Skip to content

W
wiki-js
Switch branch/tag
Find file
BlameHistoryPermalink
authentication.graphql 2.16 KB
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 
# ===============================================
# AUTHENTICATION
# ===============================================

extend type Query {
  authentication: AuthenticationQuery
}

extend type Mutation {
  authentication: AuthenticationMutation
}

# -----------------------------------------------
# QUERIES
# -----------------------------------------------

type AuthenticationQuery {
  strategies(
    isEnabled: Boolean
  ): [AuthenticationStrategy]
}

# -----------------------------------------------
# MUTATIONS
# -----------------------------------------------

type AuthenticationMutation {
  login(
    username: String!
    password: String!
    strategy: String!
  ): AuthenticationLoginResponse @rateLimit(limit: 5, duration: 60)

  loginTFA(
    loginToken: String!
    securityCode: String!
  ): DefaultResponse @rateLimit(limit: 5, duration: 60)

  register(
    email: String!
    password: String!
    name: String!
  ): AuthenticationRegisterResponse

  updateStrategies(
    strategies: [AuthenticationStrategyInput]!
    config: AuthenticationConfigInput
  ): DefaultResponse @auth(requires: ["manage:system"])
}

# -----------------------------------------------
# TYPES
# -----------------------------------------------

type AuthenticationStrategy {
  isEnabled: Boolean!
  key: String!
  props: [String]
  title: String!
  description: String
  isAvailable: Boolean
  useForm: Boolean!
  logo: String
  color: String
  website: String
  icon: String
  config: [KeyValuePair] @auth(requires: ["manage:system"])
  selfRegistration: Boolean!
  domainWhitelist: [String]! @auth(requires: ["manage:system"])
  autoEnrollGroups: [Int]! @auth(requires: ["manage:system"])
}

type AuthenticationLoginResponse {
  responseResult: ResponseStatus
  jwt: String
  tfaRequired: Boolean
  tfaLoginToken: String
}

type AuthenticationRegisterResponse {
  responseResult: ResponseStatus
  jwt: String
}

input AuthenticationStrategyInput {
  isEnabled: Boolean!
  key: String!
  config: [KeyValuePairInput]
  selfRegistration: Boolean!
  domainWhitelist: [String]!
  autoEnrollGroups: [Int]!
}

input AuthenticationConfigInput {
  audience: String!
  tokenExpiration: String!
  tokenRenewal: String!
}