wikijs-fork/server/graph/schemas/authentication.graphql
Nicolas Giard c009cc1392
feat: new login experience (#2139)
* feat: multiple auth instances

* fix: auth setup + strategy initialization

* feat: admin auth - add strategy

* feat: redirect on login - group setting

* feat: oauth2 generic - props definitions

* feat: new login UI (wip)

* feat: new login UI (wip)

* feat: admin security login settings

* feat: tabset editor indicators + print view improvements

* fix: code styling
2020-07-03 19:36:33 -04:00

143 lines
3.4 KiB
GraphQL

# ===============================================
# AUTHENTICATION
# ===============================================
extend type Query {
authentication: AuthenticationQuery
}
extend type Mutation {
authentication: AuthenticationMutation
}
# -----------------------------------------------
# QUERIES
# -----------------------------------------------
type AuthenticationQuery {
apiKeys: [AuthenticationApiKey] @auth(requires: ["manage:system", "manage:api"])
apiState: Boolean! @auth(requires: ["manage:system", "manage:api"])
strategies: [AuthenticationStrategy] @auth(requires: ["manage:system"])
activeStrategies: [AuthenticationActiveStrategy]
}
# -----------------------------------------------
# MUTATIONS
# -----------------------------------------------
type AuthenticationMutation {
createApiKey(
name: String!
expiration: String!
fullAccess: Boolean!
group: Int
): AuthenticationCreateApiKeyResponse @auth(requires: ["manage:system", "manage:api"])
login(
username: String!
password: String!
strategy: String!
): AuthenticationLoginResponse @rateLimit(limit: 5, duration: 60)
loginTFA(
continuationToken: String!
securityCode: String!
): AuthenticationLoginResponse @rateLimit(limit: 5, duration: 60)
loginChangePassword(
continuationToken: String!
newPassword: String!
): AuthenticationLoginResponse @rateLimit(limit: 5, duration: 60)
register(
email: String!
password: String!
name: String!
): AuthenticationRegisterResponse
revokeApiKey(
id: Int!
): DefaultResponse @auth(requires: ["manage:system", "manage:api"])
setApiState(
enabled: Boolean!
): DefaultResponse @auth(requires: ["manage:system", "manage:api"])
updateStrategies(
strategies: [AuthenticationStrategyInput]!
): DefaultResponse @auth(requires: ["manage:system"])
regenerateCertificates: DefaultResponse @auth(requires: ["manage:system"])
resetGuestUser: DefaultResponse @auth(requires: ["manage:system"])
}
# -----------------------------------------------
# TYPES
# -----------------------------------------------
type AuthenticationStrategy {
key: String!
props: [KeyValuePair] @auth(requires: ["manage:system"])
title: String!
description: String
isAvailable: Boolean
useForm: Boolean!
logo: String
color: String
website: String
icon: String
}
type AuthenticationActiveStrategy {
key: String!
strategy: AuthenticationStrategy!
displayName: String!
order: Int!
config: [KeyValuePair] @auth(requires: ["manage:system"])
selfRegistration: Boolean!
domainWhitelist: [String]! @auth(requires: ["manage:system"])
autoEnrollGroups: [Int]! @auth(requires: ["manage:system"])
}
type AuthenticationLoginResponse {
responseResult: ResponseStatus
jwt: String
mustChangePwd: Boolean
mustProvideTFA: Boolean
continuationToken: String
}
type AuthenticationRegisterResponse {
responseResult: ResponseStatus
jwt: String
}
input AuthenticationStrategyInput {
key: String!
strategyKey: String!
config: [KeyValuePairInput]
displayName: String!
order: Int!
selfRegistration: Boolean!
domainWhitelist: [String]!
autoEnrollGroups: [Int]!
}
type AuthenticationApiKey {
id: Int!
name: String!
keyShort: String!
expiration: Date!
createdAt: Date!
updatedAt: Date!
isRevoked: Boolean!
}
type AuthenticationCreateApiKeyResponse {
responseResult: ResponseStatus
key: String
}