graphql_devise icon indicating copy to clipboard operation
graphql_devise copied to clipboard

Published 20 hours ago verified publisher icon graphql-devise

Configurable error messages

Open TomasBarry opened this issue 3 years ago • 3 comments

What is the problem the enhancement will solve?

When a token has expired, the error message returned is x field requires authentication. It would be great to be able to customise the error message and differentiate between the token being expired due to it having exceeded the lifespan, or whether it is invalidated due to previous usage.

Describe the solution you have in mind

Configurable error messages in general.

Describe alternatives you've considered

Writing custom logic in the controller to test the different scenarios and overload the response.

This seems a bit flakey though if the API of this gem were to change.

TomasBarry avatar Jun 17 '21 08:06 TomasBarry

Hi @TomasBarry , have you checked if the message you are trying to customize is among the translations file? If so, you can overwrite it on your project.

00dav00 avatar Jun 17 '21 13:06 00dav00

Hey @TomasBarry! You can actually already customize this message if you are using the SchemaPlugin. Take a look at this lambda which is the default https://github.com/graphql-devise/graphql_devise/blob/adf4e742633e2b61e3d29bf09a26d56ef0d6aec8/lib/graphql_devise/schema_plugin.rb#L7

You can initialize your SchemaPlugin with the unauthenticated_proc argument. Here you can pass any proc (actually any callable object) and the gem will call that proc with the field name where authentication failed as the only argument. Our default proc raises https://github.com/graphql-devise/graphql_devise/blob/adf4e742633e2b61e3d29bf09a26d56ef0d6aec8/lib/graphql_devise/errors/authentication_error.rb#L4 that extends inherits from GraphQL::ExecutionError so an error is placed in the top level errors of the GQL response.

So, to be clear, you could do

class DummySchema < GraphQL::Schema
  use GraphqlDevise::SchemaPlugin.new(
    query:                Types::QueryType,
    mutation:             Types::MutationType,
    unauthenticated_proc: ->(field_name) { raise GraphqlDevise::AuthenticationError, "Custom error message for #{field_name}" }
  )
end

Now that I'm done writing, I realize this is not what you asked 🤣

Currently I don't see a way to differentiate why authentication failed (expiration, invalid, etc). I'll take a look and see if there's something we can do to customize that, but I'm thinking that if anything, it might have to happen at the controller level and not the GQL schema as we moved away from authenticating inside the schema.

mcelicalderon avatar Jun 22 '21 20:06 mcelicalderon

@mcelicalderon you're spot on.

TomasBarry avatar Jun 28 '21 13:06 TomasBarry