feat: guest + user permissions

server/graph/resolvers/authentication.js

@@ -70,6 +70,13 @@ module.exports = {
     },
     async updateStrategies(obj, args, context) {
       try {
+        WIKI.config.auth = {
+          audience: _.get(args, 'config.audience', WIKI.config.auth.audience),
+          tokenExpiration: _.get(args, 'config.tokenExpiration', WIKI.config.auth.tokenExpiration),
+          tokenRenewal: _.get(args, 'config.tokenRenewal', WIKI.config.auth.tokenRenewal)
+        }
+        await WIKI.configSvc.saveToDb(['auth'])
+
         for (let str of args.strategies) {
           await WIKI.models.authentication.query().patch({
             isEnabled: str.isEnabled,

server/graph/schemas/authentication.graphql

@@ -43,7 +43,8 @@ type AuthenticationMutation {
   ): AuthenticationRegisterResponse
 
   updateStrategies(
-    strategies: [AuthenticationStrategyInput]
+    strategies: [AuthenticationStrategyInput]!
+    config: AuthenticationConfigInput
   ): DefaultResponse @auth(requires: ["manage:system"])
 }
 
@@ -88,3 +89,9 @@ input AuthenticationStrategyInput {
   domainWhitelist: [String]!
   autoEnrollGroups: [Int]!
 }
+
+input AuthenticationConfigInput {
+  audience: String!
+  tokenExpiration: String!
+  tokenRenewal: String!
+}