Issue type:

I am submitting:

• an issue
• a feature request

What feature would you like to see added? Please be descriptive.

I would like to see all examples to be written in TypeScript to encourage people to adopt it. It makes a lot of sense to write resolvers in TS since it would help make them more robust and less bug prone.

Would you be able to submit a PR for this yourself?

Yes, I might be able to contribute to some of them.

Hi,
I followed the instructions here to install the email-password template.

Running the example mutation

mutation {
  signupUser(email: "[email protected]", password: "__PASSWORD__") {
    token
  }
}

The following error arises

{
  "data": {
    "signupUser": null
  },
  "errors": [
    {
      "locations": [
        {
          "line": 2,
          "column": 3
        }
      ],
      "path": [
        "signupUser"
      ],
      "code": 5000,
      "message": "A function returned an unhandled error. Please check the logs for executionId 'eu-west-1:simple:cj9tyz5jl08nt0175m45favux'",
      "requestId": "eu-west-1:simple:cj9tyz5jl08nt0175m45favux"
    }
  ]
}

• merge PRs for https://github.com/graphcool/modules/

• transfer files & issues

• adjust folder setup (community vs curated)

• clean up duplicates

• adjust wording in READMEs to templates

• get rid of native modules (for example bcryptjs instead of bcrypt)

The Facebook authentication example asks for email-address permission from the user, but never uses this permission.

Issue type:

I am submitting:

• an issue
• a feature request

What feature would you like to see added? Please be descriptive.

I would like multiple language branches (at least Javascript and Typescript), so people can easily use and contribute to templates in their preferred programming language.

The CLI already supports branches by doing:
graphcool add-template github/templates#typescript/auth/email-password

Would you be able to submit a PR for this yourself?

Yes

Hello!
Help me please. I want to update user password. I copied the schema code and logic according to the instructions. Next I created a pta on the AUTHENTICATION tab.
I call a mutation:

mutation {
 updatePassword(email: "user_email", password: "pass", newPassword: "new_pass") {
    id
 }
}

But I get an error: 'GraphQL error: function execution error: An unexpected error occured.'.

If I do the 'test run':

{
    "data": {
        "email": "user_email",
        "password": "pass",
        "newPassword": "new_pass",
    },
    "context": {
        "projectId": "projectId",
        "pat": "pat",
  },
}

I get an error:

No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://console.graph.cool' is therefore not allowed access. The response had HTTP status code 502. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
fullscreen:1 Uncaught (in promise) TypeError: Failed to fetch

Tell me please, what could be the problem?

doing graphcool add-template email-password

would be much easier and intuitive
instead of
graphcool add-template graphcool/templates/auth/email-password

With all the different authentication implementations, I think it makes sense to move them to a seperate repo.

It would be nice to see some example of calling a mutation in response to a node creation which should create defaults relations, for example, adding a newly created user to a given group, and make sure the response payload could return the freshly created relation

Thanks to @jhalborg for contributing this example: https://gist.github.com/jhalborg/5042201f558034243376cffb55111d85

Would love to see a step-by-step guide for this, so if anyone wants to get their hands dirty, feel free to create a PR 😄 I'd be happy to review it

Issue type:

I am submitting:

• an issue
• a feature request

Issue Questions:

What OS and OS version are you experiencing the issue(s) on?

Applies to any OS / OS Version

What is the expected behavior?

The data passed to functions should be logged conditionally by setting an environment var for example (DEBUG = true)

What is the actual behavior?

When checking the execution logs of the signup function, the password is displayed in plain text if the execution resulted in an error. This also affects the authenticate function.

What steps may we take to reproduce the behavior?

1. Setup a project with email/password auth template
2. Trigger a Email already in use error by trying to signup with an existing email address
3. Check the signup function execution logs: gc logs -f signup

Feature Request
Please upgrade the old email-user-managment for forget password

I am getting an extremely cryptic error when using the signup schema extension in the email auth example. I've copied the code verbatim and created a PAT with the same name 'signupEmailUser', but I receive this odd error when running a simple query in the playground as suggested. Here is my extension which is copy pasted from here

type SignupEmailUserPayload {
  id: ID!
}

extend type Mutation {
  signupEmailUser(email: String!, password: String!): SignupEmailUserPayload
}

and my code which is straight copy pasted from the example here:

const fromEvent = require('graphcool-lib').fromEvent
const bcrypt = require('bcrypt')
const validator = require('validator')
const crypto = require('crypto')

module.exports = function(event) {
  const email = event.data.email
  const password = event.data.password
  const graphcool = fromEvent(event)
  const api = graphcool.api('simple/v1')
  const SALT_ROUNDS = 10

  function getGraphcoolUser(email) {
    return api.request(`
    query {
      User(email: "${email}") {
        id
      }
    }`)
      .then((userQueryResult) => {
        if (userQueryResult.error) {
          return Promise.reject(userQueryResult.error)
        } else {
          return userQueryResult.User
        }
      })
  }

  function generateToken() {
    return crypto.randomBytes(20).toString("hex")
  }

  function generateExpiration() {
    const now = new Date()
    return new Date(now.getTime() + 3600000).toISOString()
  }

  function createGraphcoolUser(email, passwordHash) {
    return api.request(`
      mutation {
        createUser(
          email: "${email}",
          password: "${passwordHash}",
          confirmToken: "${generateToken()}",
          confirmExpires: "${generateExpiration()}"
        ) {
          id
        }
      }`)
      .then((userMutationResult) => {
        return userMutationResult.createUser.id
      })
  }

  if (validator.isEmail(email)) {
    return getGraphcoolUser(email)
      .then((graphcoolUser) => {
        if (graphcoolUser === null) {
          return bcrypt.hash(password, SALT_ROUNDS)
            .then(hash => createGraphcoolUser(email, hash))
        } else {
          return Promise.reject("Email already in use")
        }
      })
      .then((id) => {
        return { data: { id } }
      })
      .catch((error) => {
        console.log(error)

        // don't expose error message to client!
        return { error: 'An unexpected error occured.' }
      })
  } else {
    return { error: "Not a valid email" }
  }
}

Clearly I am getting the line right under // don't expose error message to client! but I have no idea what the console.log is above!!!

My mutation is the following as suggested:

mutation {
  # replace __EMAIL__ and __PASSWORD__
  signupEmailUser(email: "[email protected]", password: "password") {
    id
  }
}

And my error:

{"event":"{\"data\":{\"email\":\"[email protected]\",\"password\":\"password\"},\"context\":{\"request\":{\"sourceIp\":\"[REMOVED]\",\"headers\":{},\"httpMethod\":\"post\"},\"auth\":null,\"sessionCache\":{},\"environment\":{},\"graphcool\":{\"projectId\":\"[REMOVED]\",\"alias\":\"[REMOVED]\",\"pat\":\"[REMOVED]"}}}","logs":["2017-09-29T00:11:23.397Z: {\"response\":{\"0\":\"<\",\"1\":\"h\",\"2\":\"t\",\"3\":\"m\",\"4\":\"l\",\"5\":\">\",\"6\":\"\\r\",\"7\":\"\\n\",\"8\":\"<\",\"9\":\"h\",\"10\":\"e\",\"11\":\"a\",\"12\":\"d\",\"13\":\">\",\"14\":\"<\",\"15\":\"t\",\"16\":\"i\",\"17\":\"t\",\"18\":\"l\",\"19\":\"e\",\"20\":\">\",\"21\":\"5\",\"22\":\"0\",\"23\":\"3\",\"24\":\" \",\"25\":\"S\",\"26\":\"e\",\"27\":\"r\",\"28\":\"v\",\"29\":\"i\",\"30\":\"c\",\"31\":\"e\",\"32\":\" \",\"33\":\"T\",\"34\":\"e\",\"35\":\"m\",\"36\":\"p\",\"37\":\"o\",\"38\":\"r\",\"39\":\"a\",\"40\":\"r\",\"41\":\"i\",\"42\":\"l\",\"43\":\"y\",\"44\":\" \",\"45\":\"U\",\"46\":\"n\",\"47\":\"a\",\"48\":\"v\",\"49\":\"a\",\"50\":\"i\",\"51\":\"l\",\"52\":\"a\",\"53\":\"b\",\"54\":\"l\",\"55\":\"e\",\"56\":\"<\",\"57\":\"/\",\"58\":\"t\",\"59\":\"i\",\"60\":\"t\",\"61\":\"l\",\"62\":\"e\",\"63\":\">\",\"64\":\"<\",\"65\":\"/\",\"66\":\"h\",\"67\":\"e\",\"68\":\"a\",\"69\":\"d\",\"70\":\">\",\"71\":\"\\r\",\"72\":\"\\n\",\"73\":\"<\",\"74\":\"b\",\"75\":\"o\",\"76\":\"d\",\"77\":\"y\",\"78\":\" \",\"79\":\"b\",\"80\":\"g\",\"81\":\"c\",\"82\":\"o\",\"83\":\"l\",\"84\":\"o\",\"85\":\"r\",\"86\":\"=\",\"87\":\"\\\"\",\"88\":\"w\",\"89\":\"h\",\"90\":\"i\",\"91\":\"t\",\"92\":\"e\",\"93\":\"\\\"\",\"94\":\">\",\"95\":\"\\r\",\"96\":\"\\n\",\"97\":\"<\",\"98\":\"c\",\"99\":\"e\",\"100\":\"n\",\"101\":\"t\",\"102\":\"e\",\"103\":\"r\",\"104\":\">\",\"105\":\"<\",\"106\":\"h\",\"107\":\"1\",\"108\":\">\",\"109\":\"5\",\"110\":\"0\",\"111\":\"3\",\"112\":\" \",\"113\":\"S\",\"114\":\"e\",\"115\":\"r\",\"116\":\"v\",\"117\":\"i\",\"118\":\"c\",\"119\":\"e\",\"120\":\" \",\"121\":\"T\",\"122\":\"e\",\"123\":\"m\",\"124\":\"p\",\"125\":\"o\",\"126\":\"r\",\"127\":\"a\",\"128\":\"r\",\"129\":\"i\",\"130\":\"l\",\"131\":\"y\",\"132\":\" \",\"133\":\"U\",\"134\":\"n\",\"135\":\"a\",\"136\":\"v\",\"137\":\"a\",\"138\":\"i\",\"139\":\"l\",\"140\":\"a\",\"141\":\"b\",\"142\":\"l\",\"143\":\"e\",\"144\":\"<\",\"145\":\"/\",\"146\":\"h\",\"147\":\"1\",\"148\":\">\",\"149\":\"<\",\"150\":\"/\",\"151\":\"c\",\"152\":\"e\",\"153\":\"n\",\"154\":\"t\",\"155\":\"e\",\"156\":\"r\",\"157\":\">\",\"158\":\"\\r\",\"159\":\"\\n\",\"160\":\"<\",\"161\":\"/\",\"162\":\"b\",\"163\":\"o\",\"164\":\"d\",\"165\":\"y\",\"166\":\">\",\"167\":\"\\r\",\"168\":\"\\n\",\"169\":\"<\",\"170\":\"/\",\"171\":\"h\",\"172\":\"t\",\"173\":\"m\",\"174\":\"l\",\"175\":\">\",\"176\":\"\\r\",\"177\":\"\\n\",\"status\":503},\"request\":{\"query\":\"\\n    query {\\n      User(email: \\\"[email protected]\\\") {\\n        id\\n      }\\n    }\"}}"],"returnValue":{"error":"An unexpected error occured."}}

What does the above mean? :(

Based on the input from @FredyC here: https://github.com/graphcool/feature-requests/issues/192#issuecomment-325189456

Issue type:

I am submitting:

• an issue
• a feature request

Feature Request Questions:

What feature would you like to see added? Please be descriptive.

Auth-teamplates for Linkedin and Twitter.

Would you be able to submit a PR for this yourself?

yes

progress see #97

see auth/email-password/src/signup.ts

• firebase template @nikolasburk
• update README.md of auth templates @nikolasburk

• github auth template
• facebook, google, email-password
• update all messaging modules to ts + README @marktani

mutation {
        createUser(
          accountKitUserId:"${accountKitUser.id}"
        ){
          id
        }
      }

this mutation is not valid in case if ‘Email-password auth’ integration is enabled - the ‘authProvider’ field is required.

• auth/email-password
• misc/fixer-wrapper

https://github.com/graphcool-examples/functions/blob/master/auth0-authentication/README.md#variant-2-setup-the-authentication-function-with-webtaskio

If you have a package.json available in the folder where your Javascript file is located, webtask will deploy any module in it when you wt create a webtask. So you can use any npm module, just add it to package.json.

Issue type:

I am submitting:

• an issue

Issue Questions:

What OS and OS version are you experiencing the issue(s) on?

Deployed from windows. (graphcool/0.8.5 (windows-x64) node-v7.6.)

What is the expected behavior?

Function should return token.

What is the actual behavior?

Function returning error (in logs) for googleAuthentication:

{"error":"Function returned invalid status code: 0. Raw body: empty.last"}

What steps may we take to reproduce the behavior?

Install graphcool add-template graphcool/templates/auth/google, deploy and use in GraphQL console with google token.

mutation {
	authenticateGoogleUser(googleToken:
"correct_token...") {
    token
  }  
}

I got feeling that it's some issue with using async/await, cause similar, or same issue I've got with example hello world (TypeScript) example deployed to graphcool service

I'm getting this issue like this, Error: Argument 'emailSubscription' expected type 'Boolean' but got: "true".

function createGraphcoolUser(email, passwordHash, name, emailSubscription) {
    return api.request(`
        mutation {
            createUser(
                email: "${email}",
                password: "${passwordHash}",
		name: "${name}",
		emailSubscription: "${emailSubscription}"
            ) {
          id
        }
        }`).then((userMutationResult) => {
            return userMutationResult.createUser.id
        }
    )
}

Everything looks right and field data type boolean.

Issue type:

I am submitting:

• [ X ] an issue

Issue Questions:

What OS and OS version are you experiencing the issue(s) on?

[email protected], [email protected], [email protected].

What is the actual behavior?

Authentication fails with app-side error: "[Error: GraphQL error: function execution error: An unexpected error occured]".

In graphcool function log we can see:

{"event":"{"data":{"accessToken":"[redacted]"},"context":{"request":{"sourceIp":"54.199.218.174","headers":{},"httpMethod":"post"},"auth":null,"sessionCache":{},"environment":{},"graphcool":{"rootToken":"[redacted]","endpoints":{"simple":"https://api.graph.cool/simple/v1/cj9q9rwxnc7z80136mm3gr6wq\",\"relay\":\"https://api.graph.cool/relay/v1/cj9q9rwxnc7z80136mm3gr6wq\",\"system\":\"https://api.graph.cool/system\",\"subscriptions\":\"wss://subscriptions.us-west-2.graph.cool/v1/cj9q9rwxnc7z80136mm3gr6wq\"},\"projectId\":\"cj9q9rwxnc7z80136mm3gr6wq\",\"alias\":null,\"pat\":\"[redacted]",\"serviceId\":\"cj9q9rwxnc7z80136mm3gr6wq\"}}}","logs":[{"2017-11-13T03:41:39.682Z":"Error: Unable to retrieve key identifier from token\n at /var/task/src/auth0/auth0Authentication.js:49:19\n at verifyToken (/var/task/src/auth0/auth0Authentication.js:45:12)\n at Object. (/var/task/src/auth0/auth0Authentication.js:104:38)\n at step (/var/task/src/auth0/auth0Authentication.js:32:23)\n at Object.next (/var/task/src/auth0/auth0Authentication.js:13:53)\n at /var/task/src/auth0/auth0Authentication.js:7:71\n at __awaiter (/var/task/src/auth0/auth0Authentication.js:3:12)\n at exports.default (/var/task/src/auth0/auth0Authentication.js:94:45)\n at executeFunction (/var/task/src/auth0/auth0Authentication-lambda.js:12:19)\n at exports.handle (/var/task/src/auth0/auth0Authentication-lambda.js:7:3)"}],"returnValue":{"error":"An unexpected error occured"}}

What steps may we take to reproduce the behavior?

Setup react-native-auth0 as per: https://github.com/auth0/react-native-auth0, using webAuth.

Follow steps in: https://github.com/graphcool/templates/tree/master/auth/auth0. Then change auth0 client type to "Native" and enable the "Authorization Code" grant type.

Then try sign-up/login using Facebook/Google/email. Error is same for each case.

See https://github.com/graphcool/templates/tree/master/outdated/auth/auth0-authentication for an outdated version.

I'd be happy to help you getting started if you want to contribute an Auth0 template, please contact me in Slack 🙂

I followed the steps in the README and I can get it working, but I'm just wondering if anyone has an example of this working via an SPA without Lock.

I am wanting to use auth0-js to roll my own custom login screen instead of requiring the use of Lock on the Auth0 website.

I'm referring to the example here:
https://github.com/graphcool/templates/tree/master/auth/auth0/example

Sorry if this is the wrong place for this. Thanks.

Documentation says: You can only transform arguments that are part of the initial input data of the mutation on the client. You cannot add or remove additional fields.

Yet, the function will add multiple fields to a mutation that only contains two input fields. Does this actually work?

Getting the following error, am unable to create an SSS function.

Currently, utility functions are not supported very well in the current templates. I'm proposing (and will implement in a PR if I receive enough upvotes), a bunch of functions for common tasks.

• Password hashing/salting/encryption
• Email verification (checks to see if the email is valid; if not, reformats the email)
• Slug verification (similar as above)
• Phone number verification (similar as above)

That's enough to get started with, for now. I'd love to hear other general utility functions that you see a use-case for.

Please only vote on this issue. Do not spam with a million comments. To make it easier, I have voted with a thumbs up and a thumbs down. Please keep comments to other features and questions so that we can be more productive.

Also, happy Thanksgiving everyone!

As more people contribute and the repo grows larger, I could see a lot of inconsistency arising. To prevent that and to make sure we all write the same "standards" in our code, should we lint?

The example in the template fails. After adding the json: true flag, it works properly. This line should be changed to:

jwt.decode(token, {complete: true, json: true})

https://github.com/graphcool/templates/blob/4515dcd930743c436248c053624fc74dd949a0d5/auth/auth0/src/auth0Authentication.js#L10

I'm getting this issue at authenticateEmailUser.js

GraphQL error: function execution error: Error: Graphcool must be instantiated with a pat when calling 'generateAuthToken': new Graphcool('project-id', {pat: 'pat'})

Just putting this out here in case anyone else is considering this. Authy/twilio offers standard flows for phone number verification, one time codes, and some other APIs (phone intelligence etc.). It would be nice to have a standard SE implementation of these APIs in this repo.

Currently following the steps for sms auth

When I get to the following step it fails

Create a new Schema Extension Function called confirmUserSmsToken and paste the schema from confirm-code-schema-extension.graphql and code from sms-authentication.js.

This is the error that pops up

Function with name 'confirmUserSmsToken' has invalid payloadName: 'AuthenticateSmsUserPayload'

Hi, great work on the geocode function. More of a question than issue....
I am a newb to coding and Graph.cool so hopefully you could help out.
When running that function the data in the array result may change positions...
For instance an address that has a "neighborhood" type will shift the "locality" to [3],
where as an address without a "neighborhood" type "locality" lives in the [2] position.
Using static data I reworked some things from other questions on SO....to return values by type.
My question is how would I implement the comparison function into your code?
Thanks in advance for any help on this!

function getMatchedTypes() {
  let i,
      j,
      types;
  let address_component = {}
  // Loop through the Geocoder result set. Note that the results
// array will change as this loop can self iterate.
  for (i = 0; i < address_components.length; i++) {

    address_component = address_components[i];

    types = address_component.types;

    for (j = 0; j < types.length; j++) {
      if (types[j] === 'street_number') {
        streetNumber = address_component.long_name;
      }
      if (types[j] === 'route') {
        street = address_component.long_name;
      }
      if (types[j] === 'neighborhood') {
        neighborhood = address_component.long_name;
      }
      if (types[j] === 'locality') {
        city = address_component.long_name;
      }
      if (types[j] === 'administrative_area_level_1') {
        state = address_component.long_name;
      }
      if (types[j] === 'administrative_area_level_2') {
        county = address_component.long_name;
      }
      if (types[j] === 'postal_code') {
        zip = address_component.long_name;
      }
      if (types[j] === 'postal_code_suffix') {
        zip = address_component.long_name;
      }
      break;
    }
    // console.log(address_component);

  }
  const geoLocation = {
    // The Lat/Lng values are defined from response "formatted address object" - uncomment live
    // lat: location.lat,
    // lng: location.lng,
    street: `${streetNumber} ${street}`,
    city,
    neighborhood,
    county,
    state,
    zip
  }
  console.log(geoLocation);

}


getMatchedTypes(address_components);

I'm getting a new password update issue,

"Unknown argument 'password' on field 'updateUser' of type 'Mutation'."

In this file "passwordReset"...

Does the Cloudinary example store the image twice - once in the graphcool File type, and then a second time on the Cloudinary server? Thanks !

It would be great if it was easy to combine multiple custom authentication methods into one project. For this, it's necessary to unify the implementations, to make sure none of them use the same query or mutation names, or the same fields in the User Type, etc.

With the help of @kbrandwijk (thank you!), I've got a much more robust slug function that seems to be working well and handling every case (that I've thought of yet).

1. It takes a title value from a new record, slugifies it (using slugs, rather than regex. Handles far more inputs - unicode, other language characters, etc.))
2. then queries for a slug with the same value. If one exists, it appends -n+1 to the end. (e.g. title-of-post-1, title-of-post-2

I feel like this could be implemented as a schema extension as well, although I'm fairly new to that, so may be wrong.

It also needs to be adjusted heavily based on the particular project schema and naming etc.

'use latest';

const { GraphQLClient } = require('graphql-request')
const slugify = require('slugs')

const client = new GraphQLClient('__ENDPOINT__', {
  headers: {
    Authorization: 'Bearer __PAT-TOKEN__',
  }
})

module.exports = function (event) {
  // This query returns only the highest numbered slug (which could be the
  // only existing slug that may not have a trailing integer
  const query = `
    query($slug: String!) {
      allJobs(filter: {
        slug_starts_with: $slug
      }
      orderBy: slug_DESC
        first: 1
      ) {
        slug
      }
    }
  `

  const variables = {
    // Uses slugs to create slug - https://www.npmjs.com/package/slug
    slug: slugify(event.data.title)
  }

  return new Promise((resolve, reject) => {
    client.request(query, variables)
    .then(data => {
      let slug = variables.slug
      // If nothing comes back in the query, the slug doesn't already exist
      if (data.allJobs.length === 0) {
        const response = Object.assign({}, event.data, {slug})
        resolve({ data: response })
      } else {
        // Check the length of the returned result with the new slug to determine if there is
        // a trailing integer. If there isn't, use -2 or else create the next one.
        if (data.allJobs[0].slug.split('-').length === slug.split('-').length) {
         	slug = `${slug}-2`
        } else {
        	slug = `${slug}-${parseInt(data.allJobs[0].slug.split('-').pop()) + 1}`  
        }
        const response = Object.assign({}, event.data, {slug})
        resolve({ data: response })
      }
    })
    .catch(error => {
      console.log(error)
      reject(error)
    })
  })
}

I'm putting this in as an issue to look for guidance on whether this is worth writing up an including in these function examples. And should it be a Schema extension rather than a transform function?

Currently following the steps for phone auth

When I get to this step it fails

Create a new Schema Extension Function called confirmUserSmsToken and paste the schema from confirm-code-schema-extension.graphql and code from sms-authentication.js.

This is the error that pops up

Function with name 'confirmUserSmsToken' has invalid payloadName: 'AuthenticateSmsUserPayload'

https://developers.facebook.com/docs/delegated-recovery/guide

for example, https://github.com/graphcool-examples/functions/blob/master/authentication/email-user-management/functions/authenticate/authenticate.js#L51 shouldn't be returned to the user.

I just want to put this out here in case anyone else is also considering the same approach. The idea is that you would set up a SSS, and send the data as a Push notification.

So it would basically behave as a client side subscription, but instead of getting the results over an active wss connection, you would get the results as push notification, for when your app is not running.

Based on: https://developers.google.com/web/fundamentals/getting-started/codelabs/push-notifications/ (client-side) and https://github.com/web-push-libs/web-push (SSS-side) for browser, and similar platforms for mobile push notifications (for example: AWS SNS).

https://github.com/TravisSperry/webtask-slack-example/blob/master/webtask-slack.js

• next steps
• permission setup