feat: Initial user switching mutations

wp-content/themes/ccat/includes/graphql/user-switching.php

@@ -0,0 +1,103 @@
+<?php
+
+// Register userSwitchTo mutation
+add_action( 'graphql_register_types', 'ccat_graphql_register_user_switch_to' );
+function ccat_graphql_register_user_switch_to() {
+	register_graphql_mutation(
+		'userSwitchTo',
+		array(
+			'inputFields'         => array(
+				'userId' => array(
+					'type'        => 'ID',
+					'description' => esc_html__( 'The ID of the user to switch to', 'ccat' ),
+				),
+			),
+			'outputFields'        => array(
+				'authToken'    => array(
+					'type'        => 'String',
+					'description' => esc_html__( 'JWT Token for the target user', 'ccat' ),
+				),
+				'refreshToken' => array(
+					'type'        => 'String',
+					'description' => esc_html__( 'JWT Refresh Token for the target user', 'ccat' ),
+				),
+				'user'         => array(
+					'type'        => 'User',
+					'description' => esc_html__( 'The target user object', 'ccat' ),
+				),
+			),
+			'mutateAndGetPayload' => 'ccat_graphql_switch_to_mutation',
+		)
+	);
+}
+
+// Callback for userSwitchTo mutation
+function ccat_graphql_switch_to_mutation( $input ) {
+	if ( ! is_user_logged_in() || ! current_user_can( 'manage_options' ) ) {
+		throw new \GraphQL\Error\UserError( esc_html__( 'Insufficient permissions', 'ccat' ) );
+	}
+	$user_id         = absint( $input['userId'] );
+	$current_user_id = get_current_user_id();
+	if ( $user_id === $current_user_id ) {
+		throw new \GraphQL\Error\UserError( esc_html__( 'Cannot switch to yourself', 'ccat' ) );
+	}
+	$target_user = get_user_by( 'ID', $user_id );
+	if ( ! $target_user ) {
+		throw new \GraphQL\Error\UserError( esc_html__( 'User not found', 'ccat' ) );
+	}
+	$secret_key         = defined( 'GRAPHQL_JWT_AUTH_SECRET_KEY' ) ? GRAPHQL_JWT_AUTH_SECRET_KEY : wp_salt();
+	$issued_at          = time();
+	$expire             = $issued_at + ( DAY_IN_SECONDS * 7 );
+	$token_data         = array(
+		'iss'  => get_bloginfo( 'url' ),
+		'iat'  => $issued_at,
+		'nbf'  => $issued_at,
+		'exp'  => $expire,
+		'data' => array(
+			'user'        => array(
+				'id' => $target_user->ID,
+			),
+			'switched_by' => $current_user_id,
+		),
+	);
+	$auth_token         = \Firebase\JWT\JWT::encode( $token_data, $secret_key, 'HS256' );
+	$refresh_token_data = array(
+		'iss'  => get_bloginfo( 'url' ),
+		'iat'  => $issued_at,
+		'nbf'  => $issued_at,
+		'exp'  => $issued_at + ( DAY_IN_SECONDS * 30 ),
+		'data' => array(
+			'user'        => array( 'id' => $target_user->ID ),
+			'switched_by' => $current_user_id,
+		),
+	);
+	$refresh_token      = \Firebase\JWT\JWT::encode( $refresh_token_data, $secret_key, 'HS256' );
+	return array(
+		'authToken'    => $auth_token,
+		'refreshToken' => $refresh_token,
+		'user'         => \WPGraphQL::get_app_context()->get_loader( 'user' )->load_deferred( $target_user->ID ),
+	);
+}
+
+// Register userSwitchBack mutation
+add_action( 'graphql_register_types', 'ccat_graphql_register_user_switch_back' );
+function ccat_graphql_register_user_switch_back() {
+	register_graphql_mutation(
+		'userSwitchBack',
+		array(
+			'inputFields'         => array(),
+			'outputFields'        => array(
+				'success' => array(
+					'type'        => 'Boolean',
+					'description' => esc_html__( 'Whether switching back was successful', 'ccat' ),
+				),
+			),
+			'mutateAndGetPayload' => 'ccat_graphql_switch_back_mutation',
+		)
+	);
+}
+
+// Callback for userSwitchBack mutation
+function ccat_graphql_switch_back_mutation() {
+	return array( 'success' => true );
+}