authorizer/server/resolvers/update_profile.go

package resolvers

import (
	"context"
	"encoding/json"
	"errors"
	"fmt"
	"strings"
	"time"

	log "github.com/sirupsen/logrus"

	"github.com/authorizerdev/authorizer/server/constants"
	"github.com/authorizerdev/authorizer/server/cookie"
	"github.com/authorizerdev/authorizer/server/crypto"
	"github.com/authorizerdev/authorizer/server/db"
	"github.com/authorizerdev/authorizer/server/db/models"
	"github.com/authorizerdev/authorizer/server/email"
	"github.com/authorizerdev/authorizer/server/graph/model"
	"github.com/authorizerdev/authorizer/server/memorystore"
	"github.com/authorizerdev/authorizer/server/parsers"
	"github.com/authorizerdev/authorizer/server/refs"
	"github.com/authorizerdev/authorizer/server/token"
	"github.com/authorizerdev/authorizer/server/utils"
	"github.com/authorizerdev/authorizer/server/validators"
	"golang.org/x/crypto/bcrypt"
)

// UpdateProfileResolver is resolver for update profile mutation
func UpdateProfileResolver(ctx context.Context, params model.UpdateProfileInput) (*model.Response, error) {
	var res *model.Response

	gc, err := utils.GinContextFromContext(ctx)
	if err != nil {
		log.Debug("Failed to get GinContext: ", err)
		return res, err
	}

	accessToken, err := token.GetAccessToken(gc)
	if err != nil {
		log.Debug("Failed to get access token: ", err)
		return res, err
	}
	claims, err := token.ValidateAccessToken(gc, accessToken)
	if err != nil {
		log.Debug("Failed to validate access token: ", err)
		return res, err
	}

	// validate if all params are not empty
	if params.GivenName == nil && params.FamilyName == nil && params.Picture == nil && params.MiddleName == nil && params.Nickname == nil && params.OldPassword == nil && params.Email == nil && params.Birthdate == nil && params.Gender == nil && params.PhoneNumber == nil && params.NewPassword == nil && params.ConfirmNewPassword == nil && params.IsMultiFactorAuthEnabled == nil && params.AppData == nil {
		log.Debug("All params are empty")
		return res, fmt.Errorf("please enter at least one param to update")
	}

	userID := claims["sub"].(string)
	log := log.WithFields(log.Fields{
		"user_id": userID,
	})
	user, err := db.Provider.GetUserByID(ctx, userID)
	if err != nil {
		log.Debug("Failed to get user by id: ", err)
		return res, err
	}

	if params.GivenName != nil && refs.StringValue(user.GivenName) != refs.StringValue(params.GivenName) {
		user.GivenName = params.GivenName
	}

	if params.FamilyName != nil && refs.StringValue(user.FamilyName) != refs.StringValue(params.FamilyName) {
		user.FamilyName = params.FamilyName
	}

	if params.MiddleName != nil && refs.StringValue(user.MiddleName) != refs.StringValue(params.MiddleName) {
		user.MiddleName = params.MiddleName
	}

	if params.Nickname != nil && refs.StringValue(user.Nickname) != refs.StringValue(params.Nickname) {
		user.Nickname = params.Nickname
	}

	if params.Birthdate != nil && refs.StringValue(user.Birthdate) != refs.StringValue(params.Birthdate) {
		user.Birthdate = params.Birthdate
	}

	if params.Gender != nil && refs.StringValue(user.Gender) != refs.StringValue(params.Gender) {
		user.Gender = params.Gender
	}

	if params.PhoneNumber != nil && refs.StringValue(user.PhoneNumber) != refs.StringValue(params.PhoneNumber) {
		// verify if phone number is unique
		if _, err := db.Provider.GetUserByPhoneNumber(ctx, strings.TrimSpace(refs.StringValue(params.PhoneNumber))); err == nil {
			log.Debug("user with given phone number already exists")
			return nil, errors.New("user with given phone number already exists")
		}
		user.PhoneNumber = params.PhoneNumber
	}

	if params.Picture != nil && refs.StringValue(user.Picture) != refs.StringValue(params.Picture) {
		user.Picture = params.Picture
	}
	if params.AppData != nil {
		appDataString := ""
		appDataBytes, err := json.Marshal(params.AppData)
		if err != nil {
			log.Debug("failed to marshall source app_data: ", err)
			return nil, errors.New("malformed app_data")
		}
		appDataString = string(appDataBytes)
		user.AppData = &appDataString
	}
	if params.IsMultiFactorAuthEnabled != nil && refs.BoolValue(user.IsMultiFactorAuthEnabled) != refs.BoolValue(params.IsMultiFactorAuthEnabled) {
		if refs.BoolValue(params.IsMultiFactorAuthEnabled) {
			isEnvServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsEmailServiceEnabled)
			if err != nil || !isEnvServiceEnabled {
				log.Debug("Email service not enabled:")
				return nil, errors.New("email service not enabled, so cannot enable multi factor authentication")
			}
		}

		isMFAEnforced, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyEnforceMultiFactorAuthentication)
		if err != nil {
			log.Debug("MFA service not enabled: ", err)
			isMFAEnforced = false
		}

		if isMFAEnforced && !refs.BoolValue(params.IsMultiFactorAuthEnabled) {
			log.Debug("Cannot disable mfa service as it is enforced:")
			return nil, errors.New("cannot disable multi factor authentication as it is enforced by organization")
		}

		user.IsMultiFactorAuthEnabled = params.IsMultiFactorAuthEnabled
	}

	isPasswordChanging := false
	if params.NewPassword != nil && params.ConfirmNewPassword == nil {
		isPasswordChanging = true
		log.Debug("confirm password is empty")
		return res, fmt.Errorf("confirm password is required")
	}

	if params.ConfirmNewPassword != nil && params.NewPassword == nil {
		isPasswordChanging = true
		log.Debug("new password is empty")
		return res, fmt.Errorf("new password is required")
	}

	if params.NewPassword != nil && params.ConfirmNewPassword != nil {
		isPasswordChanging = true
	}

	if isPasswordChanging && user.Password != nil && params.OldPassword == nil {
		log.Debug("old password is empty")
		return res, fmt.Errorf("old password is required")
	}

	if isPasswordChanging && user.Password != nil && params.OldPassword != nil {
		if err = bcrypt.CompareHashAndPassword([]byte(refs.StringValue(user.Password)), []byte(refs.StringValue(params.OldPassword))); err != nil {
			log.Debug("Failed to compare hash and old password: ", err)
			return res, fmt.Errorf("incorrect old password")
		}
	}

	shouldAddBasicSignUpMethod := false
	isBasicAuthDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication)
	if err != nil {
		log.Debug("Error getting basic auth disabled: ", err)
		isBasicAuthDisabled = true
	}

	isMobileBasicAuthDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableMobileBasicAuthentication)
	if err != nil {
		log.Debug("Error getting mobile basic auth disabled: ", err)
		isBasicAuthDisabled = true
	}

	if params.NewPassword != nil && params.ConfirmNewPassword != nil {
		if isBasicAuthDisabled || isMobileBasicAuthDisabled {
			log.Debug("Cannot update password as basic authentication is disabled")
			return res, fmt.Errorf(`basic authentication is disabled for this instance`)
		}

		if refs.StringValue(params.ConfirmNewPassword) != refs.StringValue(params.NewPassword) {
			log.Debug("Failed to compare new password and confirm new password")
			return res, fmt.Errorf(`password and confirm password does not match`)
		}

		if user.Password == nil || refs.StringValue(user.Password) == "" {
			shouldAddBasicSignUpMethod = true
		}

		if err := validators.IsValidPassword(refs.StringValue(params.NewPassword)); err != nil {
			log.Debug("Invalid password")
			return res, err
		}

		password, _ := crypto.EncryptPassword(refs.StringValue(params.NewPassword))
		user.Password = &password

		if shouldAddBasicSignUpMethod {
			user.SignupMethods = user.SignupMethods + "," + constants.AuthRecipeMethodBasicAuth
		}
	}

	hasEmailChanged := false

	if params.Email != nil && user.Email != refs.StringValue(params.Email) {
		// check if valid email
		if !validators.IsValidEmail(*params.Email) {
			log.Debug("Failed to validate email: ", refs.StringValue(params.Email))
			return res, fmt.Errorf("invalid email address")
		}
		newEmail := strings.ToLower(*params.Email)

		// check if valid email
		if !validators.IsValidEmail(newEmail) {
			log.Debug("Failed to validate new email: ", newEmail)
			return res, fmt.Errorf("invalid new email address")
		}
		// check if user with new email exists
		_, err := db.Provider.GetUserByEmail(ctx, newEmail)
		// err = nil means user exists
		if err == nil {
			log.Debug("Failed to get user by email: ", newEmail)
			return res, fmt.Errorf("user with this email address already exists")
		}

		go memorystore.Provider.DeleteAllUserSessions(user.ID)
		go cookie.DeleteSession(gc)

		user.Email = newEmail
		isEmailVerificationDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableEmailVerification)
		if err != nil {
			log.Debug("Failed to get disable email verification env variable: ", err)
			return res, err
		}
		if !isEmailVerificationDisabled {
			hostname := parsers.GetHost(gc)
			user.EmailVerifiedAt = nil
			hasEmailChanged = true
			// insert verification request
			_, nonceHash, err := utils.GenerateNonce()
			if err != nil {
				log.Debug("Failed to generate nonce: ", err)
				return res, err
			}
			verificationType := constants.VerificationTypeUpdateEmail
			redirectURL := parsers.GetAppURL(gc)
			verificationToken, err := token.CreateVerificationToken(newEmail, verificationType, hostname, nonceHash, redirectURL)
			if err != nil {
				log.Debug("Failed to create verification token: ", err)
				return res, err
			}
			_, err = db.Provider.AddVerificationRequest(ctx, &models.VerificationRequest{
				Token:       verificationToken,
				Identifier:  verificationType,
				ExpiresAt:   time.Now().Add(time.Minute * 30).Unix(),
				Email:       newEmail,
				Nonce:       nonceHash,
				RedirectURI: redirectURL,
			})
			if err != nil {
				log.Debug("Failed to add verification request: ", err)
				return res, err
			}

			// exec it as go routine so that we can reduce the api latency
			go email.SendEmail([]string{user.Email}, verificationType, map[string]interface{}{
				"user":             user.ToMap(),
				"organization":     utils.GetOrganization(),
				"verification_url": utils.GetEmailVerificationURL(verificationToken, hostname, redirectURL),
			})

		}
	}
	_, err = db.Provider.UpdateUser(ctx, user)
	if err != nil {
		log.Debug("Failed to update user: ", err)
		return res, err
	}
	message := `Profile details updated successfully.`
	if hasEmailChanged {
		message += `For the email change we have sent new verification email, please verify and continue`
	}
	res = &model.Response{
		Message: message,
	}

	return res, nil
}
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`package resolvers`

			`import (`
			`"context"`
Add app_data 2023-08-14 06:31:37 +00:00			`"encoding/json"`
feat: add sending otp 2022-07-29 14:19:50 +00:00			`"errors"`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`"fmt"`
			`"strings"`
			`"time"`

feat: add loggging to all resolvers 2022-05-24 07:12:29 +00:00			`log "github.com/sirupsen/logrus"`

Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`"github.com/authorizerdev/authorizer/server/constants"`
Implement refresh token logic with fingerprint + rotation 2022-01-22 19:54:41 +00:00			`"github.com/authorizerdev/authorizer/server/cookie"`
feat: add session token 2022-02-28 15:56:49 +00:00			`"github.com/authorizerdev/authorizer/server/crypto"`
chore: rename project 2021-07-23 16:27:44 +00:00			`"github.com/authorizerdev/authorizer/server/db"`
fix: update to use db.Provider 2022-01-21 08:04:04 +00:00			`"github.com/authorizerdev/authorizer/server/db/models"`
Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`"github.com/authorizerdev/authorizer/server/email"`
chore: rename project 2021-07-23 16:27:44 +00:00			`"github.com/authorizerdev/authorizer/server/graph/model"`
fix: move sessionstore -> memstore 2022-05-27 17:50:38 +00:00			`"github.com/authorizerdev/authorizer/server/memorystore"`
fix: import cycle issues 2022-05-30 06:24:16 +00:00			`"github.com/authorizerdev/authorizer/server/parsers"`
fix: refs 2022-07-15 16:41:08 +00:00			`"github.com/authorizerdev/authorizer/server/refs"`
Implement refresh token logic with fingerprint + rotation 2022-01-22 19:54:41 +00:00			`"github.com/authorizerdev/authorizer/server/token"`
chore: rename project 2021-07-23 16:27:44 +00:00			`"github.com/authorizerdev/authorizer/server/utils"`
fix: import cycle issues 2022-05-30 06:24:16 +00:00			`"github.com/authorizerdev/authorizer/server/validators"`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`"golang.org/x/crypto/bcrypt"`
			`)`

Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`// UpdateProfileResolver is resolver for update profile mutation`
			`func UpdateProfileResolver(ctx context.Context, params model.UpdateProfileInput) (*model.Response, error) {`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`var res *model.Response`
feat: add loggging to all resolvers 2022-05-24 07:12:29 +00:00
			`gc, err := utils.GinContextFromContext(ctx)`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`if err != nil {`
fix: format logs 2022-05-25 07:00:22 +00:00			`log.Debug("Failed to get GinContext: ", err)`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`return res, err`
			`}`

fix: auth flow 2022-03-02 12:12:31 +00:00			`accessToken, err := token.GetAccessToken(gc)`
			`if err != nil {`
fix: format logs 2022-05-25 07:00:22 +00:00			`log.Debug("Failed to get access token: ", err)`
fix: auth flow 2022-03-02 12:12:31 +00:00			`return res, err`
			`}`
			`claims, err := token.ValidateAccessToken(gc, accessToken)`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`if err != nil {`
fix: format logs 2022-05-25 07:00:22 +00:00			`log.Debug("Failed to validate access token: ", err)`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`return res, err`
			`}`

			`// validate if all params are not empty`
Add app_data 2023-08-14 06:31:37 +00:00			`if params.GivenName == nil && params.FamilyName == nil && params.Picture == nil && params.MiddleName == nil && params.Nickname == nil && params.OldPassword == nil && params.Email == nil && params.Birthdate == nil && params.Gender == nil && params.PhoneNumber == nil && params.NewPassword == nil && params.ConfirmNewPassword == nil && params.IsMultiFactorAuthEnabled == nil && params.AppData == nil {`
fix: format logs 2022-05-25 07:00:22 +00:00			`log.Debug("All params are empty")`
Implement refresh token logic with fingerprint + rotation 2022-01-22 19:54:41 +00:00			`return res, fmt.Errorf("please enter at least one param to update")`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`}`

fix: auth flow 2022-03-02 12:12:31 +00:00			`userID := claims["sub"].(string)`
feat: add loggging to all resolvers 2022-05-24 07:12:29 +00:00			`log := log.WithFields(log.Fields{`
			`"user_id": userID,`
			`})`
feat: implement resolvers 2022-07-10 16:19:33 +00:00			`user, err := db.Provider.GetUserByID(ctx, userID)`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`if err != nil {`
fix: format logs 2022-05-25 07:00:22 +00:00			`log.Debug("Failed to get user by id: ", err)`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`return res, err`
			`}`

fix: refs 2022-07-15 16:41:08 +00:00			`if params.GivenName != nil && refs.StringValue(user.GivenName) != refs.StringValue(params.GivenName) {`
fix: unique constraint data 2021-12-22 10:01:45 +00:00			`user.GivenName = params.GivenName`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`}`

fix: refs 2022-07-15 16:41:08 +00:00			`if params.FamilyName != nil && refs.StringValue(user.FamilyName) != refs.StringValue(params.FamilyName) {`
fix: unique constraint data 2021-12-22 10:01:45 +00:00			`user.FamilyName = params.FamilyName`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`}`

fix: refs 2022-07-15 16:41:08 +00:00			`if params.MiddleName != nil && refs.StringValue(user.MiddleName) != refs.StringValue(params.MiddleName) {`
fix: unique constraint data 2021-12-22 10:01:45 +00:00			`user.MiddleName = params.MiddleName`
fix: refactor schema for open id claim standards 2021-12-22 05:21:12 +00:00			`}`

fix: refs 2022-07-15 16:41:08 +00:00			`if params.Nickname != nil && refs.StringValue(user.Nickname) != refs.StringValue(params.Nickname) {`
fix: unique constraint data 2021-12-22 10:01:45 +00:00			`user.Nickname = params.Nickname`
fix: refactor schema for open id claim standards 2021-12-22 05:21:12 +00:00			`}`

fix: refs 2022-07-15 16:41:08 +00:00			`if params.Birthdate != nil && refs.StringValue(user.Birthdate) != refs.StringValue(params.Birthdate) {`
fix: unique constraint data 2021-12-22 10:01:45 +00:00			`user.Birthdate = params.Birthdate`
fix: refactor schema for open id claim standards 2021-12-22 05:21:12 +00:00			`}`

fix: refs 2022-07-15 16:41:08 +00:00			`if params.Gender != nil && refs.StringValue(user.Gender) != refs.StringValue(params.Gender) {`
fix: unique constraint data 2021-12-22 10:01:45 +00:00			`user.Gender = params.Gender`
fix: refactor schema for open id claim standards 2021-12-22 05:21:12 +00:00			`}`

fix: refs 2022-07-15 16:41:08 +00:00			`if params.PhoneNumber != nil && refs.StringValue(user.PhoneNumber) != refs.StringValue(params.PhoneNumber) {`
feat: add signup + login using mobile 2022-12-24 21:52:42 +00:00			`// verify if phone number is unique`
			`if _, err := db.Provider.GetUserByPhoneNumber(ctx, strings.TrimSpace(refs.StringValue(params.PhoneNumber))); err == nil {`
			`log.Debug("user with given phone number already exists")`
			`return nil, errors.New("user with given phone number already exists")`
			`}`
fix: unique constraint data 2021-12-22 10:01:45 +00:00			`user.PhoneNumber = params.PhoneNumber`
fix: refactor schema for open id claim standards 2021-12-22 05:21:12 +00:00			`}`

fix: refs 2022-07-15 16:41:08 +00:00			`if params.Picture != nil && refs.StringValue(user.Picture) != refs.StringValue(params.Picture) {`
fix: unique constraint data 2021-12-22 10:01:45 +00:00			`user.Picture = params.Picture`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`}`
Add app_data 2023-08-14 06:31:37 +00:00			`if params.AppData != nil {`
			`appDataString := ""`
			`appDataBytes, err := json.Marshal(params.AppData)`
			`if err != nil {`
			`log.Debug("failed to marshall source app_data: ", err)`
			`return nil, errors.New("malformed app_data")`
			`}`
			`appDataString = string(appDataBytes)`
			`user.AppData = &appDataString`
			`}`
feat: add is_multi_factor_auth_enabled 2022-07-23 09:56:44 +00:00			`if params.IsMultiFactorAuthEnabled != nil && refs.BoolValue(user.IsMultiFactorAuthEnabled) != refs.BoolValue(params.IsMultiFactorAuthEnabled) {`
feat: add sending otp 2022-07-29 14:19:50 +00:00			`if refs.BoolValue(params.IsMultiFactorAuthEnabled) {`
			`isEnvServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsEmailServiceEnabled)`
			`if err != nil \|\| !isEnvServiceEnabled {`
			`log.Debug("Email service not enabled:")`
			`return nil, errors.New("email service not enabled, so cannot enable multi factor authentication")`
			`}`
			`}`
feat: add helper for updating all users 2022-08-02 08:42:36 +00:00
feat: add managing mfa 2022-08-03 17:50:23 +00:00			`isMFAEnforced, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyEnforceMultiFactorAuthentication)`
			`if err != nil {`
			`log.Debug("MFA service not enabled: ", err)`
			`isMFAEnforced = false`
			`}`

			`if isMFAEnforced && !refs.BoolValue(params.IsMultiFactorAuthEnabled) {`
			`log.Debug("Cannot disable mfa service as it is enforced:")`
			`return nil, errors.New("cannot disable multi factor authentication as it is enforced by organization")`
			`}`

feat: add helper for updating all users 2022-08-02 08:42:36 +00:00			`user.IsMultiFactorAuthEnabled = params.IsMultiFactorAuthEnabled`
feat: add is_multi_factor_auth_enabled 2022-07-23 09:56:44 +00:00			`}`

fix(update_profile): changing password if not signed up via basic Resolves #198 2022-07-13 15:15:21 +00:00			`isPasswordChanging := false`
			`if params.NewPassword != nil && params.ConfirmNewPassword == nil {`
			`isPasswordChanging = true`
			`log.Debug("confirm password is empty")`
			`return res, fmt.Errorf("confirm password is required")`
			`}`

			`if params.ConfirmNewPassword != nil && params.NewPassword == nil {`
			`isPasswordChanging = true`
			`log.Debug("new password is empty")`
			`return res, fmt.Errorf("new password is required")`
			`}`

			`if params.NewPassword != nil && params.ConfirmNewPassword != nil {`
			`isPasswordChanging = true`
			`}`

			`if isPasswordChanging && user.Password != nil && params.OldPassword == nil {`
			`log.Debug("old password is empty")`
			`return res, fmt.Errorf("old password is required")`
			`}`

			`if isPasswordChanging && user.Password != nil && params.OldPassword != nil {`
fix: refs 2022-07-15 16:41:08 +00:00			`if err = bcrypt.CompareHashAndPassword([]byte(refs.StringValue(user.Password)), []byte(refs.StringValue(params.OldPassword))); err != nil {`
fix: format logs 2022-05-25 07:00:22 +00:00			`log.Debug("Failed to compare hash and old password: ", err)`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`return res, fmt.Errorf("incorrect old password")`
			`}`
fix(update_profile): changing password if not signed up via basic Resolves #198 2022-07-13 15:15:21 +00:00			`}`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00
fix(update_profile): changing password if not signed up via basic Resolves #198 2022-07-13 15:15:21 +00:00			`shouldAddBasicSignUpMethod := false`
			`isBasicAuthDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication)`
			`if err != nil {`
			`log.Debug("Error getting basic auth disabled: ", err)`
			`isBasicAuthDisabled = true`
			`}`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00
feat: add mobile based basic auth 2022-12-21 17:44:24 +00:00			`isMobileBasicAuthDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableMobileBasicAuthentication)`
			`if err != nil {`
			`log.Debug("Error getting mobile basic auth disabled: ", err)`
			`isBasicAuthDisabled = true`
			`}`

fix(update_profile): changing password if not signed up via basic Resolves #198 2022-07-13 15:15:21 +00:00			`if params.NewPassword != nil && params.ConfirmNewPassword != nil {`
feat: add mobile based basic auth 2022-12-21 17:44:24 +00:00			`if isBasicAuthDisabled \|\| isMobileBasicAuthDisabled {`
fix(update_profile): changing password if not signed up via basic Resolves #198 2022-07-13 15:15:21 +00:00			`log.Debug("Cannot update password as basic authentication is disabled")`
			return res, fmt.Errorf(`basic authentication is disabled for this instance`)
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`}`

fix: refs 2022-07-15 16:41:08 +00:00			`if refs.StringValue(params.ConfirmNewPassword) != refs.StringValue(params.NewPassword) {`
feat: add loggging to all resolvers 2022-05-24 07:12:29 +00:00			`log.Debug("Failed to compare new password and confirm new password")`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			return res, fmt.Errorf(`password and confirm password does not match`)
			`}`

fix: refs 2022-07-15 16:41:08 +00:00			`if user.Password == nil \|\| refs.StringValue(user.Password) == "" {`
fix(update_profile): changing password if not signed up via basic Resolves #198 2022-07-13 15:15:21 +00:00			`shouldAddBasicSignUpMethod = true`
			`}`

fix: refs 2022-07-15 16:41:08 +00:00			`if err := validators.IsValidPassword(refs.StringValue(params.NewPassword)); err != nil {`
fix(update_profile): changing password if not signed up via basic Resolves #198 2022-07-13 15:15:21 +00:00			`log.Debug("Invalid password")`
			`return res, err`
			`}`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00
fix: refs 2022-07-15 16:41:08 +00:00			`password, _ := crypto.EncryptPassword(refs.StringValue(params.NewPassword))`
fix: unique constraint data 2021-12-22 10:01:45 +00:00			`user.Password = &password`
fix(update_profile): changing password if not signed up via basic Resolves #198 2022-07-13 15:15:21 +00:00
			`if shouldAddBasicSignUpMethod {`
			`user.SignupMethods = user.SignupMethods + "," + constants.AuthRecipeMethodBasicAuth`
			`}`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`}`

			`hasEmailChanged := false`

fix: refs 2022-07-15 16:41:08 +00:00			`if params.Email != nil && user.Email != refs.StringValue(params.Email) {`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`// check if valid email`
fix: import cycle issues 2022-05-30 06:24:16 +00:00			`if !validators.IsValidEmail(*params.Email) {`
fix: refs 2022-07-15 16:41:08 +00:00			`log.Debug("Failed to validate email: ", refs.StringValue(params.Email))`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`return res, fmt.Errorf("invalid email address")`
			`}`
			`newEmail := strings.ToLower(*params.Email)`
fix: format logs 2022-05-25 07:00:22 +00:00
			`// check if valid email`
fix: import cycle issues 2022-05-30 06:24:16 +00:00			`if !validators.IsValidEmail(newEmail) {`
fix: format logs 2022-05-25 07:00:22 +00:00			`log.Debug("Failed to validate new email: ", newEmail)`
			`return res, fmt.Errorf("invalid new email address")`
			`}`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`// check if user with new email exists`
feat: implement resolvers 2022-07-10 16:19:33 +00:00			`_, err := db.Provider.GetUserByEmail(ctx, newEmail)`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`// err = nil means user exists`
			`if err == nil {`
fix: format logs 2022-05-25 07:00:22 +00:00			`log.Debug("Failed to get user by email: ", newEmail)`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`return res, fmt.Errorf("user with this email address already exists")`
			`}`

fix: session invalidation 2022-06-11 13:40:39 +00:00			`go memorystore.Provider.DeleteAllUserSessions(user.ID)`
feat: add loggging to all resolvers 2022-05-24 07:12:29 +00:00			`go cookie.DeleteSession(gc)`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00
			`user.Email = newEmail`
fix: memory store upgrade in resolvers 2022-05-30 03:49:55 +00:00			`isEmailVerificationDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableEmailVerification)`
			`if err != nil {`
			`log.Debug("Failed to get disable email verification env variable: ", err)`
			`return res, err`
			`}`
			`if !isEmailVerificationDisabled {`
fix: import cycle issues 2022-05-30 06:24:16 +00:00			`hostname := parsers.GetHost(gc)`
fix: auth flow 2022-03-02 12:12:31 +00:00			`user.EmailVerifiedAt = nil`
			`hasEmailChanged = true`
			`// insert verification request`
fix: add token information in redirect url 2022-03-08 07:06:26 +00:00			`_, nonceHash, err := utils.GenerateNonce()`
fix: auth flow 2022-03-02 12:12:31 +00:00			`if err != nil {`
fix: format logs 2022-05-25 07:00:22 +00:00			`log.Debug("Failed to generate nonce: ", err)`
fix: auth flow 2022-03-02 12:12:31 +00:00			`return res, err`
			`}`
			`verificationType := constants.VerificationTypeUpdateEmail`
fix: import cycle issues 2022-05-30 06:24:16 +00:00			`redirectURL := parsers.GetAppURL(gc)`
fix: add token information in redirect url 2022-03-08 07:06:26 +00:00			`verificationToken, err := token.CreateVerificationToken(newEmail, verificationType, hostname, nonceHash, redirectURL)`
fix: auth flow 2022-03-02 12:12:31 +00:00			`if err != nil {`
fix: format logs 2022-05-25 07:00:22 +00:00			`log.Debug("Failed to create verification token: ", err)`
feat: add loggging to all resolvers 2022-05-24 07:12:29 +00:00			`return res, err`
fix: auth flow 2022-03-02 12:12:31 +00:00			`}`
fix: refs for db provider and few utils 2023-07-31 11:12:11 +00:00			`_, err = db.Provider.AddVerificationRequest(ctx, &models.VerificationRequest{`
fix: add token information in redirect url 2022-03-08 07:06:26 +00:00			`Token: verificationToken,`
			`Identifier: verificationType,`
			`ExpiresAt: time.Now().Add(time.Minute * 30).Unix(),`
			`Email: newEmail,`
			`Nonce: nonceHash,`
			`RedirectURI: redirectURL,`
fix: auth flow 2022-03-02 12:12:31 +00:00			`})`
feat: add loggging to all resolvers 2022-05-24 07:12:29 +00:00			`if err != nil {`
fix: format logs 2022-05-25 07:00:22 +00:00			`log.Debug("Failed to add verification request: ", err)`
feat: add loggging to all resolvers 2022-05-24 07:12:29 +00:00			`return res, err`
			`}`
fix: auth flow 2022-03-02 12:12:31 +00:00
feat: send email based on template 2022-08-08 20:13:37 +00:00			`// exec it as go routine so that we can reduce the api latency`
fix email template - fix verification types - add design to cassandra db provider for email_template - fix default email verification types to include update_email 2022-08-13 06:04:24 +00:00			`go email.SendEmail([]string{user.Email}, verificationType, map[string]interface{}{`
feat: send email based on template 2022-08-08 20:13:37 +00:00			`"user": user.ToMap(),`
			`"organization": utils.GetOrganization(),`
[server]fix: error redirection for email verification 2023-05-02 13:09:10 +00:00			`"verification_url": utils.GetEmailVerificationURL(verificationToken, hostname, redirectURL),`
feat: send email based on template 2022-08-08 20:13:37 +00:00			`})`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00
fix: auth flow 2022-03-02 12:12:31 +00:00			`}`
			`}`
feat: implement resolvers 2022-07-10 16:19:33 +00:00			`_, err = db.Provider.UpdateUser(ctx, user)`
feat: login wall (#42) * feat: add login-wall app * fix: rename vars * fix: rename vars * update docker file * add validations for app state * add host check for app * fix: docker file 2021-08-04 06:48:57 +00:00			`if err != nil {`
fix: format logs 2022-05-25 07:00:22 +00:00			`log.Debug("Failed to update user: ", err)`
feat: login wall (#42) * feat: add login-wall app * fix: rename vars * fix: rename vars * update docker file * add validations for app state * add host check for app * fix: docker file 2021-08-04 06:48:57 +00:00			`return res, err`
			`}`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			message := `Profile details updated successfully.`
			`if hasEmailChanged {`
			message += `For the email change we have sent new verification email, please verify and continue`
			`}`
			`res = &model.Response{`
			`Message: message,`
			`}`

			`return res, nil`
			`}`