authorizer/server/resolvers/magic_link_login.go

package resolvers

import (
	"context"
	"fmt"
	"log"
	"strings"
	"time"

	"github.com/authorizerdev/authorizer/server/constants"
	"github.com/authorizerdev/authorizer/server/db"
	"github.com/authorizerdev/authorizer/server/email"
	"github.com/authorizerdev/authorizer/server/envstore"
	"github.com/authorizerdev/authorizer/server/graph/model"
	"github.com/authorizerdev/authorizer/server/utils"
)

// MagicLinkLoginResolver is a resolver for magic link login mutation
func MagicLinkLoginResolver(ctx context.Context, params model.MagicLinkLoginInput) (*model.Response, error) {
	var res *model.Response

	if envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableMagicLinkLogin) {
		return res, fmt.Errorf(`magic link login is disabled for this instance`)
	}

	params.Email = strings.ToLower(params.Email)

	if !utils.IsValidEmail(params.Email) {
		return res, fmt.Errorf(`invalid email address`)
	}

	inputRoles := []string{}

	user := db.User{
		Email: params.Email,
	}

	// find user with email
	existingUser, err := db.Mgr.GetUserByEmail(params.Email)

	if err != nil {
		user.SignupMethods = constants.SignupMethodMagicLinkLogin
		// define roles for new user
		if len(params.Roles) > 0 {
			// check if roles exists
			if !utils.IsValidRoles(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), params.Roles) {
				return res, fmt.Errorf(`invalid roles`)
			} else {
				inputRoles = params.Roles
			}
		} else {
			inputRoles = envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles)
		}

		user.Roles = strings.Join(inputRoles, ",")
		user, _ = db.Mgr.AddUser(user)
	} else {
		user = existingUser
		// There multiple scenarios with roles here in magic link login
		// 1. user has access to protected roles + roles and trying to login
		// 2. user has not signed up for one of the available role but trying to signup.
		// 		Need to modify roles in this case

		// find the unassigned roles
		existingRoles := strings.Split(existingUser.Roles, ",")
		unasignedRoles := []string{}
		for _, ir := range inputRoles {
			if !utils.StringSliceContains(existingRoles, ir) {
				unasignedRoles = append(unasignedRoles, ir)
			}
		}

		if len(unasignedRoles) > 0 {
			// check if it contains protected unassigned role
			hasProtectedRole := false
			for _, ur := range unasignedRoles {
				if utils.StringSliceContains(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles), ur) {
					hasProtectedRole = true
				}
			}

			if hasProtectedRole {
				return res, fmt.Errorf(`invalid roles`)
			} else {
				user.Roles = existingUser.Roles + "," + strings.Join(unasignedRoles, ",")
			}
		} else {
			user.Roles = existingUser.Roles
		}

		signupMethod := existingUser.SignupMethods
		if !strings.Contains(signupMethod, constants.SignupMethodMagicLinkLogin) {
			signupMethod = signupMethod + "," + constants.SignupMethodMagicLinkLogin
		}

		user.SignupMethods = signupMethod
		user, _ = db.Mgr.UpdateUser(user)
		if err != nil {
			log.Println("error updating user:", err)
		}
	}

	if !envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableEmailVerification) {
		// insert verification request
		verificationType := constants.VerificationTypeMagicLinkLogin
		token, err := utils.CreateVerificationToken(params.Email, verificationType)
		if err != nil {
			log.Println(`error generating token`, err)
		}
		db.Mgr.AddVerification(db.VerificationRequest{
			Token:      token,
			Identifier: verificationType,
			ExpiresAt:  time.Now().Add(time.Minute * 30).Unix(),
			Email:      params.Email,
		})

		// exec it as go routin so that we can reduce the api latency
		go func() {
			email.SendVerificationMail(params.Email, token)
		}()
	}

	res = &model.Response{
		Message: `Magic Link has been sent to your email. Please check your inbox!`,
	}

	return res, nil
}
feat: add support for magic link login (#65) * feat: add support for magic link login * update readme 2021-11-11 23:52:03 +00:00			`package resolvers`

			`import (`
			`"context"`
			`"fmt"`
			`"log"`
			`"strings"`
			`"time"`

			`"github.com/authorizerdev/authorizer/server/constants"`
			`"github.com/authorizerdev/authorizer/server/db"`
Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`"github.com/authorizerdev/authorizer/server/email"`
			`"github.com/authorizerdev/authorizer/server/envstore"`
feat: add support for magic link login (#65) * feat: add support for magic link login * update readme 2021-11-11 23:52:03 +00:00			`"github.com/authorizerdev/authorizer/server/graph/model"`
			`"github.com/authorizerdev/authorizer/server/utils"`
			`)`

Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`// MagicLinkLoginResolver is a resolver for magic link login mutation`
			`func MagicLinkLoginResolver(ctx context.Context, params model.MagicLinkLoginInput) (*model.Response, error) {`
feat: add support for magic link login (#65) * feat: add support for magic link login * update readme 2021-11-11 23:52:03 +00:00			`var res *model.Response`

fix: rename config -> env and handle env interface better 2022-01-20 11:22:37 +00:00			`if envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableMagicLinkLogin) {`
feat: add support for magic link login (#65) * feat: add support for magic link login * update readme 2021-11-11 23:52:03 +00:00			return res, fmt.Errorf(`magic link login is disabled for this instance`)
			`}`

			`params.Email = strings.ToLower(params.Email)`

			`if !utils.IsValidEmail(params.Email) {`
			return res, fmt.Errorf(`invalid email address`)
			`}`

			`inputRoles := []string{}`

			`user := db.User{`
			`Email: params.Email,`
			`}`

			`// find user with email`
			`existingUser, err := db.Mgr.GetUserByEmail(params.Email)`
feat/add arangodb support (#80) feat: add arangodb init fix: dao for sql + arangodb * fix: update error logs * fix: use db name dynamically 2021-12-17 15:55:07 +00:00
feat: add support for magic link login (#65) * feat: add support for magic link login * update readme 2021-11-11 23:52:03 +00:00			`if err != nil {`
Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`user.SignupMethods = constants.SignupMethodMagicLinkLogin`
feat: add support for magic link login (#65) * feat: add support for magic link login * update readme 2021-11-11 23:52:03 +00:00			`// define roles for new user`
			`if len(params.Roles) > 0 {`
			`// check if roles exists`
fix: rename config -> env and handle env interface better 2022-01-20 11:22:37 +00:00			`if !utils.IsValidRoles(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), params.Roles) {`
feat: add support for magic link login (#65) * feat: add support for magic link login * update readme 2021-11-11 23:52:03 +00:00			return res, fmt.Errorf(`invalid roles`)
			`} else {`
			`inputRoles = params.Roles`
			`}`
			`} else {`
fix: rename config -> env and handle env interface better 2022-01-20 11:22:37 +00:00			`inputRoles = envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles)`
feat: add support for magic link login (#65) * feat: add support for magic link login * update readme 2021-11-11 23:52:03 +00:00			`}`

			`user.Roles = strings.Join(inputRoles, ",")`
feat/add arangodb support (#80) feat: add arangodb init fix: dao for sql + arangodb * fix: update error logs * fix: use db name dynamically 2021-12-17 15:55:07 +00:00			`user, _ = db.Mgr.AddUser(user)`
feat: add support for magic link login (#65) * feat: add support for magic link login * update readme 2021-11-11 23:52:03 +00:00			`} else {`
			`user = existingUser`
			`// There multiple scenarios with roles here in magic link login`
			`// 1. user has access to protected roles + roles and trying to login`
			`// 2. user has not signed up for one of the available role but trying to signup.`
			`// Need to modify roles in this case`

			`// find the unassigned roles`
			`existingRoles := strings.Split(existingUser.Roles, ",")`
			`unasignedRoles := []string{}`
			`for _, ir := range inputRoles {`
			`if !utils.StringSliceContains(existingRoles, ir) {`
			`unasignedRoles = append(unasignedRoles, ir)`
			`}`
			`}`

			`if len(unasignedRoles) > 0 {`
			`// check if it contains protected unassigned role`
			`hasProtectedRole := false`
			`for _, ur := range unasignedRoles {`
fix: rename config -> env and handle env interface better 2022-01-20 11:22:37 +00:00			`if utils.StringSliceContains(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles), ur) {`
feat: add support for magic link login (#65) * feat: add support for magic link login * update readme 2021-11-11 23:52:03 +00:00			`hasProtectedRole = true`
			`}`
			`}`

			`if hasProtectedRole {`
			return res, fmt.Errorf(`invalid roles`)
			`} else {`
			`user.Roles = existingUser.Roles + "," + strings.Join(unasignedRoles, ",")`
			`}`
			`} else {`
			`user.Roles = existingUser.Roles`
			`}`

fix: refactor schema for open id claim standards 2021-12-22 05:21:12 +00:00			`signupMethod := existingUser.SignupMethods`
Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`if !strings.Contains(signupMethod, constants.SignupMethodMagicLinkLogin) {`
			`signupMethod = signupMethod + "," + constants.SignupMethodMagicLinkLogin`
feat: add support for magic link login (#65) * feat: add support for magic link login * update readme 2021-11-11 23:52:03 +00:00			`}`

fix: refactor schema for open id claim standards 2021-12-22 05:21:12 +00:00			`user.SignupMethods = signupMethod`
feat/add arangodb support (#80) feat: add arangodb init fix: dao for sql + arangodb * fix: update error logs * fix: use db name dynamically 2021-12-17 15:55:07 +00:00			`user, _ = db.Mgr.UpdateUser(user)`
			`if err != nil {`
			`log.Println("error updating user:", err)`
			`}`
feat: add support for magic link login (#65) * feat: add support for magic link login * update readme 2021-11-11 23:52:03 +00:00			`}`

fix: rename config -> env and handle env interface better 2022-01-20 11:22:37 +00:00			`if !envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableEmailVerification) {`
feat: add support for magic link login (#65) * feat: add support for magic link login * update readme 2021-11-11 23:52:03 +00:00			`// insert verification request`
Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`verificationType := constants.VerificationTypeMagicLinkLogin`
feat: add support for magic link login (#65) * feat: add support for magic link login * update readme 2021-11-11 23:52:03 +00:00			`token, err := utils.CreateVerificationToken(params.Email, verificationType)`
			`if err != nil {`
feat/add arangodb support (#80) feat: add arangodb init fix: dao for sql + arangodb * fix: update error logs * fix: use db name dynamically 2021-12-17 15:55:07 +00:00			log.Println(`error generating token`, err)
feat: add support for magic link login (#65) * feat: add support for magic link login * update readme 2021-11-11 23:52:03 +00:00			`}`
			`db.Mgr.AddVerification(db.VerificationRequest{`
			`Token: token,`
			`Identifier: verificationType,`
			`ExpiresAt: time.Now().Add(time.Minute * 30).Unix(),`
			`Email: params.Email,`
			`})`

			`// exec it as go routin so that we can reduce the api latency`
			`go func() {`
Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`email.SendVerificationMail(params.Email, token)`
feat: add support for magic link login (#65) * feat: add support for magic link login * update readme 2021-11-11 23:52:03 +00:00			`}()`
			`}`

			`res = &model.Response{`
feat: update app dependencies 2021-11-14 22:42:28 +00:00			Message: `Magic Link has been sent to your email. Please check your inbox!`,
feat: add support for magic link login (#65) * feat: add support for magic link login * update readme 2021-11-11 23:52:03 +00:00			`}`

			`return res, nil`
			`}`