighthouse-graphql-passport-authCONTRIBUTING.md" rel="noopener noreferrer">CONTRIBUTING</a> for details.</p> <div class="markdown-heading"> <h2 class="heading-element">Security</h2> </div> <p>If you discover any security related issues, please email jose at ditecnologia dot com instead of using the issue tracker.</p> <div class="markdown-heading"> <h2 class="heading-element">Credits</h2> </div> <ul> <li><a href="https://github.com/joselfonseca" rel="noopener noreferrer">Jose Luis Fonseca</a></li> <li><a href="https://github.com/joselfonseca/lighthouse-graphql-passport-auth../../contributors" rel="noopener noreferrer">All Contributors</a></li> </ul> <div class="markdown-heading"> <h2 class="heading-element">License</h2> </div> <p>The MIT License (MIT). Please see <a href="https://github.com/joselfonseca/lighthouse-graphql-passport-authlicense.md" rel="noopener noreferrer">License File</a> for more information.</p> </div> </div> <br> <div class="gh-btn-container"><a class="gh-btn" href="https://github.com/joselfonseca/lighthouse-graphql-passport-auth" rel="noopener noreferrer">View on GitHub</a></div> <br> </div> <br> <p>Happy Coding!</p> graphql laravel php