authorizer/server/resolvers/forgot_password.go

package resolvers

import (
	"context"
	"fmt"
	"strings"
	"time"

	log "github.com/sirupsen/logrus"

	"github.com/authorizerdev/authorizer/server/constants"
	"github.com/authorizerdev/authorizer/server/db"
	"github.com/authorizerdev/authorizer/server/db/models"
	"github.com/authorizerdev/authorizer/server/email"
	"github.com/authorizerdev/authorizer/server/graph/model"
	"github.com/authorizerdev/authorizer/server/memorystore"
	"github.com/authorizerdev/authorizer/server/parsers"
	"github.com/authorizerdev/authorizer/server/refs"
	"github.com/authorizerdev/authorizer/server/token"
	"github.com/authorizerdev/authorizer/server/utils"
	"github.com/authorizerdev/authorizer/server/validators"
)

// ForgotPasswordResolver is a resolver for forgot password mutation
func ForgotPasswordResolver(ctx context.Context, params model.ForgotPasswordInput) (*model.Response, error) {
	var res *model.Response

	gc, err := utils.GinContextFromContext(ctx)
	if err != nil {
		log.Debug("Failed to get GinContext: ", err)
		return res, err
	}

	isBasicAuthDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication)
	if err != nil {
		log.Debug("Error getting basic auth disabled: ", err)
		isBasicAuthDisabled = true
	}
	if isBasicAuthDisabled {
		log.Debug("Basic authentication is disabled")
		return res, fmt.Errorf(`basic authentication is disabled for this instance`)
	}
	params.Email = strings.ToLower(params.Email)

	if !validators.IsValidEmail(params.Email) {
		log.Debug("Invalid email address: ", params.Email)
		return res, fmt.Errorf("invalid email")
	}

	log := log.WithFields(log.Fields{
		"email": params.Email,
	})
	user, err := db.Provider.GetUserByEmail(ctx, params.Email)
	if err != nil {
		log.Debug("User not found: ", err)
		return res, fmt.Errorf(`user with this email not found`)
	}

	hostname := parsers.GetHost(gc)
	_, nonceHash, err := utils.GenerateNonce()
	if err != nil {
		log.Debug("Failed to generate nonce: ", err)
		return res, err
	}
	redirectURL := parsers.GetAppURL(gc)
	if strings.TrimSpace(refs.StringValue(params.RedirectURI)) != "" {
		redirectURL = refs.StringValue(params.RedirectURI)
	}

	verificationToken, err := token.CreateVerificationToken(params.Email, constants.VerificationTypeForgotPassword, hostname, nonceHash, redirectURL)
	if err != nil {
		log.Debug("Failed to create verification token", err)
		return res, err
	}
	_, err = db.Provider.AddVerificationRequest(ctx, models.VerificationRequest{
		Token:       verificationToken,
		Identifier:  constants.VerificationTypeForgotPassword,
		ExpiresAt:   time.Now().Add(time.Minute * 30).Unix(),
		Email:       params.Email,
		Nonce:       nonceHash,
		RedirectURI: redirectURL,
	})
	if err != nil {
		log.Debug("Failed to add verification request", err)
		return res, err
	}

	// exec it as go routine so that we can reduce the api latency
	go email.SendEmail([]string{params.Email}, constants.VerificationTypeForgotPassword, map[string]interface{}{
		"user":             user.ToMap(),
		"organization":     utils.GetOrganization(),
		"verification_url": utils.GetForgotPasswordURL(verificationToken, hostname),
	})

	res = &model.Response{
		Message: `Please check your inbox! We have sent a password reset link.`,
	}

	return res, nil
}
Add forgot password resolver Resolves #10 2021-07-18 09:56:29 +00:00			`package resolvers`

			`import (`
			`"context"`
			`"fmt"`
fix: get token logic, add buffer time fix typos 2021-07-21 08:06:26 +00:00			`"strings"`
			`"time"`
Add forgot password resolver Resolves #10 2021-07-18 09:56:29 +00:00
feat: add loggging to all resolvers 2022-05-24 07:12:29 +00:00			`log "github.com/sirupsen/logrus"`

fix: add disable basic auth check in resolvers 2021-07-28 09:52:11 +00:00			`"github.com/authorizerdev/authorizer/server/constants"`
chore: rename project 2021-07-23 16:27:44 +00:00			`"github.com/authorizerdev/authorizer/server/db"`
fix: update to use db.Provider 2022-01-21 08:04:04 +00:00			`"github.com/authorizerdev/authorizer/server/db/models"`
Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`"github.com/authorizerdev/authorizer/server/email"`
chore: rename project 2021-07-23 16:27:44 +00:00			`"github.com/authorizerdev/authorizer/server/graph/model"`
fix: memory store upgrade in resolvers 2022-05-30 03:49:55 +00:00			`"github.com/authorizerdev/authorizer/server/memorystore"`
fix: import cycle issues 2022-05-30 06:24:16 +00:00			`"github.com/authorizerdev/authorizer/server/parsers"`
fix email template - fix verification types - add design to cassandra db provider for email_template - fix default email verification types to include update_email 2022-08-13 06:04:24 +00:00			`"github.com/authorizerdev/authorizer/server/refs"`
Implement refresh token logic with fingerprint + rotation 2022-01-22 19:54:41 +00:00			`"github.com/authorizerdev/authorizer/server/token"`
chore: rename project 2021-07-23 16:27:44 +00:00			`"github.com/authorizerdev/authorizer/server/utils"`
fix: import cycle issues 2022-05-30 06:24:16 +00:00			`"github.com/authorizerdev/authorizer/server/validators"`
Add forgot password resolver Resolves #10 2021-07-18 09:56:29 +00:00			`)`

Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`// ForgotPasswordResolver is a resolver for forgot password mutation`
			`func ForgotPasswordResolver(ctx context.Context, params model.ForgotPasswordInput) (*model.Response, error) {`
Add forgot password resolver Resolves #10 2021-07-18 09:56:29 +00:00			`var res *model.Response`
feat: add loggging to all resolvers 2022-05-24 07:12:29 +00:00
			`gc, err := utils.GinContextFromContext(ctx)`
feat: login wall (#42) * feat: add login-wall app * fix: rename vars * fix: rename vars * update docker file * add validations for app state * add host check for app * fix: docker file 2021-08-04 06:48:57 +00:00			`if err != nil {`
fix: format logs 2022-05-25 07:00:22 +00:00			`log.Debug("Failed to get GinContext: ", err)`
feat: login wall (#42) * feat: add login-wall app * fix: rename vars * fix: rename vars * update docker file * add validations for app state * add host check for app * fix: docker file 2021-08-04 06:48:57 +00:00			`return res, err`
			`}`
feat: add loggging to all resolvers 2022-05-24 07:12:29 +00:00
fix: memory store upgrade in resolvers 2022-05-30 03:49:55 +00:00			`isBasicAuthDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication)`
			`if err != nil {`
			`log.Debug("Error getting basic auth disabled: ", err)`
			`isBasicAuthDisabled = true`
			`}`
			`if isBasicAuthDisabled {`
fix: format logs 2022-05-25 07:00:22 +00:00			`log.Debug("Basic authentication is disabled")`
fix: add disable basic auth check in resolvers 2021-07-28 09:52:11 +00:00			return res, fmt.Errorf(`basic authentication is disabled for this instance`)
			`}`
fix: get token logic, add buffer time fix typos 2021-07-21 08:06:26 +00:00			`params.Email = strings.ToLower(params.Email)`
Add forgot password resolver Resolves #10 2021-07-18 09:56:29 +00:00
fix: import cycle issues 2022-05-30 06:24:16 +00:00			`if !validators.IsValidEmail(params.Email) {`
fix: format logs 2022-05-25 07:00:22 +00:00			`log.Debug("Invalid email address: ", params.Email)`
fix: get token logic, add buffer time fix typos 2021-07-21 08:06:26 +00:00			`return res, fmt.Errorf("invalid email")`
Add forgot password resolver Resolves #10 2021-07-18 09:56:29 +00:00			`}`

feat: add loggging to all resolvers 2022-05-24 07:12:29 +00:00			`log := log.WithFields(log.Fields{`
			`"email": params.Email,`
			`})`
feat: send email based on template 2022-08-08 20:13:37 +00:00			`user, err := db.Provider.GetUserByEmail(ctx, params.Email)`
Add forgot password resolver Resolves #10 2021-07-18 09:56:29 +00:00			`if err != nil {`
fix: format logs 2022-05-25 07:00:22 +00:00			`log.Debug("User not found: ", err)`
fix: get token logic, add buffer time fix typos 2021-07-21 08:06:26 +00:00			return res, fmt.Errorf(`user with this email not found`)
Add forgot password resolver Resolves #10 2021-07-18 09:56:29 +00:00			`}`

fix: import cycle issues 2022-05-30 06:24:16 +00:00			`hostname := parsers.GetHost(gc)`
fix: add token information in redirect url 2022-03-08 07:06:26 +00:00			`_, nonceHash, err := utils.GenerateNonce()`
fix: auth flow 2022-03-02 12:12:31 +00:00			`if err != nil {`
fix: format logs 2022-05-25 07:00:22 +00:00			`log.Debug("Failed to generate nonce: ", err)`
fix: auth flow 2022-03-02 12:12:31 +00:00			`return res, err`
			`}`
fix email template - fix verification types - add design to cassandra db provider for email_template - fix default email verification types to include update_email 2022-08-13 06:04:24 +00:00			`redirectURL := parsers.GetAppURL(gc)`
			`if strings.TrimSpace(refs.StringValue(params.RedirectURI)) != "" {`
			`redirectURL = refs.StringValue(params.RedirectURI)`
fix: add token information in redirect url 2022-03-08 07:06:26 +00:00			`}`

			`verificationToken, err := token.CreateVerificationToken(params.Email, constants.VerificationTypeForgotPassword, hostname, nonceHash, redirectURL)`
Add forgot password resolver Resolves #10 2021-07-18 09:56:29 +00:00			`if err != nil {`
fix: replace all logs 2022-05-24 07:20:33 +00:00			`log.Debug("Failed to create verification token", err)`
			`return res, err`
Add forgot password resolver Resolves #10 2021-07-18 09:56:29 +00:00			`}`
feat: implement resolvers 2022-07-10 16:19:33 +00:00			`_, err = db.Provider.AddVerificationRequest(ctx, models.VerificationRequest{`
fix: add token information in redirect url 2022-03-08 07:06:26 +00:00			`Token: verificationToken,`
			`Identifier: constants.VerificationTypeForgotPassword,`
			`ExpiresAt: time.Now().Add(time.Minute * 30).Unix(),`
			`Email: params.Email,`
			`Nonce: nonceHash,`
			`RedirectURI: redirectURL,`
fix: get token logic, add buffer time fix typos 2021-07-21 08:06:26 +00:00			`})`
fix: replace all logs 2022-05-24 07:20:33 +00:00			`if err != nil {`
			`log.Debug("Failed to add verification request", err)`
			`return res, err`
			`}`
fix: get token logic, add buffer time fix typos 2021-07-21 08:06:26 +00:00
feat: send email based on template 2022-08-08 20:13:37 +00:00			`// exec it as go routine so that we can reduce the api latency`
			`go email.SendEmail([]string{params.Email}, constants.VerificationTypeForgotPassword, map[string]interface{}{`
			`"user": user.ToMap(),`
			`"organization": utils.GetOrganization(),`
			`"verification_url": utils.GetForgotPasswordURL(verificationToken, hostname),`
			`})`
Add forgot password resolver Resolves #10 2021-07-18 09:56:29 +00:00
			`res = &model.Response{`
fix: get token logic, add buffer time fix typos 2021-07-21 08:06:26 +00:00			Message: `Please check your inbox! We have sent a password reset link.`,
Add forgot password resolver Resolves #10 2021-07-18 09:56:29 +00:00			`}`

			`return res, nil`
			`}`