authorizer/server/resolvers/signup.go

package resolvers

import (
	"context"
	"fmt"
	"log"
	"strings"
	"time"

	"github.com/authorizerdev/authorizer/server/constants"
	"github.com/authorizerdev/authorizer/server/db"
	"github.com/authorizerdev/authorizer/server/enum"
	"github.com/authorizerdev/authorizer/server/graph/model"
	"github.com/authorizerdev/authorizer/server/session"
	"github.com/authorizerdev/authorizer/server/utils"
)

func Signup(ctx context.Context, params model.SignUpInput) (*model.AuthResponse, error) {
	gc, err := utils.GinContextFromContext(ctx)
	var res *model.AuthResponse
	if err != nil {
		return res, err
	}

	if constants.DISABLE_BASIC_AUTHENTICATION {
		return res, fmt.Errorf(`basic authentication is disabled for this instance`)
	}
	if params.ConfirmPassword != params.Password {
		return res, fmt.Errorf(`passowrd and confirm password does not match`)
	}

	params.Email = strings.ToLower(params.Email)

	if !utils.IsValidEmail(params.Email) {
		return res, fmt.Errorf(`invalid email address`)
	}

	inputRoles := []string{}

	if len(params.Roles) > 0 {
		// check if roles exists
		if !utils.IsValidRoles(constants.ROLES, params.Roles) {
			return res, fmt.Errorf(`invalid roles`)
		} else {
			inputRoles = params.Roles
		}
	} else {
		inputRoles = constants.DEFAULT_ROLES
	}

	// find user with email
	existingUser, err := db.Mgr.GetUserByEmail(params.Email)
	if err != nil {
		log.Println("user with email " + params.Email + " not found")
	}

	if existingUser.EmailVerifiedAt > 0 {
		// email is verified
		return res, fmt.Errorf(`you have already signed up. Please login`)
	}
	user := db.User{
		Email: params.Email,
	}

	user.Roles = strings.Join(inputRoles, ",")

	password, _ := utils.HashPassword(params.Password)
	user.Password = password

	if params.FirstName != nil {
		user.FirstName = *params.FirstName
	}

	if params.LastName != nil {
		user.LastName = *params.LastName
	}

	user.SignupMethod = enum.BasicAuth.String()
	if constants.DISABLE_EMAIL_VERIFICATION {
		user.EmailVerifiedAt = time.Now().Unix()
	}
	user, err = db.Mgr.AddUser(user)
	if err != nil {
		return res, err
	}
	userIdStr := fmt.Sprintf("%v", user.ID)
	roles := strings.Split(user.Roles, ",")
	userToReturn := &model.User{
		ID:              userIdStr,
		Email:           user.Email,
		Image:           &user.Image,
		FirstName:       &user.FirstName,
		LastName:        &user.LastName,
		SignupMethod:    user.SignupMethod,
		EmailVerifiedAt: &user.EmailVerifiedAt,
		Roles:           strings.Split(user.Roles, ","),
		CreatedAt:       &user.CreatedAt,
		UpdatedAt:       &user.UpdatedAt,
	}

	if !constants.DISABLE_EMAIL_VERIFICATION {
		// insert verification request
		verificationType := enum.BasicAuthSignup.String()
		token, err := utils.CreateVerificationToken(params.Email, verificationType)
		if err != nil {
			log.Println(`error generating token`, err)
		}
		db.Mgr.AddVerification(db.VerificationRequest{
			Token:      token,
			Identifier: verificationType,
			ExpiresAt:  time.Now().Add(time.Minute * 30).Unix(),
			Email:      params.Email,
		})

		// exec it as go routin so that we can reduce the api latency
		go func() {
			utils.SendVerificationMail(params.Email, token)
		}()

		res = &model.AuthResponse{
			Message: `Verification email has been sent. Please check your inbox`,
			User:    userToReturn,
		}
	} else {

		refreshToken, _, _ := utils.CreateAuthToken(user, enum.RefreshToken, roles)

		accessToken, expiresAt, _ := utils.CreateAuthToken(user, enum.AccessToken, roles)

		session.SetToken(userIdStr, accessToken, refreshToken)
		go func() {
			sessionData := db.Session{
				UserID:    user.ID,
				UserAgent: utils.GetUserAgent(gc.Request),
				IP:        utils.GetIP(gc.Request),
			}

			db.Mgr.AddSession(sessionData)
		}()
		res = &model.AuthResponse{
			Message:              `Signed up successfully.`,
			AccessToken:          &accessToken,
			AccessTokenExpiresAt: &expiresAt,
			User:                 userToReturn,
		}

		utils.SetCookie(gc, accessToken)
	}

	return res, nil
}
add google login - refactor resolvers - fix signup method typos Resolves #17 2021-07-17 16:29:50 +00:00			`package resolvers`

			`import (`
			`"context"`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			`"fmt"`
add google login - refactor resolvers - fix signup method typos Resolves #17 2021-07-17 16:29:50 +00:00			`"log"`
			`"strings"`
			`"time"`

feat:allow signup without verification (#39) * fix: add disable basic auth check in resolvers * feat: allow signup without email verification Resolves #32 2021-07-28 10:13:08 +00:00			`"github.com/authorizerdev/authorizer/server/constants"`
chore: rename project 2021-07-23 16:27:44 +00:00			`"github.com/authorizerdev/authorizer/server/db"`
			`"github.com/authorizerdev/authorizer/server/enum"`
			`"github.com/authorizerdev/authorizer/server/graph/model"`
feat:allow signup without verification (#39) * fix: add disable basic auth check in resolvers * feat: allow signup without email verification Resolves #32 2021-07-28 10:13:08 +00:00			`"github.com/authorizerdev/authorizer/server/session"`
chore: rename project 2021-07-23 16:27:44 +00:00			`"github.com/authorizerdev/authorizer/server/utils"`
add google login - refactor resolvers - fix signup method typos Resolves #17 2021-07-17 16:29:50 +00:00			`)`

feat:allow signup without verification (#39) * fix: add disable basic auth check in resolvers * feat: allow signup without email verification Resolves #32 2021-07-28 10:13:08 +00:00			`func Signup(ctx context.Context, params model.SignUpInput) (*model.AuthResponse, error) {`
			`gc, err := utils.GinContextFromContext(ctx)`
			`var res *model.AuthResponse`
			`if err != nil {`
			`return res, err`
			`}`

fix: arangodb get one queries 2021-12-20 12:03:11 +00:00			`if constants.DISABLE_BASIC_AUTHENTICATION {`
feat:allow signup without verification (#39) * fix: add disable basic auth check in resolvers * feat: allow signup without email verification Resolves #32 2021-07-28 10:13:08 +00:00			return res, fmt.Errorf(`basic authentication is disabled for this instance`)
			`}`
Implement verify email using server url - fix confirm password typo 2021-07-20 22:04:03 +00:00			`if params.ConfirmPassword != params.Password {`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			return res, fmt.Errorf(`passowrd and confirm password does not match`)
add google login - refactor resolvers - fix signup method typos Resolves #17 2021-07-17 16:29:50 +00:00			`}`

			`params.Email = strings.ToLower(params.Email)`

			`if !utils.IsValidEmail(params.Email) {`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			return res, fmt.Errorf(`invalid email address`)
add google login - refactor resolvers - fix signup method typos Resolves #17 2021-07-17 16:29:50 +00:00			`}`

feat/role based access (#50) * feat: add roles based access * feat: update roles env + todo * feat: add roles to update profile * feat: add role based oauth * feat: validate role for a given token 2021-09-20 05:06:26 +00:00			`inputRoles := []string{}`

feat: use multi roles login (#60) * feat: use multi roles login - add support for protected roles - refactor oauth code * fix: adminUpdate role validation * fix: update app 2021-10-13 16:41:41 +00:00			`if len(params.Roles) > 0 {`
feat/role based access (#50) * feat: add roles based access * feat: update roles env + todo * feat: add roles to update profile * feat: add role based oauth * feat: validate role for a given token 2021-09-20 05:06:26 +00:00			`// check if roles exists`
feat: use multi roles login (#60) * feat: use multi roles login - add support for protected roles - refactor oauth code * fix: adminUpdate role validation * fix: update app 2021-10-13 16:41:41 +00:00			`if !utils.IsValidRoles(constants.ROLES, params.Roles) {`
feat/role based access (#50) * feat: add roles based access * feat: update roles env + todo * feat: add roles to update profile * feat: add role based oauth * feat: validate role for a given token 2021-09-20 05:06:26 +00:00			return res, fmt.Errorf(`invalid roles`)
feat: use multi roles login (#60) * feat: use multi roles login - add support for protected roles - refactor oauth code * fix: adminUpdate role validation * fix: update app 2021-10-13 16:41:41 +00:00			`} else {`
			`inputRoles = params.Roles`
feat/role based access (#50) * feat: add roles based access * feat: update roles env + todo * feat: add roles to update profile * feat: add role based oauth * feat: validate role for a given token 2021-09-20 05:06:26 +00:00			`}`
			`} else {`
feat: use multi roles login (#60) * feat: use multi roles login - add support for protected roles - refactor oauth code * fix: adminUpdate role validation * fix: update app 2021-10-13 16:41:41 +00:00			`inputRoles = constants.DEFAULT_ROLES`
feat/role based access (#50) * feat: add roles based access * feat: update roles env + todo * feat: add roles to update profile * feat: add role based oauth * feat: validate role for a given token 2021-09-20 05:06:26 +00:00			`}`

add google login - refactor resolvers - fix signup method typos Resolves #17 2021-07-17 16:29:50 +00:00			`// find user with email`
			`existingUser, err := db.Mgr.GetUserByEmail(params.Email)`
			`if err != nil {`
feat/add arangodb support (#80) feat: add arangodb init fix: dao for sql + arangodb * fix: update error logs * fix: use db name dynamically 2021-12-17 15:55:07 +00:00			`log.Println("user with email " + params.Email + " not found")`
add google login - refactor resolvers - fix signup method typos Resolves #17 2021-07-17 16:29:50 +00:00			`}`

			`if existingUser.EmailVerifiedAt > 0 {`
			`// email is verified`
Add resolver to update profile Resolves #12 #11 2021-07-18 03:55:20 +00:00			return res, fmt.Errorf(`you have already signed up. Please login`)
add google login - refactor resolvers - fix signup method typos Resolves #17 2021-07-17 16:29:50 +00:00			`}`
			`user := db.User{`
Resolves #22 2021-07-17 17:09:50 +00:00			`Email: params.Email,`
add google login - refactor resolvers - fix signup method typos Resolves #17 2021-07-17 16:29:50 +00:00			`}`

feat/role based access (#50) * feat: add roles based access * feat: update roles env + todo * feat: add roles to update profile * feat: add role based oauth * feat: validate role for a given token 2021-09-20 05:06:26 +00:00			`user.Roles = strings.Join(inputRoles, ",")`

Resolves #22 2021-07-17 17:09:50 +00:00			`password, _ := utils.HashPassword(params.Password)`
			`user.Password = password`

add google login - refactor resolvers - fix signup method typos Resolves #17 2021-07-17 16:29:50 +00:00			`if params.FirstName != nil {`
			`user.FirstName = *params.FirstName`
			`}`

			`if params.LastName != nil {`
			`user.LastName = *params.LastName`
			`}`

			`user.SignupMethod = enum.BasicAuth.String()`
fix: arangodb get one queries 2021-12-20 12:03:11 +00:00			`if constants.DISABLE_EMAIL_VERIFICATION {`
feat:allow signup without verification (#39) * fix: add disable basic auth check in resolvers * feat: allow signup without email verification Resolves #32 2021-07-28 10:13:08 +00:00			`user.EmailVerifiedAt = time.Now().Unix()`
			`}`
feat/add arangodb support (#80) feat: add arangodb init fix: dao for sql + arangodb * fix: update error logs * fix: use db name dynamically 2021-12-17 15:55:07 +00:00			`user, err = db.Mgr.AddUser(user)`
add google login - refactor resolvers - fix signup method typos Resolves #17 2021-07-17 16:29:50 +00:00			`if err != nil {`
			`return res, err`
			`}`
fix: typos 2021-08-07 08:41:26 +00:00			`userIdStr := fmt.Sprintf("%v", user.ID)`
feat: use multi roles login (#60) * feat: use multi roles login - add support for protected roles - refactor oauth code * fix: adminUpdate role validation * fix: update app 2021-10-13 16:41:41 +00:00			`roles := strings.Split(user.Roles, ",")`
feat:allow signup without verification (#39) * fix: add disable basic auth check in resolvers * feat: allow signup without email verification Resolves #32 2021-07-28 10:13:08 +00:00			`userToReturn := &model.User{`
			`ID: userIdStr,`
			`Email: user.Email,`
			`Image: &user.Image,`
			`FirstName: &user.FirstName,`
			`LastName: &user.LastName,`
			`SignupMethod: user.SignupMethod,`
			`EmailVerifiedAt: &user.EmailVerifiedAt,`
feat/role based access (#50) * feat: add roles based access * feat: update roles env + todo * feat: add roles to update profile * feat: add role based oauth * feat: validate role for a given token 2021-09-20 05:06:26 +00:00			`Roles: strings.Split(user.Roles, ","),`
feat:allow signup without verification (#39) * fix: add disable basic auth check in resolvers * feat: allow signup without email verification Resolves #32 2021-07-28 10:13:08 +00:00			`CreatedAt: &user.CreatedAt,`
			`UpdatedAt: &user.UpdatedAt,`
add google login - refactor resolvers - fix signup method typos Resolves #17 2021-07-17 16:29:50 +00:00			`}`
feat:allow signup without verification (#39) * fix: add disable basic auth check in resolvers * feat: allow signup without email verification Resolves #32 2021-07-28 10:13:08 +00:00
fix: arangodb get one queries 2021-12-20 12:03:11 +00:00			`if !constants.DISABLE_EMAIL_VERIFICATION {`
feat:allow signup without verification (#39) * fix: add disable basic auth check in resolvers * feat: allow signup without email verification Resolves #32 2021-07-28 10:13:08 +00:00			`// insert verification request`
			`verificationType := enum.BasicAuthSignup.String()`
fix: add location middleware to get exact host 2021-08-04 10:25:13 +00:00			`token, err := utils.CreateVerificationToken(params.Email, verificationType)`
feat:allow signup without verification (#39) * fix: add disable basic auth check in resolvers * feat: allow signup without email verification Resolves #32 2021-07-28 10:13:08 +00:00			`if err != nil {`
feat/add arangodb support (#80) feat: add arangodb init fix: dao for sql + arangodb * fix: update error logs * fix: use db name dynamically 2021-12-17 15:55:07 +00:00			log.Println(`error generating token`, err)
feat:allow signup without verification (#39) * fix: add disable basic auth check in resolvers * feat: allow signup without email verification Resolves #32 2021-07-28 10:13:08 +00:00			`}`
			`db.Mgr.AddVerification(db.VerificationRequest{`
			`Token: token,`
			`Identifier: verificationType,`
			`ExpiresAt: time.Now().Add(time.Minute * 30).Unix(),`
			`Email: params.Email,`
			`})`

			`// exec it as go routin so that we can reduce the api latency`
			`go func() {`
			`utils.SendVerificationMail(params.Email, token)`
			`}()`

			`res = &model.AuthResponse{`
			Message: `Verification email has been sent. Please check your inbox`,
			`User: userToReturn,`
			`}`
			`} else {`

feat: use multi roles login (#60) * feat: use multi roles login - add support for protected roles - refactor oauth code * fix: adminUpdate role validation * fix: update app 2021-10-13 16:41:41 +00:00			`refreshToken, _, _ := utils.CreateAuthToken(user, enum.RefreshToken, roles)`
feat:allow signup without verification (#39) * fix: add disable basic auth check in resolvers * feat: allow signup without email verification Resolves #32 2021-07-28 10:13:08 +00:00
feat: use multi roles login (#60) * feat: use multi roles login - add support for protected roles - refactor oauth code * fix: adminUpdate role validation * fix: update app 2021-10-13 16:41:41 +00:00			`accessToken, expiresAt, _ := utils.CreateAuthToken(user, enum.AccessToken, roles)`
feat:allow signup without verification (#39) * fix: add disable basic auth check in resolvers * feat: allow signup without email verification Resolves #32 2021-07-28 10:13:08 +00:00
Feat/multiple session (#64) * fix: disable windows build * feat: add ability to handle multiple sessions 2021-10-27 17:45:38 +00:00			`session.SetToken(userIdStr, accessToken, refreshToken)`
			`go func() {`
			`sessionData := db.Session{`
			`UserID: user.ID,`
			`UserAgent: utils.GetUserAgent(gc.Request),`
			`IP: utils.GetIP(gc.Request),`
			`}`

feat/add arangodb support (#80) feat: add arangodb init fix: dao for sql + arangodb * fix: update error logs * fix: use db name dynamically 2021-12-17 15:55:07 +00:00			`db.Mgr.AddSession(sessionData)`
Feat/multiple session (#64) * fix: disable windows build * feat: add ability to handle multiple sessions 2021-10-27 17:45:38 +00:00			`}()`
feat:allow signup without verification (#39) * fix: add disable basic auth check in resolvers * feat: allow signup without email verification Resolves #32 2021-07-28 10:13:08 +00:00			`res = &model.AuthResponse{`
			Message: `Signed up successfully.`,
			`AccessToken: &accessToken,`
			`AccessTokenExpiresAt: &expiresAt,`
			`User: userToReturn,`
			`}`

			`utils.SetCookie(gc, accessToken)`
add google login - refactor resolvers - fix signup method typos Resolves #17 2021-07-17 16:29:50 +00:00			`}`

			`return res, nil`
			`}`