removed username as a parameter to refresh token

Author: EricKit

README.md

@@ -250,7 +250,7 @@ query user {
 
 ```graphql
 query refreshToken {
-  refreshToken(username: "username")
+  refreshToken
 }
 ```
 

src/auth/auth.resolvers.ts

@@ -1,11 +1,12 @@
-import { Resolver, Args, Query } from '@nestjs/graphql';
+import { Resolver, Args, Query, Context } from '@nestjs/graphql';
 import { LoginUserInput, LoginResult } from '../graphql.classes';
 import { AuthService } from './auth.service';
 import { AuthenticationError } from 'apollo-server-core';
 import { JwtAuthGuard } from './guards/jwt-auth.guard';
 import { UseGuards } from '@nestjs/common';
 import { UsernameEmailGuard } from './guards/username-email.guard';
 import { UsersService } from '../users/users.service';
+import { UserDocument } from '../users/schemas/user.schema';
 
 @Resolver('Auth')
 export class AuthResolver {
@@ -25,9 +26,9 @@ export class AuthResolver {
 
   // There is no username guard here because if the person has the token, they can be any user
   @Query('refreshToken')
-  @UseGuards(JwtAuthGuard, UsernameEmailGuard)
-  async refreshToken(@Args('username') username: string): Promise<string> {
-    const user = await this.usersService.findOneByUsername(username);
+  @UseGuards(JwtAuthGuard)
+  async refreshToken(@Context('req') request: any): Promise<string> {
+    const user: UserDocument = request.user;
     if (!user)
       throw new AuthenticationError(
         'Could not log-in with the provided credentials',

src/auth/auth.types.graphql

@@ -1,6 +1,6 @@
 type Query {
   login(user: LoginUserInput!): LoginResult!
-  refreshToken(username: String!): String!
+  refreshToken: String!
 }
 
 type LoginResult {

src/graphql.classes.ts

@@ -44,7 +44,7 @@ export abstract class IMutation {
 export abstract class IQuery {
     abstract login(user: LoginUserInput): LoginResult | Promise<LoginResult>;
 
-    abstract refreshToken(username: string): string | Promise<string>;
+    abstract refreshToken(): string | Promise<string>;
 
     abstract users(): User[] | Promise<User[]>;
 

test/users.e2e-spec.ts

@@ -203,9 +203,9 @@ describe('Users (e2e)', () => {
   });
 
   describe('refresh token', () => {
-    it('works with username', async () => {
+    it('works', async () => {
       const data = {
-        query: `{refreshToken(username: "uSer1")}`,
+        query: `{refreshToken}`,
       };
 
       await new Promise(resolve => {
@@ -231,41 +231,9 @@ describe('Users (e2e)', () => {
         });
     });
 
-    it('fails for admin on another user', () => {
-      const data = {
-        query: `{refreshToken(username: "user1")}`,
-      };
-      return request(app.getHttpServer())
-        .post('/graphql')
-        .set('Authorization', `Bearer ${adminLogin.token}`)
-        .send(data)
-        .expect(200)
-        .expect(response => {
-          expect(response.body.errors[0].extensions.code).toEqual(
-            'UNAUTHENTICATED',
-          );
-        });
-    });
-
-    it('fails with wrong username', () => {
-      const data = {
-        query: `{refreshToken(username: "uSer10")}`,
-      };
-      return request(app.getHttpServer())
-        .post('/graphql')
-        .set('Authorization', `Bearer ${user1Login.token}`)
-        .send(data)
-        .expect(200)
-        .expect(response => {
-          expect(response.body.errors[0].extensions.code).toEqual(
-            'UNAUTHENTICATED',
-          );
-        });
-    });
-
     it('fails for disabled user', () => {
       const data = {
-        query: `{refreshToken(username: "disabledUser")}`,
+        query: `{refreshToken}`,
       };
       return request(app.getHttpServer())
         .post('/graphql')
@@ -281,7 +249,7 @@ describe('Users (e2e)', () => {
 
     it('fails for disabled admin', () => {
       const data = {
-        query: `{refreshToken(username: "disabledAdmin")}`,
+        query: `{refreshToken}`,
       };
       return request(app.getHttpServer())
         .post('/graphql')
@@ -295,25 +263,9 @@ describe('Users (e2e)', () => {
         });
     });
 
-    it('fails with wrong token', () => {
-      const data = {
-        query: `{refreshToken(username: "user2")}`,
-      };
-      return request(app.getHttpServer())
-        .post('/graphql')
-        .set('Authorization', `Bearer ${user1Login.token}`)
-        .send(data)
-        .expect(200)
-        .expect(response => {
-          expect(response.body.errors[0].extensions.code).toEqual(
-            'UNAUTHENTICATED',
-          );
-        });
-    });
-
-    it('fails with wrong no token', () => {
+    it('fails with no token', () => {
       const data = {
-        query: `{refreshToken(username: "user1")}`,
+        query: `{refreshToken}`,
       };
       return request(app.getHttpServer())
         .post('/graphql')
@@ -328,7 +280,7 @@ describe('Users (e2e)', () => {
 
     it('fails with mispelled token', () => {
       const data = {
-        query: `{refreshToken(username: "user1")}`,
+        query: `{refreshToken}`,
       };
       return request(app.getHttpServer())
         .post('/graphql')
@@ -456,7 +408,7 @@ describe('Users (e2e)', () => {
         });
     });
 
-    it('fails with wrong no token', () => {
+    it('fails with no token', () => {
       const data = {
         query: `{user(username:"user10"){username}}`,
       };