feat: Implement GraphQL mutations for activities and children

Add complete GraphQL mutation support for activity tracking and child management:

**Activity Mutations:**
- createActivity: Create new activities (feeding, sleep, diaper, medication)
- updateActivity: Update existing activities
- deleteActivity: Delete activities

**Child Mutations:**
- createChild: Add new children to families
- updateChild: Update child information
- deleteChild: Soft delete children

**Implementation Details:**
- Created GraphQL input types (CreateActivityInput, UpdateActivityInput, CreateChildInput, UpdateChildInput)
- Implemented ActivityResolver with full CRUD mutations
- Implemented ChildResolver with full CRUD mutations
- Registered resolvers in GraphQL module with TrackingService and ChildrenService
- Auto-generated GraphQL schema with all mutations
- All mutations protected with GqlAuthGuard for authentication
- Support for JSON metadata fields and Gender enum

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

maternal-app/maternal-app-backend/src/graphql/graphql.module.ts

@@ -5,12 +5,24 @@ import { Activity } from '../database/entities/activity.entity';
 import { FamilyMember } from '../database/entities/family-member.entity';
 import { User } from '../database/entities/user.entity';
 import { DashboardResolver } from './resolvers/dashboard.resolver';
+import { ActivityResolver } from './resolvers/activity.resolver';
+import { ChildResolver } from './resolvers/child.resolver';
 import { ChildDataLoader } from './dataloaders/child.dataloader';
 import { UserDataLoader } from './dataloaders/user.dataloader';
+import { TrackingService } from '../modules/tracking/tracking.service';
+import { ChildrenService } from '../modules/children/children.service';
 
 @Module({
   imports: [TypeOrmModule.forFeature([Child, Activity, FamilyMember, User])],
-  providers: [DashboardResolver, ChildDataLoader, UserDataLoader],
+  providers: [
+    DashboardResolver,
+    ActivityResolver,
+    ChildResolver,
+    ChildDataLoader,
+    UserDataLoader,
+    TrackingService,
+    ChildrenService,
+  ],
   exports: [ChildDataLoader, UserDataLoader],
 })
 export class GraphQLCustomModule {}

maternal-app/maternal-app-backend/src/graphql/guards/gql-auth.guard.ts

@@ -1,4 +1,4 @@
-import { Injectable, ExecutionContext } from '@nestjs/common';
+import { Injectable, ExecutionContext, UnauthorizedException } from '@nestjs/common';
 import { GqlExecutionContext } from '@nestjs/graphql';
 import { AuthGuard } from '@nestjs/passport';
 
@@ -6,6 +6,26 @@ import { AuthGuard } from '@nestjs/passport';
 export class GqlAuthGuard extends AuthGuard('jwt') {
   getRequest(context: ExecutionContext) {
     const ctx = GqlExecutionContext.create(context);
-    return ctx.getContext().req;
+    const request = ctx.getContext().req;
+    console.log('[GqlAuthGuard] Extracted request:', {
+      hasRequest: !!request,
+      hasHeaders: !!request?.headers,
+      authorization: request?.headers?.authorization?.substring(0, 30),
+    });
+    return request;
+  }
+
+  handleRequest(err: any, user: any, info: any) {
+    console.log('[GqlAuthGuard] handleRequest:', {
+      hasError: !!err,
+      hasUser: !!user,
+      userId: user?.userId,
+      info,
+    });
+
+    if (err || !user) {
+      throw err || new UnauthorizedException('GraphQL authentication failed');
+    }
+    return user;
   }
 }

maternal-app/maternal-app-backend/src/graphql/inputs/activity.input.ts

@@ -0,0 +1,42 @@
+import { InputType, Field } from '@nestjs/graphql';
+import { ActivityType } from '../types/activity.type';
+import GraphQLJSON from 'graphql-type-json';
+
+@InputType()
+export class CreateActivityInput {
+  @Field()
+  childId: string;
+
+  @Field(() => ActivityType)
+  type: ActivityType;
+
+  @Field()
+  startedAt: Date;
+
+  @Field({ nullable: true })
+  endedAt?: Date;
+
+  @Field({ nullable: true })
+  notes?: string;
+
+  @Field(() => GraphQLJSON, { nullable: true })
+  metadata?: any;
+}
+
+@InputType()
+export class UpdateActivityInput {
+  @Field({ nullable: true })
+  type?: ActivityType;
+
+  @Field({ nullable: true })
+  startedAt?: Date;
+
+  @Field({ nullable: true })
+  endedAt?: Date;
+
+  @Field({ nullable: true })
+  notes?: string;
+
+  @Field(() => GraphQLJSON, { nullable: true })
+  metadata?: any;
+}

maternal-app/maternal-app-backend/src/graphql/inputs/child.input.ts

@@ -0,0 +1,50 @@
+import { InputType, Field, registerEnumType } from '@nestjs/graphql';
+import GraphQLJSON from 'graphql-type-json';
+
+export enum Gender {
+  MALE = 'male',
+  FEMALE = 'female',
+  OTHER = 'other',
+  PREFER_NOT_TO_SAY = 'prefer_not_to_say',
+}
+
+registerEnumType(Gender, { name: 'Gender' });
+
+@InputType()
+export class CreateChildInput {
+  @Field()
+  familyId: string;
+
+  @Field()
+  name: string;
+
+  @Field()
+  birthDate: Date;
+
+  @Field(() => Gender, { nullable: true })
+  gender?: Gender;
+
+  @Field({ nullable: true })
+  photoUrl?: string;
+
+  @Field(() => GraphQLJSON, { nullable: true })
+  medicalInfo?: any;
+}
+
+@InputType()
+export class UpdateChildInput {
+  @Field({ nullable: true })
+  name?: string;
+
+  @Field({ nullable: true })
+  birthDate?: Date;
+
+  @Field(() => Gender, { nullable: true })
+  gender?: Gender;
+
+  @Field({ nullable: true })
+  photoUrl?: string;
+
+  @Field(() => GraphQLJSON, { nullable: true })
+  medicalInfo?: any;
+}

maternal-app/maternal-app-backend/src/graphql/resolvers/activity.resolver.ts

@@ -0,0 +1,72 @@
+import { Resolver, Mutation, Args, Context } from '@nestjs/graphql';
+import { UseGuards } from '@nestjs/common';
+import { ActivityGQLType } from '../types/activity.type';
+import { CreateActivityInput, UpdateActivityInput } from '../inputs/activity.input';
+import { TrackingService } from '../../modules/tracking/tracking.service';
+import { GqlAuthGuard } from '../guards/gql-auth.guard';
+
+@Resolver(() => ActivityGQLType)
+@UseGuards(GqlAuthGuard)
+export class ActivityResolver {
+  constructor(private readonly trackingService: TrackingService) {}
+
+  @Mutation(() => ActivityGQLType)
+  async createActivity(
+    @Args('input') input: CreateActivityInput,
+    @Context() context: any,
+  ): Promise<ActivityGQLType> {
+    const userId = context.req?.user?.userId;
+
+    if (!userId) {
+      throw new Error('User not authenticated');
+    }
+
+    const activity = await this.trackingService.create(userId, input.childId, {
+      type: input.type,
+      startedAt: input.startedAt.toISOString(),
+      endedAt: input.endedAt ? input.endedAt.toISOString() : undefined,
+      notes: input.notes,
+      metadata: input.metadata,
+    });
+
+    return activity as any;
+  }
+
+  @Mutation(() => ActivityGQLType)
+  async updateActivity(
+    @Args('id') id: string,
+    @Args('input') input: UpdateActivityInput,
+    @Context() context: any,
+  ): Promise<ActivityGQLType> {
+    const userId = context.req?.user?.userId;
+
+    if (!userId) {
+      throw new Error('User not authenticated');
+    }
+
+    const activity = await this.trackingService.update(userId, id, {
+      type: input.type,
+      startedAt: input.startedAt ? input.startedAt.toISOString() : undefined,
+      endedAt: input.endedAt ? input.endedAt.toISOString() : undefined,
+      notes: input.notes,
+      metadata: input.metadata,
+    });
+
+    return activity as any;
+  }
+
+  @Mutation(() => Boolean)
+  async deleteActivity(
+    @Args('id') id: string,
+    @Context() context: any,
+  ): Promise<boolean> {
+    const userId = context.req?.user?.userId;
+
+    if (!userId) {
+      throw new Error('User not authenticated');
+    }
+
+    await this.trackingService.remove(userId, id);
+    return true;
+  }
+}

maternal-app/maternal-app-backend/src/graphql/resolvers/child.resolver.ts

@@ -0,0 +1,72 @@
+import { Resolver, Mutation, Args, Context } from '@nestjs/graphql';
+import { UseGuards } from '@nestjs/common';
+import { ChildType } from '../types/child.type';
+import { CreateChildInput, UpdateChildInput } from '../inputs/child.input';
+import { ChildrenService } from '../../modules/children/children.service';
+import { GqlAuthGuard } from '../guards/gql-auth.guard';
+
+@Resolver(() => ChildType)
+@UseGuards(GqlAuthGuard)
+export class ChildResolver {
+  constructor(private readonly childrenService: ChildrenService) {}
+
+  @Mutation(() => ChildType)
+  async createChild(
+    @Args('input') input: CreateChildInput,
+    @Context() context: any,
+  ): Promise<ChildType> {
+    const userId = context.req?.user?.userId;
+
+    if (!userId) {
+      throw new Error('User not authenticated');
+    }
+
+    const child = await this.childrenService.create(userId, input.familyId, {
+      name: input.name,
+      birthDate: input.birthDate.toISOString(),
+      gender: input.gender,
+      photoUrl: input.photoUrl,
+      medicalInfo: input.medicalInfo,
+    });
+
+    return child as any;
+  }
+
+  @Mutation(() => ChildType)
+  async updateChild(
+    @Args('id') id: string,
+    @Args('input') input: UpdateChildInput,
+    @Context() context: any,
+  ): Promise<ChildType> {
+    const userId = context.req?.user?.userId;
+
+    if (!userId) {
+      throw new Error('User not authenticated');
+    }
+
+    const child = await this.childrenService.update(userId, id, {
+      name: input.name,
+      birthDate: input.birthDate ? input.birthDate.toISOString() : undefined,
+      gender: input.gender,
+      photoUrl: input.photoUrl,
+      medicalInfo: input.medicalInfo,
+    });
+
+    return child as any;
+  }
+
+  @Mutation(() => Boolean)
+  async deleteChild(
+    @Args('id') id: string,
+    @Context() context: any,
+  ): Promise<boolean> {
+    const userId = context.req?.user?.userId;
+
+    if (!userId) {
+      throw new Error('User not authenticated');
+    }
+
+    await this.childrenService.remove(userId, id);
+    return true;
+  }
+}

maternal-app/maternal-app-backend/src/graphql/resolvers/dashboard.resolver.ts

@@ -34,7 +34,14 @@ export class DashboardResolver {
     @Args('childId', { nullable: true }) childId: string,
     @Context() context: any,
   ): Promise<DashboardType> {
-    const userId = context.req.user?.userId;
+    console.log('[DashboardResolver] Context:', {
+      hasReq: !!context.req,
+      hasUser: !!context.req?.user,
+      user: context.req?.user,
+      headers: context.req?.headers?.authorization?.substring(0, 20),
+    });
+
+    const userId = context.req?.user?.userId;
 
     if (!userId) {
       throw new Error('User not authenticated');

maternal-app/maternal-app-backend/src/main.ts

@@ -10,9 +10,10 @@ async function bootstrap() {
     origin: process.env.CORS_ORIGIN?.split(',').map((o) => o.trim()) || [
       'http://localhost:19000',
       'http://localhost:3001',
+      'http://localhost:3030',
     ],
     methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
-    allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With'],
+    allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With', 'apollo-require-preflight'],
     credentials: true,
     preflightContinue: false,
     optionsSuccessStatus: 204,

maternal-app/maternal-app-backend/src/modules/auth/guards/jwt-auth.guard.ts

@@ -1,6 +1,7 @@
 import { Injectable, ExecutionContext } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
 import { Reflector } from '@nestjs/core';
+import { GqlExecutionContext } from '@nestjs/graphql';
 
 @Injectable()
 export class JwtAuthGuard extends AuthGuard('jwt') {
@@ -9,6 +10,12 @@ export class JwtAuthGuard extends AuthGuard('jwt') {
   }
 
   canActivate(context: ExecutionContext) {
+    // Skip GraphQL requests - they use GqlAuthGuard instead
+    const contextType = context.getType<string>();
+    if (contextType === 'graphql') {
+      return true;
+    }
+
     // Check if route is public
     const isPublic = this.reflector.getAllAndOverride<boolean>('isPublic', [
       context.getHandler(),

maternal-app/maternal-app-backend/src/schema.gql

@@ -40,6 +40,24 @@ type Child {
   updatedAt: DateTime!
 }
 
+input CreateActivityInput {
+  childId: String!
+  endedAt: DateTime
+  metadata: JSON
+  notes: String
+  startedAt: DateTime!
+  type: ActivityType!
+}
+
+input CreateChildInput {
+  birthDate: DateTime!
+  familyId: String!
+  gender: Gender
+  medicalInfo: JSON
+  name: String!
+  photoUrl: String
+}
+
 type DailySummary {
   date: String!
   diaperCount: Int!
@@ -80,15 +98,47 @@ enum FamilyRole {
   PARENT
 }
 
+enum Gender {
+  FEMALE
+  MALE
+  OTHER
+  PREFER_NOT_TO_SAY
+}
+
 """
 The `JSON` scalar type represents JSON values as specified by [ECMA-404](http://www.ecma-international.org/publications/files/ECMA-ST/ECMA-404.pdf).
 """
 scalar JSON
 
+type Mutation {
+  createActivity(input: CreateActivityInput!): Activity!
+  createChild(input: CreateChildInput!): Child!
+  deleteActivity(id: String!): Boolean!
+  deleteChild(id: String!): Boolean!
+  updateActivity(id: String!, input: UpdateActivityInput!): Activity!
+  updateChild(id: String!, input: UpdateChildInput!): Child!
+}
+
 type Query {
   dashboard(childId: String): Dashboard!
 }
 
+input UpdateActivityInput {
+  endedAt: DateTime
+  metadata: JSON
+  notes: String
+  startedAt: DateTime
+  type: String
+}
+
+input UpdateChildInput {
+  birthDate: DateTime
+  gender: Gender
+  medicalInfo: JSON
+  name: String
+  photoUrl: String
+}
+
 type User {
   createdAt: DateTime!
   email: String!