server/resolvers/resend_otp.go

package resolvers

import (
	"context"
	"errors"
	"fmt"
	"strings"
	"time"

	log "github.com/sirupsen/logrus"

	"github.com/authorizerdev/authorizer/server/constants"
	"github.com/authorizerdev/authorizer/server/db"
	"github.com/authorizerdev/authorizer/server/db/models"
	emailHelper "github.com/authorizerdev/authorizer/server/email"
	"github.com/authorizerdev/authorizer/server/graph/model"
	"github.com/authorizerdev/authorizer/server/memorystore"
	"github.com/authorizerdev/authorizer/server/refs"
	"github.com/authorizerdev/authorizer/server/smsproviders"
	"github.com/authorizerdev/authorizer/server/utils"
)

// ResendOTPResolver is a resolver for resend otp mutation
func ResendOTPResolver(ctx context.Context, params model.ResendOTPRequest) (*model.Response, error) {
	email := strings.ToLower(strings.Trim(refs.StringValue(params.Email), " "))
	phoneNumber := strings.Trim(refs.StringValue(params.PhoneNumber), " ")
	log := log.WithFields(log.Fields{
		"email":        email,
		"phone_number": phoneNumber,
	})
	if email == "" && phoneNumber == "" {
		log.Debug("Email or phone number is required")
		return nil, errors.New("email or phone number is required")
	}
	var user *models.User
	var err error
	if email != "" {
		isEmailServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsEmailServiceEnabled)
		if err != nil || !isEmailServiceEnabled {
			log.Debug("Email service not enabled: ", err)
			return nil, errors.New("email service not enabled")
		}
		user, err = db.Provider.GetUserByEmail(ctx, email)
	} else {
		isSMSServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsEmailServiceEnabled)
		if err != nil || !isSMSServiceEnabled {
			log.Debug("Email service not enabled: ", err)
			return nil, errors.New("email service not enabled")
		}
		user, err = db.Provider.GetUserByPhoneNumber(ctx, phoneNumber)
	}
	if err != nil {
		log.Debug("Failed to get user by email: ", err)
		return nil, fmt.Errorf(`user with this email/phone not found`)
	}

	if user.RevokedTimestamp != nil {
		log.Debug("User access is revoked")
		return nil, fmt.Errorf(`user access has been revoked`)
	}

	if email != "" && user.EmailVerifiedAt == nil {
		log.Debug("User email is not verified")
		return nil, fmt.Errorf(`email not verified`)
	}

	if phoneNumber != "" && user.PhoneNumberVerifiedAt == nil {
		log.Debug("User phone number is not verified")
		return nil, fmt.Errorf(`phone number not verified`)
	}

	if !refs.BoolValue(user.IsMultiFactorAuthEnabled) {
		log.Debug("User multi factor authentication is not enabled")
		return nil, fmt.Errorf(`multi factor authentication not enabled`)
	}

	isMFADisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableMultiFactorAuthentication)
	if err != nil || isMFADisabled {
		log.Debug("MFA service not enabled: ", err)
		return nil, errors.New("multi factor authentication is disabled for this instance")
	}

	// get otp by email or phone number
	var otpData *models.OTP
	if email != "" {
		otpData, err = db.Provider.GetOTPByEmail(ctx, refs.StringValue(params.Email))
	} else {
		otpData, err = db.Provider.GetOTPByPhoneNumber(ctx, refs.StringValue(params.PhoneNumber))
	}
	if err != nil {
		log.Debug("Failed to get otp for given email: ", err)
		return nil, err
	}
	if otpData == nil {
		log.Debug("No otp found for given email: ", params.Email)
		return &model.Response{
			Message: "Failed to get for given email",
		}, errors.New("failed to get otp for given email")
	}

	otp := utils.GenerateOTP()
	if _, err := db.Provider.UpsertOTP(ctx, &models.OTP{
		Email:     user.Email,
		Otp:       otp,
		ExpiresAt: time.Now().Add(1 * time.Minute).Unix(),
	}); err != nil {
		log.Debug("Error upserting otp: ", err)
		return nil, err
	}

	if email != "" {
		// exec it as go routine so that we can reduce the api latency
		go emailHelper.SendEmail([]string{email}, constants.VerificationTypeOTP, map[string]interface{}{
			"user":         user.ToMap(),
			"organization": utils.GetOrganization(),
			"otp":          otp,
		})
	} else {
		smsBody := strings.Builder{}
		smsBody.WriteString("Your verification code is: ")
		smsBody.WriteString(otp)
		// exec it as go routine so that we can reduce the api latency
		go smsproviders.SendSMS(phoneNumber, smsBody.String())
	}
	log.Info("OTP has been resent")
	return &model.Response{
		Message: `OTP has been sent. Please check your inbox`,
	}, nil
}
feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`package resolvers`

			`import (`
			`"context"`
feat: add sending otp 2022-07-29 19:49:50 +05:30			`"errors"`
feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`"fmt"`
			`"strings"`
			`"time"`

			`log "github.com/sirupsen/logrus"`

feat: add helper for updating all users 2022-08-02 14:12:36 +05:30			`"github.com/authorizerdev/authorizer/server/constants"`
feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`"github.com/authorizerdev/authorizer/server/db"`
			`"github.com/authorizerdev/authorizer/server/db/models"`
Update resend otp 2023-07-23 10:03:37 +05:30			`emailHelper "github.com/authorizerdev/authorizer/server/email"`
feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`"github.com/authorizerdev/authorizer/server/graph/model"`
feat: add helper for updating all users 2022-08-02 14:12:36 +05:30			`"github.com/authorizerdev/authorizer/server/memorystore"`
feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`"github.com/authorizerdev/authorizer/server/refs"`
Update resend otp 2023-07-23 10:03:37 +05:30			`"github.com/authorizerdev/authorizer/server/smsproviders"`
feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`"github.com/authorizerdev/authorizer/server/utils"`
			`)`

			`// ResendOTPResolver is a resolver for resend otp mutation`
			`func ResendOTPResolver(ctx context.Context, params model.ResendOTPRequest) (*model.Response, error) {`
Update resend otp 2023-07-23 10:03:37 +05:30			`email := strings.ToLower(strings.Trim(refs.StringValue(params.Email), " "))`
			`phoneNumber := strings.Trim(refs.StringValue(params.PhoneNumber), " ")`
feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`log := log.WithFields(log.Fields{`
Update resend otp 2023-07-23 10:03:37 +05:30			`"email": email,`
			`"phone_number": phoneNumber,`
feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`})`
Update resend otp 2023-07-23 10:03:37 +05:30			`if email == "" && phoneNumber == "" {`
			`log.Debug("Email or phone number is required")`
			`return nil, errors.New("email or phone number is required")`
			`}`
fix: refs for db provider and few utils 2023-07-31 16:42:11 +05:30			`var user *models.User`
Update resend otp 2023-07-23 10:03:37 +05:30			`var err error`
			`if email != "" {`
			`isEmailServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsEmailServiceEnabled)`
			`if err != nil \|\| !isEmailServiceEnabled {`
			`log.Debug("Email service not enabled: ", err)`
			`return nil, errors.New("email service not enabled")`
			`}`
			`user, err = db.Provider.GetUserByEmail(ctx, email)`
			`} else {`
			`isSMSServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsEmailServiceEnabled)`
			`if err != nil \|\| !isSMSServiceEnabled {`
			`log.Debug("Email service not enabled: ", err)`
			`return nil, errors.New("email service not enabled")`
			`}`
fix: refs for db provider and few utils 2023-07-31 16:42:11 +05:30			`user, err = db.Provider.GetUserByPhoneNumber(ctx, phoneNumber)`
Update resend otp 2023-07-23 10:03:37 +05:30			`}`
feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`if err != nil {`
			`log.Debug("Failed to get user by email: ", err)`
Update resend otp 2023-07-23 10:03:37 +05:30			return nil, fmt.Errorf(`user with this email/phone not found`)
feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`}`

			`if user.RevokedTimestamp != nil {`
			`log.Debug("User access is revoked")`
feat: add sending otp 2022-07-29 19:49:50 +05:30			return nil, fmt.Errorf(`user access has been revoked`)
feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`}`

Update resend otp 2023-07-23 10:03:37 +05:30			`if email != "" && user.EmailVerifiedAt == nil {`
feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`log.Debug("User email is not verified")`
feat: add sending otp 2022-07-29 19:49:50 +05:30			return nil, fmt.Errorf(`email not verified`)
feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`}`

Update resend otp 2023-07-23 10:03:37 +05:30			`if phoneNumber != "" && user.PhoneNumberVerifiedAt == nil {`
			`log.Debug("User phone number is not verified")`
			return nil, fmt.Errorf(`phone number not verified`)
			`}`

feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`if !refs.BoolValue(user.IsMultiFactorAuthEnabled) {`
			`log.Debug("User multi factor authentication is not enabled")`
feat: add sending otp 2022-07-29 19:49:50 +05:30			return nil, fmt.Errorf(`multi factor authentication not enabled`)
			`}`

feat: add managing mfa 2022-08-03 23:20:23 +05:30			`isMFADisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableMultiFactorAuthentication)`
			`if err != nil \|\| isMFADisabled {`
			`log.Debug("MFA service not enabled: ", err)`
			`return nil, errors.New("multi factor authentication is disabled for this instance")`
			`}`

Update resend otp 2023-07-23 10:03:37 +05:30			`// get otp by email or phone number`
			`var otpData *models.OTP`
			`if email != "" {`
			`otpData, err = db.Provider.GetOTPByEmail(ctx, refs.StringValue(params.Email))`
			`} else {`
			`otpData, err = db.Provider.GetOTPByPhoneNumber(ctx, refs.StringValue(params.PhoneNumber))`
			`}`
feat: add sending otp 2022-07-29 19:49:50 +05:30			`if err != nil {`
			`log.Debug("Failed to get otp for given email: ", err)`
			`return nil, err`
			`}`
			`if otpData == nil {`
			`log.Debug("No otp found for given email: ", params.Email)`
			`return &model.Response{`
			`Message: "Failed to get for given email",`
			`}, errors.New("failed to get otp for given email")`
feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`}`

feat: add sending otp 2022-07-29 19:49:50 +05:30			`otp := utils.GenerateOTP()`
Update resend otp 2023-07-23 10:03:37 +05:30			`if _, err := db.Provider.UpsertOTP(ctx, &models.OTP{`
feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`Email: user.Email,`
feat: add sending otp 2022-07-29 19:49:50 +05:30			`Otp: otp,`
feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`ExpiresAt: time.Now().Add(1 * time.Minute).Unix(),`
Update resend otp 2023-07-23 10:03:37 +05:30			`}); err != nil {`
			`log.Debug("Error upserting otp: ", err)`
feat: add sending otp 2022-07-29 19:49:50 +05:30			`return nil, err`
feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`}`

Update resend otp 2023-07-23 10:03:37 +05:30			`if email != "" {`
feat: send email based on template 2022-08-09 01:43:37 +05:30			`// exec it as go routine so that we can reduce the api latency`
Update resend otp 2023-07-23 10:03:37 +05:30			`go emailHelper.SendEmail([]string{email}, constants.VerificationTypeOTP, map[string]interface{}{`
feat: send email based on template 2022-08-09 01:43:37 +05:30			`"user": user.ToMap(),`
			`"organization": utils.GetOrganization(),`
			`"otp": otp,`
			`})`
Update resend otp 2023-07-23 10:03:37 +05:30			`} else {`
			`smsBody := strings.Builder{}`
			`smsBody.WriteString("Your verification code is: ")`
			`smsBody.WriteString(otp)`
			`// exec it as go routine so that we can reduce the api latency`
			`go smsproviders.SendSMS(phoneNumber, smsBody.String())`
			`}`
			`log.Info("OTP has been resent")`
feat: add sending otp 2022-07-29 19:49:50 +05:30			`return &model.Response{`
			Message: `OTP has been sent. Please check your inbox`,
			`}, nil`
feat: otp resolvers updated 2022-07-29 13:49:46 +05:30			`}`