Update tests

2024-04-02 15:25:11 +05:30 · 2024-04-02 15:25:11 +05:30 · 28b574c827
commit 28b574c827
parent 67f866a787
51 changed files with 275 additions and 143 deletions
--- a/app/package-lock.json
+++ b/app/package-lock.json
@ -9,7 +9,7 @@
 			"version": "1.0.0",
 			"license": "ISC",
 			"dependencies": {
-				"@authorizerdev/authorizer-react": "^1.2.0",
+				"@authorizerdev/authorizer-react": "^1.3.1",
 				"@types/react": "^17.0.15",
 				"@types/react-dom": "^17.0.9",
 				"esbuild": "^0.12.17",
@ -27,9 +27,9 @@
 			}
 		},
 		"node_modules/@authorizerdev/authorizer-js": {
-			"version": "2.0.0-beta.3",
+			"version": "2.0.2",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-2.0.0-beta.3.tgz",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-2.0.2.tgz",
-			"integrity": "sha512-cEzEVe7AewvOwOwoettiKRCq1e5Y33k9g8fJjqAoe3B/36iNN8wnZ5qgsPPZkqhv+Cvn6huj+YWtRimfVJ6d0w==",
+			"integrity": "sha512-YgCtpaBDGYGMUlINFsvGNJnBtbnFG2wo66xX2i6auop52oVmKimvLpzOx8306/YddCxWhg9FljyVMp88Mbnxyw==",
 			"dependencies": {
 				"cross-fetch": "^3.1.5"
 			},
@ -41,11 +41,11 @@
 			}
 		},
 		"node_modules/@authorizerdev/authorizer-react": {
-			"version": "1.2.0",
+			"version": "1.3.1",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.2.0.tgz",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.3.1.tgz",
-			"integrity": "sha512-MtunZgh30rzY9jSADVP1DRC4sOBC82zx/yhK8O/1ufOAi7vTDZwPjDHIMrG/xWPNUYTCeFPEKpZlKyB+TH/M1w==",
+			"integrity": "sha512-X7vQMr5jtZ28z+YZOt5ISB3lOYXNszpLpWw4S6VNs7TLAd5/ZP2kPaSdDbUgIvQFyYy51DHQeGygOu3G1n0Mdw==",
 			"dependencies": {
-				"@authorizerdev/authorizer-js": "^2.0.0-beta.3",
+				"@authorizerdev/authorizer-js": "^2.0.2",
 				"validator": "^13.11.0"
 			},
 			"engines": {
--- a/app/package.json
+++ b/app/package.json
@ -12,7 +12,7 @@
 	"author": "Lakhan Samani",
 	"license": "ISC",
 	"dependencies": {
-		"@authorizerdev/authorizer-react": "^1.2.0",
+		"@authorizerdev/authorizer-react": "^1.3.1",
 		"@types/react": "^17.0.15",
 		"@types/react-dom": "^17.0.9",
 		"esbuild": "^0.12.17",
--- a/app/src/App.tsx
+++ b/app/src/App.tsx
@ -33,7 +33,6 @@ export default function App() {
 		...window['__authorizer__'],
 		...urlProps,
 	};
 	console.log({ globalState });
 	return (
 		<div
 			style={{
--- a/app/yarn.lock
+++ b/app/yarn.lock
@ -2,19 +2,19 @@
 # yarn lockfile v1
-"@authorizerdev/authorizer-js@^2.0.0-beta.3":
+"@authorizerdev/authorizer-js@^2.0.2":
-  version "2.0.0-beta.3"
+  version "2.0.2"
-  resolved "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-2.0.0-beta.3.tgz"
+  resolved "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-2.0.2.tgz"
-  integrity sha512-cEzEVe7AewvOwOwoettiKRCq1e5Y33k9g8fJjqAoe3B/36iNN8wnZ5qgsPPZkqhv+Cvn6huj+YWtRimfVJ6d0w==
+  integrity sha512-YgCtpaBDGYGMUlINFsvGNJnBtbnFG2wo66xX2i6auop52oVmKimvLpzOx8306/YddCxWhg9FljyVMp88Mbnxyw==
  dependencies:
    cross-fetch "^3.1.5"
-"@authorizerdev/authorizer-react@^1.2.0":
+"@authorizerdev/authorizer-react@^1.3.1":
-  version "1.2.0"
+  version "1.3.1"
-  resolved "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.2.0.tgz"
+  resolved "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.3.1.tgz"
-  integrity sha512-MtunZgh30rzY9jSADVP1DRC4sOBC82zx/yhK8O/1ufOAi7vTDZwPjDHIMrG/xWPNUYTCeFPEKpZlKyB+TH/M1w==
+  integrity sha512-X7vQMr5jtZ28z+YZOt5ISB3lOYXNszpLpWw4S6VNs7TLAd5/ZP2kPaSdDbUgIvQFyYy51DHQeGygOu3G1n0Mdw==
  dependencies:
-    "@authorizerdev/authorizer-js" "^2.0.0-beta.3"
+    "@authorizerdev/authorizer-js" "^2.0.2"
    validator "^13.11.0"
 "@babel/code-frame@^7.22.13":
--- a/dashboard/src/components/EnvComponents/Features.tsx
+++ b/dashboard/src/components/EnvComponents/Features.tsx
@ -53,7 +53,7 @@ const Features = ({ variables, setVariables }: any) => {
 				</Flex>
 				<Flex>
 					<Flex w="100%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Basic Authentication:</Text>
+						<Text fontSize="sm">Email Basic Authentication:</Text>
 					</Flex>
 					<Flex justifyContent="start">
 						<InputField
@ -64,6 +64,19 @@ const Features = ({ variables, setVariables }: any) => {
 						/>
 					</Flex>
 				</Flex>
 				<Flex>
 					<Flex w="100%" justifyContent="start" alignItems="center">
 						<Text fontSize="sm">Mobile Basic Authentication:</Text>
 					</Flex>
 					<Flex justifyContent="start">
 						<InputField
 							variables={variables}
 							setVariables={setVariables}
 							inputType={SwitchInputType.DISABLE_MOBILE_BASIC_AUTHENTICATION}
 							hasReversedValue
 						/>
 					</Flex>
 				</Flex>
 				<Flex>
 					<Flex w="100%" justifyContent="start" alignItems="center">
 						<Text fontSize="sm">Sign Up:</Text>
--- a/dashboard/src/constants.ts
+++ b/dashboard/src/constants.ts
@ -83,6 +83,7 @@ export const SwitchInputType = {
 	DISABLE_MAGIC_LINK_LOGIN: 'DISABLE_MAGIC_LINK_LOGIN',
 	DISABLE_EMAIL_VERIFICATION: 'DISABLE_EMAIL_VERIFICATION',
 	DISABLE_BASIC_AUTHENTICATION: 'DISABLE_BASIC_AUTHENTICATION',
 	DISABLE_MOBILE_BASIC_AUTHENTICATION: 'DISABLE_MOBILE_BASIC_AUTHENTICATION',
 	DISABLE_SIGN_UP: 'DISABLE_SIGN_UP',
 	DISABLE_REDIS_FOR_ENV: 'DISABLE_REDIS_FOR_ENV',
 	DISABLE_STRONG_PASSWORD: 'DISABLE_STRONG_PASSWORD',
@ -167,6 +168,7 @@ export interface envVarTypes {
 	DISABLE_MAGIC_LINK_LOGIN: boolean;
 	DISABLE_EMAIL_VERIFICATION: boolean;
 	DISABLE_BASIC_AUTHENTICATION: boolean;
 	DISABLE_MOBILE_BASIC_AUTHENTICATION: boolean;
 	DISABLE_SIGN_UP: boolean;
 	DISABLE_STRONG_PASSWORD: boolean;
 	OLD_ADMIN_SECRET: string;
--- a/dashboard/src/graphql/queries/index.ts
+++ b/dashboard/src/graphql/queries/index.ts
@ -65,6 +65,7 @@ export const EnvVariablesQuery = `
      DISABLE_MAGIC_LINK_LOGIN
      DISABLE_EMAIL_VERIFICATION
      DISABLE_BASIC_AUTHENTICATION
      DISABLE_MOBILE_BASIC_AUTHENTICATION
      DISABLE_SIGN_UP
      DISABLE_STRONG_PASSWORD
      DISABLE_REDIS_FOR_ENV
--- a/dashboard/src/pages/Environment.tsx
+++ b/dashboard/src/pages/Environment.tsx
@ -86,6 +86,7 @@ const Environment = () => {
 		DISABLE_MAGIC_LINK_LOGIN: false,
 		DISABLE_EMAIL_VERIFICATION: false,
 		DISABLE_BASIC_AUTHENTICATION: false,
 		DISABLE_MOBILE_BASIC_AUTHENTICATION: false,
 		DISABLE_SIGN_UP: false,
 		DISABLE_STRONG_PASSWORD: false,
 		OLD_ADMIN_SECRET: '',
--- a/server/db/providers/arangodb/authenticator.go
+++ b/server/db/providers/arangodb/authenticator.go
@ -28,7 +28,7 @@ func (p *provider) AddAuthenticator(ctx context.Context, authenticators *models.
 	authenticatorsCollection, _ := p.db.Collection(ctx, models.Collections.Authenticators)
 	meta, err := authenticatorsCollection.CreateDocument(arangoDriver.WithOverwrite(ctx), authenticators)
 	if err != nil {
-		return authenticators, err
+		return nil, err
 	}
 	authenticators.Key = meta.Key
 	authenticators.ID = meta.ID.String()
@ -42,7 +42,7 @@ func (p *provider) UpdateAuthenticator(ctx context.Context, authenticators *mode
 	collection, _ := p.db.Collection(ctx, models.Collections.Authenticators)
 	meta, err := collection.UpdateDocument(ctx, authenticators.Key, authenticators)
 	if err != nil {
-		return authenticators, err
+		return nil, err
 	}
 	authenticators.Key = meta.Key
@ -59,7 +59,7 @@ func (p *provider) GetAuthenticatorDetailsByUserId(ctx context.Context, userId s
 	}
 	cursor, err := p.db.Query(ctx, query, bindVars)
 	if err != nil {
-		return authenticators, err
+		return nil, err
 	}
 	defer cursor.Close()
 	for {
@ -71,7 +71,7 @@ func (p *provider) GetAuthenticatorDetailsByUserId(ctx context.Context, userId s
 		}
 		_, err := cursor.ReadDocument(ctx, &authenticators)
 		if err != nil {
-			return authenticators, err
+			return nil, err
 		}
 	}
 	return authenticators, nil
--- a/server/db/providers/arangodb/env.go
+++ b/server/db/providers/arangodb/env.go
@ -23,7 +23,7 @@ func (p *provider) AddEnv(ctx context.Context, env *models.Env) (*models.Env, er
 	configCollection, _ := p.db.Collection(ctx, models.Collections.Env)
 	meta, err := configCollection.CreateDocument(arangoDriver.WithOverwrite(ctx), env)
 	if err != nil {
-		return env, err
+		return nil, err
 	}
 	env.Key = meta.Key
 	env.ID = meta.ID.String()
@ -36,7 +36,7 @@ func (p *provider) UpdateEnv(ctx context.Context, env *models.Env) (*models.Env,
 	collection, _ := p.db.Collection(ctx, models.Collections.Env)
 	meta, err := collection.UpdateDocument(ctx, env.Key, env)
 	if err != nil {
-		return env, err
+		return nil, err
 	}
 	env.Key = meta.Key
@ -50,7 +50,7 @@ func (p *provider) GetEnv(ctx context.Context) (*models.Env, error) {
 	query := fmt.Sprintf("FOR d in %s RETURN d", models.Collections.Env)
 	cursor, err := p.db.Query(ctx, query, nil)
 	if err != nil {
-		return env, err
+		return nil, err
 	}
 	defer cursor.Close()
 	for {
@ -62,7 +62,7 @@ func (p *provider) GetEnv(ctx context.Context) (*models.Env, error) {
 		}
 		_, err := cursor.ReadDocument(ctx, &env)
 		if err != nil {
-			return env, err
+			return nil, err
 		}
 	}
--- a/server/db/providers/arangodb/user.go
+++ b/server/db/providers/arangodb/user.go
@ -27,7 +27,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 	if user.Roles == "" {
 		defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
 		if err != nil {
-			return user, err
+			return nil, err
 		}
 		user.Roles = defaultRoles
 	}
@ -47,7 +47,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 	userCollection, _ := p.db.Collection(ctx, models.Collections.User)
 	meta, err := userCollection.CreateDocument(arangoDriver.WithOverwrite(ctx), user)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	user.Key = meta.Key
 	user.ID = meta.ID.String()
@ -62,7 +62,7 @@ func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.U
 	collection, _ := p.db.Collection(ctx, models.Collections.User)
 	meta, err := collection.UpdateDocument(ctx, user.Key, user)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	user.Key = meta.Key
@ -129,19 +129,19 @@ func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.Us
 	}
 	cursor, err := p.db.Query(ctx, query, bindVars)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	defer cursor.Close()
 	for {
 		if !cursor.HasMore() {
 			if user == nil {
-				return user, fmt.Errorf("user not found")
+				return nil, fmt.Errorf("user not found")
 			}
 			break
 		}
 		_, err := cursor.ReadDocument(ctx, &user)
 		if err != nil {
-			return user, err
+			return nil, err
 		}
 	}
 	return user, nil
@ -156,19 +156,19 @@ func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, er
 	}
 	cursor, err := p.db.Query(ctx, query, bindVars)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	defer cursor.Close()
 	for {
 		if !cursor.HasMore() {
 			if user == nil {
-				return user, fmt.Errorf("user not found")
+				return nil, fmt.Errorf("user not found")
 			}
 			break
 		}
 		_, err := cursor.ReadDocument(ctx, &user)
 		if err != nil {
-			return user, err
+			return nil, err
 		}
 	}
 	return user, nil
--- a/server/db/providers/arangodb/verification_requests.go
+++ b/server/db/providers/arangodb/verification_requests.go
@ -22,7 +22,7 @@ func (p *provider) AddVerificationRequest(ctx context.Context, verificationReque
 	verificationRequestRequestCollection, _ := p.db.Collection(ctx, models.Collections.VerificationRequest)
 	meta, err := verificationRequestRequestCollection.CreateDocument(ctx, verificationRequest)
 	if err != nil {
-		return verificationRequest, err
+		return nil, err
 	}
 	verificationRequest.Key = meta.Key
 	verificationRequest.ID = meta.ID.String()
@ -38,7 +38,7 @@ func (p *provider) GetVerificationRequestByToken(ctx context.Context, token stri
 	}
 	cursor, err := p.db.Query(ctx, query, bindVars)
 	if err != nil {
-		return verificationRequest, err
+		return nil, err
 	}
 	defer cursor.Close()
 	for {
@ -50,7 +50,7 @@ func (p *provider) GetVerificationRequestByToken(ctx context.Context, token stri
 		}
 		_, err := cursor.ReadDocument(ctx, &verificationRequest)
 		if err != nil {
-			return verificationRequest, err
+			return nil, err
 		}
 	}
 	return verificationRequest, nil
@ -66,7 +66,7 @@ func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email stri
 	}
 	cursor, err := p.db.Query(ctx, query, bindVars)
 	if err != nil {
-		return verificationRequest, err
+		return nil, err
 	}
 	defer cursor.Close()
 	for {
@ -78,7 +78,7 @@ func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email stri
 		}
 		_, err := cursor.ReadDocument(ctx, &verificationRequest)
 		if err != nil {
-			return verificationRequest, err
+			return nil, err
 		}
 	}
 	return verificationRequest, nil
--- a/server/db/providers/cassandradb/authenticator.go
+++ b/server/db/providers/cassandradb/authenticator.go
@ -29,7 +29,7 @@ func (p *provider) AddAuthenticator(ctx context.Context, authenticators *models.
 	bytes, err := json.Marshal(authenticators)
 	if err != nil {
-		return authenticators, err
+		return nil, err
 	}
 	// use decoder instead of json.Unmarshall, because it converts int64 -> float64 after unmarshalling
@ -38,7 +38,7 @@ func (p *provider) AddAuthenticator(ctx context.Context, authenticators *models.
 	authenticatorsMap := map[string]interface{}{}
 	err = decoder.Decode(&authenticatorsMap)
 	if err != nil {
-		return authenticators, err
+		return nil, err
 	}
 	fields := "("
@ -66,7 +66,7 @@ func (p *provider) AddAuthenticator(ctx context.Context, authenticators *models.
 	query := fmt.Sprintf("INSERT INTO %s %s VALUES %s IF NOT EXISTS", KeySpace+"."+models.Collections.Authenticators, fields, values)
 	err = p.db.Query(query).Exec()
 	if err != nil {
-		return authenticators, err
+		return nil, err
 	}
 	return authenticators, nil
@ -77,7 +77,7 @@ func (p *provider) UpdateAuthenticator(ctx context.Context, authenticators *mode
 	bytes, err := json.Marshal(authenticators)
 	if err != nil {
-		return authenticators, err
+		return nil, err
 	}
 	// use decoder instead of json.Unmarshall, because it converts int64 -> float64 after unmarshalling
 	decoder := json.NewDecoder(strings.NewReader(string(bytes)))
@ -85,7 +85,7 @@ func (p *provider) UpdateAuthenticator(ctx context.Context, authenticators *mode
 	authenticatorsMap := map[string]interface{}{}
 	err = decoder.Decode(&authenticatorsMap)
 	if err != nil {
-		return authenticators, err
+		return nil, err
 	}
 	updateFields := ""
@ -116,7 +116,7 @@ func (p *provider) UpdateAuthenticator(ctx context.Context, authenticators *mode
 	query := fmt.Sprintf("UPDATE %s SET %s WHERE id = '%s'", KeySpace+"."+models.Collections.Authenticators, updateFields, authenticators.ID)
 	err = p.db.Query(query).Exec()
 	if err != nil {
-		return authenticators, err
+		return nil, err
 	}
 	return authenticators, nil
--- a/server/db/providers/cassandradb/env.go
+++ b/server/db/providers/cassandradb/env.go
@ -20,7 +20,7 @@ func (p *provider) AddEnv(ctx context.Context, env *models.Env) (*models.Env, er
 	insertEnvQuery := fmt.Sprintf("INSERT INTO %s (id, env, hash, created_at, updated_at) VALUES ('%s', '%s', '%s', %d, %d)", KeySpace+"."+models.Collections.Env, env.ID, env.EnvData, env.Hash, env.CreatedAt, env.UpdatedAt)
 	err := p.db.Query(insertEnvQuery).Exec()
 	if err != nil {
-		return env, err
+		return nil, err
 	}
 	return env, nil
@ -32,7 +32,7 @@ func (p *provider) UpdateEnv(ctx context.Context, env *models.Env) (*models.Env,
 	updateEnvQuery := fmt.Sprintf("UPDATE %s SET env = '%s', updated_at = %d WHERE id = '%s'", KeySpace+"."+models.Collections.Env, env.EnvData, env.UpdatedAt, env.ID)
 	err := p.db.Query(updateEnvQuery).Exec()
 	if err != nil {
-		return env, err
+		return nil, err
 	}
 	return env, nil
 }
--- a/server/db/providers/cassandradb/user.go
+++ b/server/db/providers/cassandradb/user.go
@ -26,7 +26,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 	if user.Roles == "" {
 		defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
 		if err != nil {
-			return user, err
+			return nil, err
 		}
 		user.Roles = defaultRoles
 	}
@ -46,7 +46,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 	bytes, err := json.Marshal(user)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	// use decoder instead of json.Unmarshall, because it converts int64 -> float64 after unmarshalling
@ -55,7 +55,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 	userMap := map[string]interface{}{}
 	err = decoder.Decode(&userMap)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	fields := "("
@ -84,7 +84,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 	err = p.db.Query(query).Exec()
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	return user, nil
@ -96,7 +96,7 @@ func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.U
 	bytes, err := json.Marshal(user)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	// use decoder instead of json.Unmarshall, because it converts int64 -> float64 after unmarshalling
 	decoder := json.NewDecoder(strings.NewReader(string(bytes)))
@ -104,7 +104,7 @@ func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.U
 	userMap := map[string]interface{}{}
 	err = decoder.Decode(&userMap)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	updateFields := ""
@ -135,7 +135,7 @@ func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.U
 	query := fmt.Sprintf("UPDATE %s SET %s WHERE id = '%s'", KeySpace+"."+models.Collections.User, updateFields, user.ID)
 	err = p.db.Query(query).Exec()
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	return user, nil
--- a/server/db/providers/cassandradb/verification_requests.go
+++ b/server/db/providers/cassandradb/verification_requests.go
@ -23,7 +23,7 @@ func (p *provider) AddVerificationRequest(ctx context.Context, verificationReque
 	query := fmt.Sprintf("INSERT INTO %s (id, jwt_token, identifier, expires_at, email, nonce, redirect_uri, created_at, updated_at) VALUES ('%s', '%s', '%s', %d, '%s', '%s', '%s', %d, %d)", KeySpace+"."+models.Collections.VerificationRequest, verificationRequest.ID, verificationRequest.Token, verificationRequest.Identifier, verificationRequest.ExpiresAt, verificationRequest.Email, verificationRequest.Nonce, verificationRequest.RedirectURI, verificationRequest.CreatedAt, verificationRequest.UpdatedAt)
 	err := p.db.Query(query).Exec()
 	if err != nil {
-		return verificationRequest, err
+		return nil, err
 	}
 	return verificationRequest, nil
 }
--- a/server/db/providers/couchbase/authenticator.go
+++ b/server/db/providers/couchbase/authenticator.go
@ -30,7 +30,7 @@ func (p *provider) AddAuthenticator(ctx context.Context, authenticators *models.
 	}
 	_, err := p.db.Collection(models.Collections.Authenticators).Insert(authenticators.ID, authenticators, &insertOpt)
 	if err != nil {
-		return authenticators, err
+		return nil, err
 	}
 	return authenticators, nil
 }
@ -71,11 +71,11 @@ func (p *provider) GetAuthenticatorDetailsByUserId(ctx context.Context, userId s
 		PositionalParameters: []interface{}{userId, authenticatorType},
 	})
 	if err != nil {
-		return authenticators, err
+		return nil, err
 	}
 	err = q.One(&authenticators)
 	if err != nil {
-		return authenticators, err
+		return nil, err
 	}
 	return authenticators, nil
 }
--- a/server/db/providers/couchbase/env.go
+++ b/server/db/providers/couchbase/env.go
@ -24,7 +24,7 @@ func (p *provider) AddEnv(ctx context.Context, env *models.Env) (*models.Env, er
 	}
 	_, err := p.db.Collection(models.Collections.Env).Insert(env.ID, env, &insertOpt)
 	if err != nil {
-		return env, err
+		return nil, err
 	}
 	return env, nil
 }
@ -40,7 +40,7 @@ func (p *provider) UpdateEnv(ctx context.Context, env *models.Env) (*models.Env,
 		PositionalParameters: []interface{}{env.EnvData, env.UpdatedAt, env.UpdatedAt, env.ID},
 	})
 	if err != nil {
-		return env, err
+		return nil, err
 	}
 	return env, nil
 }
@ -55,11 +55,11 @@ func (p *provider) GetEnv(ctx context.Context) (*models.Env, error) {
 		ScanConsistency: gocb.QueryScanConsistencyRequestPlus,
 	})
 	if err != nil {
-		return env, err
+		return nil, err
 	}
 	err = q.One(&env)
 	if err != nil {
-		return env, err
+		return nil, err
 	}
 	env.Hash = env.EncryptionKey
 	return env, nil
--- a/server/db/providers/couchbase/otp.go
+++ b/server/db/providers/couchbase/otp.go
@ -50,7 +50,7 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
 		}
 		_, err := p.db.Collection(models.Collections.OTP).Insert(otp.ID, otp, &insertOpt)
 		if err != nil {
-			return otp, err
+			return nil, err
 		}
 	} else {
 		query := fmt.Sprintf(`UPDATE %s.%s SET otp=$1, expires_at=$2, updated_at=$3 WHERE _id=$4`, p.scopeName, models.Collections.OTP)
@ -58,7 +58,7 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
 			PositionalParameters: []interface{}{otp.Otp, otp.ExpiresAt, otp.UpdatedAt, otp.ID},
 		})
 		if err != nil {
-			return otp, err
+			return nil, err
 		}
 	}
 	return otp, nil
--- a/server/db/providers/couchbase/provider.go
+++ b/server/db/providers/couchbase/provider.go
@ -127,7 +127,7 @@ func CreateBucketAndScope(cluster *gocb.Cluster, bucketName string, scopeName st
 	if scopeName != defaultScope {
 		err = bucket.Collections().CreateScope(scopeName, nil)
 		if err != nil && !errors.Is(err, gocb.ErrScopeExists) {
-			return bucket, err
+			return nil, err
 		}
 	}
 	return bucket, nil
--- a/server/db/providers/couchbase/shared.go
+++ b/server/db/providers/couchbase/shared.go
@ -47,7 +47,7 @@ func (p *provider) GetTotalDocs(ctx context.Context, collection string) (int64,
 	})
 	queryRes.One(&totalDocs)
 	if err != nil {
-		return totalDocs.Total, err
+		return 0, err
 	}
 	return totalDocs.Total, nil
 }
--- a/server/db/providers/couchbase/user.go
+++ b/server/db/providers/couchbase/user.go
@ -25,7 +25,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 	if user.Roles == "" {
 		defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
 		if err != nil {
-			return user, err
+			return nil, err
 		}
 		user.Roles = defaultRoles
 	}
@ -47,7 +47,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 	}
 	_, err := p.db.Collection(models.Collections.User).Insert(user.ID, user, &insertOpt)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	return user, nil
 }
@ -60,7 +60,7 @@ func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.U
 	}
 	_, err := p.db.Collection(models.Collections.User).Upsert(user.ID, user, &upsertOpt)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	return user, nil
 }
@ -122,11 +122,11 @@ func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.Us
 		PositionalParameters: []interface{}{email},
 	})
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	err = q.One(&user)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	return user, nil
 }
@ -141,11 +141,11 @@ func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, er
 		PositionalParameters: []interface{}{id},
 	})
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	err = q.One(&user)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	return user, nil
 }
@ -194,11 +194,11 @@ func (p *provider) GetUserByPhoneNumber(ctx context.Context, phoneNumber string)
 		PositionalParameters: []interface{}{phoneNumber},
 	})
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	err = q.One(&user)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	return user, nil
 }
--- a/server/db/providers/couchbase/verification_requests.go
+++ b/server/db/providers/couchbase/verification_requests.go
@ -25,7 +25,7 @@ func (p *provider) AddVerificationRequest(ctx context.Context, verificationReque
 	}
 	_, err := p.db.Collection(models.Collections.VerificationRequest).Insert(verificationRequest.ID, verificationRequest, &insertOpt)
 	if err != nil {
-		return verificationRequest, err
+		return nil, err
 	}
 	return verificationRequest, nil
 }
@ -44,12 +44,12 @@ func (p *provider) GetVerificationRequestByToken(ctx context.Context, token stri
 	})
 	if err != nil {
-		return verificationRequest, err
+		return nil, err
 	}
 	err = queryResult.One(&verificationRequest)
 	if err != nil {
-		return verificationRequest, err
+		return nil, err
 	}
 	return verificationRequest, nil
 }
@ -69,7 +69,7 @@ func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email stri
 	var verificationRequest *models.VerificationRequest
 	err = queryResult.One(&verificationRequest)
 	if err != nil {
-		return verificationRequest, err
+		return nil, err
 	}
 	return verificationRequest, nil
 }
--- a/server/db/providers/couchbase/webhook.go
+++ b/server/db/providers/couchbase/webhook.go
@ -29,7 +29,7 @@ func (p *provider) AddWebhook(ctx context.Context, webhook *models.Webhook) (*mo
 	}
 	_, err := p.db.Collection(models.Collections.Webhook).Insert(webhook.ID, webhook, &insertOpt)
 	if err != nil {
-		return webhook.AsAPIWebhook(), err
+		return nil, err
 	}
 	return webhook.AsAPIWebhook(), nil
 }
--- a/server/db/providers/couchbase/webhook_log.go
+++ b/server/db/providers/couchbase/webhook_log.go
@ -25,7 +25,7 @@ func (p *provider) AddWebhookLog(ctx context.Context, webhookLog *models.Webhook
 	}
 	_, err := p.db.Collection(models.Collections.WebhookLog).Insert(webhookLog.ID, webhookLog, &insertOpt)
 	if err != nil {
-		return webhookLog.AsAPIWebhookLog(), err
+		return nil, err
 	}
 	return webhookLog.AsAPIWebhookLog(), nil
 }
--- a/server/db/providers/dynamodb/authenticator.go
+++ b/server/db/providers/dynamodb/authenticator.go
@ -24,7 +24,7 @@ func (p *provider) AddAuthenticator(ctx context.Context, authenticators *models.
 	authenticators.UpdatedAt = time.Now().Unix()
 	err := collection.Put(authenticators).RunWithContext(ctx)
 	if err != nil {
-		return authenticators, err
+		return nil, err
 	}
 	return authenticators, nil
 }
@ -35,7 +35,7 @@ func (p *provider) UpdateAuthenticator(ctx context.Context, authenticators *mode
 		authenticators.UpdatedAt = time.Now().Unix()
 		err := UpdateByHashKey(collection, "id", authenticators.ID, authenticators)
 		if err != nil {
-			return authenticators, err
+			return nil, err
 		}
 	}
 	return authenticators, nil
@ -51,7 +51,7 @@ func (p *provider) GetAuthenticatorDetailsByUserId(ctx context.Context, userId s
 	}
 	err := iter.Err()
 	if err != nil {
-		return authenticators, err
+		return nil, err
 	}
 	return authenticators, nil
 }
--- a/server/db/providers/dynamodb/env.go
+++ b/server/db/providers/dynamodb/env.go
@ -21,7 +21,7 @@ func (p *provider) AddEnv(ctx context.Context, env *models.Env) (*models.Env, er
 	env.UpdatedAt = time.Now().Unix()
 	err := collection.Put(env).RunWithContext(ctx)
 	if err != nil {
-		return env, err
+		return nil, err
 	}
 	return env, nil
 }
@ -32,7 +32,7 @@ func (p *provider) UpdateEnv(ctx context.Context, env *models.Env) (*models.Env,
 	env.UpdatedAt = time.Now().Unix()
 	err := UpdateByHashKey(collection, "id", env.ID, env)
 	if err != nil {
-		return env, err
+		return nil, err
 	}
 	return env, nil
 }
@ -45,7 +45,7 @@ func (p *provider) GetEnv(ctx context.Context) (*models.Env, error) {
 	iter := collection.Scan().Limit(1).Iter()
 	for iter.NextWithContext(ctx, &env) {
 		if env == nil {
-			return env, errors.New("no documets found")
+			return nil, errors.New("no documets found")
 		} else {
 			return env, nil
 		}
--- a/server/db/providers/dynamodb/user.go
+++ b/server/db/providers/dynamodb/user.go
@ -26,7 +26,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 	if user.Roles == "" {
 		defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
 		if err != nil {
-			return user, err
+			return nil, err
 		}
 		user.Roles = defaultRoles
 	}
@ -43,7 +43,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 	user.UpdatedAt = time.Now().Unix()
 	err := collection.Put(user).RunWithContext(ctx)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	return user, nil
 }
@ -55,7 +55,7 @@ func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.U
 		user.UpdatedAt = time.Now().Unix()
 		err := UpdateByHashKey(collection, "id", user.ID, user)
 		if err != nil {
-			return user, err
+			return nil, err
 		}
 	}
 	return user, nil
@ -126,7 +126,7 @@ func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.Us
 		user = users[0]
 		return user, nil
 	} else {
-		return user, errors.New("no record found")
+		return nil, errors.New("no record found")
 	}
 }
@ -137,7 +137,7 @@ func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, er
 	err := collection.Get("id", id).OneWithContext(ctx, &user)
 	if err != nil {
 		if refs.StringValue(user.Email) == "" {
-			return user, errors.New("no documets found")
+			return nil, errors.New("no documets found")
 		} else {
 			return user, nil
 		}
--- a/server/db/providers/dynamodb/verification_requests.go
+++ b/server/db/providers/dynamodb/verification_requests.go
@ -19,7 +19,7 @@ func (p *provider) AddVerificationRequest(ctx context.Context, verificationReque
 		verificationRequest.UpdatedAt = time.Now().Unix()
 		err := collection.Put(verificationRequest).RunWithContext(ctx)
 		if err != nil {
-			return verificationRequest, err
+			return nil, err
 		}
 	}
 	return verificationRequest, nil
@ -35,7 +35,7 @@ func (p *provider) GetVerificationRequestByToken(ctx context.Context, token stri
 	}
 	err := iter.Err()
 	if err != nil {
-		return verificationRequest, err
+		return nil, err
 	}
 	return verificationRequest, nil
 }
@ -50,7 +50,7 @@ func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email stri
 	}
 	err := iter.Err()
 	if err != nil {
-		return verificationRequest, err
+		return nil, err
 	}
 	return verificationRequest, nil
 }
--- a/server/db/providers/dynamodb/webhook.go
+++ b/server/db/providers/dynamodb/webhook.go
@ -91,7 +91,7 @@ func (p *provider) GetWebhookByID(ctx context.Context, webhookID string) (*model
 		return nil, err
 	}
 	if webhook.ID == "" {
-		return webhook.AsAPIWebhook(), errors.New("no documets found")
+		return nil, errors.New("no documets found")
 	}
 	return webhook.AsAPIWebhook(), nil
 }
--- a/server/db/providers/mongodb/authenticator.go
+++ b/server/db/providers/mongodb/authenticator.go
@ -26,7 +26,7 @@ func (p *provider) AddAuthenticator(ctx context.Context, authenticators *models.
 	authenticatorsCollection := p.db.Collection(models.Collections.Authenticators, options.Collection())
 	_, err := authenticatorsCollection.InsertOne(ctx, authenticators)
 	if err != nil {
-		return authenticators, err
+		return nil, err
 	}
 	return authenticators, nil
 }
@ -36,7 +36,7 @@ func (p *provider) UpdateAuthenticator(ctx context.Context, authenticators *mode
 	authenticatorsCollection := p.db.Collection(models.Collections.Authenticators, options.Collection())
 	_, err := authenticatorsCollection.UpdateOne(ctx, bson.M{"_id": bson.M{"$eq": authenticators.ID}}, bson.M{"$set": authenticators})
 	if err != nil {
-		return authenticators, err
+		return nil, err
 	}
 	return authenticators, nil
 }
@ -46,7 +46,7 @@ func (p *provider) GetAuthenticatorDetailsByUserId(ctx context.Context, userId s
 	authenticatorsCollection := p.db.Collection(models.Collections.Authenticators, options.Collection())
 	err := authenticatorsCollection.FindOne(ctx, bson.M{"user_id": userId, "method": authenticatorType}).Decode(&authenticators)
 	if err != nil {
-		return authenticators, err
+		return nil, err
 	}
 	return authenticators, nil
 }
--- a/server/db/providers/mongodb/env.go
+++ b/server/db/providers/mongodb/env.go
@ -22,7 +22,7 @@ func (p *provider) AddEnv(ctx context.Context, env *models.Env) (*models.Env, er
 	configCollection := p.db.Collection(models.Collections.Env, options.Collection())
 	_, err := configCollection.InsertOne(ctx, env)
 	if err != nil {
-		return env, err
+		return nil, err
 	}
 	return env, nil
 }
@ -33,7 +33,7 @@ func (p *provider) UpdateEnv(ctx context.Context, env *models.Env) (*models.Env,
 	configCollection := p.db.Collection(models.Collections.Env, options.Collection())
 	_, err := configCollection.UpdateOne(ctx, bson.M{"_id": bson.M{"$eq": env.ID}}, bson.M{"$set": env}, options.MergeUpdateOptions())
 	if err != nil {
-		return env, err
+		return nil, err
 	}
 	return env, nil
 }
@ -44,13 +44,13 @@ func (p *provider) GetEnv(ctx context.Context) (*models.Env, error) {
 	configCollection := p.db.Collection(models.Collections.Env, options.Collection())
 	cursor, err := configCollection.Find(ctx, bson.M{}, options.Find())
 	if err != nil {
-		return env, err
+		return nil, err
 	}
 	defer cursor.Close(ctx)
 	for cursor.Next(nil) {
 		err := cursor.Decode(&env)
 		if err != nil {
-			return env, err
+			return nil, err
 		}
 	}
 	if env == nil {
--- a/server/db/providers/mongodb/user.go
+++ b/server/db/providers/mongodb/user.go
@ -26,7 +26,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 	if user.Roles == "" {
 		defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
 		if err != nil {
-			return user, err
+			return nil, err
 		}
 		user.Roles = defaultRoles
 	}
@ -45,7 +45,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
 	_, err := userCollection.InsertOne(ctx, user)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	return user, nil
 }
@ -56,7 +56,7 @@ func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.U
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
 	_, err := userCollection.UpdateOne(ctx, bson.M{"_id": bson.M{"$eq": user.ID}}, bson.M{"$set": user}, options.MergeUpdateOptions())
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	return user, nil
 }
@ -115,7 +115,7 @@ func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.Us
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
 	err := userCollection.FindOne(ctx, bson.M{"email": email}).Decode(&user)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	return user, nil
 }
@ -126,7 +126,7 @@ func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, er
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
 	err := userCollection.FindOne(ctx, bson.M{"_id": id}).Decode(&user)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
 	return user, nil
 }
--- a/server/db/providers/mongodb/verification_requests.go
+++ b/server/db/providers/mongodb/verification_requests.go
@ -22,7 +22,7 @@ func (p *provider) AddVerificationRequest(ctx context.Context, verificationReque
 		verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection())
 		_, err := verificationRequestCollection.InsertOne(ctx, verificationRequest)
 		if err != nil {
-			return verificationRequest, err
+			return nil, err
 		}
 	}
@ -36,7 +36,7 @@ func (p *provider) GetVerificationRequestByToken(ctx context.Context, token stri
 	verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection())
 	err := verificationRequestCollection.FindOne(ctx, bson.M{"token": token}).Decode(&verificationRequest)
 	if err != nil {
-		return verificationRequest, err
+		return nil, err
 	}
 	return verificationRequest, nil
@ -49,7 +49,7 @@ func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email stri
 	verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection())
 	err := verificationRequestCollection.FindOne(ctx, bson.M{"email": email, "identifier": identifier}).Decode(&verificationRequest)
 	if err != nil {
-		return verificationRequest, err
+		return nil, err
 	}
 	return verificationRequest, nil
--- a/server/db/providers/provider_template/user.go
+++ b/server/db/providers/provider_template/user.go
@ -22,7 +22,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 	if user.Roles == "" {
 		defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
 		if err != nil {
-			return user, err
+			return nil, err
 		}
 		user.Roles = defaultRoles
 	}
--- a/server/db/providers/sql/user.go
+++ b/server/db/providers/sql/user.go
@ -24,7 +24,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 	if user.Roles == "" {
 		defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
 		if err != nil {
-			return user, err
+			return nil, err
 		}
 		user.Roles = defaultRoles
 	}
@ -112,7 +112,7 @@ func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.Us
 	var user *models.User
 	result := p.db.Where("email = ?", email).First(&user)
 	if result.Error != nil {
-		return user, result.Error
+		return nil, result.Error
 	}
 	return user, nil
 }
@ -122,7 +122,7 @@ func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, er
 	var user *models.User
 	result := p.db.Where("id = ?", id).First(&user)
 	if result.Error != nil {
-		return user, result.Error
+		return nil, result.Error
 	}
 	return user, nil
 }
--- a/server/email/email_verification.go
+++ b/server/email/email_verification.go
@ -53,13 +53,13 @@ const (
                                                                                <table width="100%%" cellspacing="0" cellpadding="0">
                                                                                    <tbody>
                                                                                        <tr>
-                                                                                            <td class="esd-block-image es-m-txt-c es-p5b" style="font-size:0;padding:10px" align="center"><a target="_blank" clicktracking="off"><img src="{{.org_logo}}" alt="icon" style="display: block;" title="icon" width="30"></a></td>
+                                                                                            <td class="esd-block-image es-m-txt-c es-p5b" style="font-size:0;padding:10px" align="center"><a target="_blank" clicktracking="off"><img src="{{.organization.logo}}" alt="icon" style="display: block;" title="icon" width="30"></a></td>
                                                                                        </tr>
                                                                                        <tr style="background: rgb(249,250,251);padding: 10px;margin-bottom:10px;border-radius:5px;">
                                                                                            <td class="esd-block-text es-m-txt-c es-p15t" align="center" style="padding:10px;padding-bottom:30px;">
                                                                                                <p>Hey there 👋</p>
-                                                                                                <p>We have received request to verify email for <b>{{.org_name}}</b>. If this is correct, please confirm your email address by clicking the button below.</p> <br/>
+                                                                                                <p>We have received request to verify email for <b>{{.organization.name}}</b>. If this is correct, please confirm your email address by clicking the button below.</p> <br/>
                                                                                                <a 
                                                                                                clicktracking="off" href="{{.verification_url}}" class="es-button" target="_blank" style="text-decoration: none;padding:10px 15px;background-color: rgba(59,130,246,1);color: #fff;font-size: 1em;border-radius:5px;">Confirm Email</a>
                                                                                            </td>
--- a/server/graph/generated/generated.go
+++ b/server/graph/generated/generated.go
@ -103,6 +103,7 @@ type ComplexityRoot struct {
 		DisableLoginPage                 func(childComplexity int) int
 		DisableMagicLinkLogin            func(childComplexity int) int
 		DisableMailOtpLogin              func(childComplexity int) int
 		DisableMobileBasicAuthentication func(childComplexity int) int
 		DisableMultiFactorAuthentication func(childComplexity int) int
 		DisablePlayground                func(childComplexity int) int
 		DisableRedisForEnv               func(childComplexity int) int
@ -753,6 +754,13 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in
 		return e.complexity.Env.DisableMailOtpLogin(childComplexity), true
 	case "Env.DISABLE_MOBILE_BASIC_AUTHENTICATION":
 		if e.complexity.Env.DisableMobileBasicAuthentication == nil {
 			break
 		}
 		return e.complexity.Env.DisableMobileBasicAuthentication(childComplexity), true
 	case "Env.DISABLE_MULTI_FACTOR_AUTHENTICATION":
 		if e.complexity.Env.DisableMultiFactorAuthentication == nil {
 			break
@ -2543,6 +2551,7 @@ type Env {
  RESET_PASSWORD_URL: String
  DISABLE_EMAIL_VERIFICATION: Boolean!
  DISABLE_BASIC_AUTHENTICATION: Boolean!
  DISABLE_MOBILE_BASIC_AUTHENTICATION: Boolean!
  DISABLE_MAGIC_LINK_LOGIN: Boolean!
  DISABLE_LOGIN_PAGE: Boolean!
  DISABLE_SIGN_UP: Boolean!
@ -2674,6 +2683,7 @@ input UpdateEnvInput {
  ADMIN_COOKIE_SECURE: Boolean
  DISABLE_EMAIL_VERIFICATION: Boolean
  DISABLE_BASIC_AUTHENTICATION: Boolean
  DISABLE_MOBILE_BASIC_AUTHENTICATION: Boolean
  DISABLE_MAGIC_LINK_LOGIN: Boolean
  DISABLE_LOGIN_PAGE: Boolean
  DISABLE_SIGN_UP: Boolean
@ -5850,6 +5860,50 @@ func (ec *executionContext) fieldContext_Env_DISABLE_BASIC_AUTHENTICATION(ctx co
 	return fc, nil
 }
 func (ec *executionContext) _Env_DISABLE_MOBILE_BASIC_AUTHENTICATION(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
 	fc, err := ec.fieldContext_Env_DISABLE_MOBILE_BASIC_AUTHENTICATION(ctx, field)
 	if err != nil {
 		return graphql.Null
 	}
 	ctx = graphql.WithFieldContext(ctx, fc)
 	defer func() {
 		if r := recover(); r != nil {
 			ec.Error(ctx, ec.Recover(ctx, r))
 			ret = graphql.Null
 		}
 	}()
 	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
 		ctx = rctx // use context from middleware stack in children
 		return obj.DisableMobileBasicAuthentication, nil
 	})
 	if err != nil {
 		ec.Error(ctx, err)
 		return graphql.Null
 	}
 	if resTmp == nil {
 		if !graphql.HasFieldError(ctx, fc) {
 			ec.Errorf(ctx, "must not be null")
 		}
 		return graphql.Null
 	}
 	res := resTmp.(bool)
 	fc.Result = res
 	return ec.marshalNBoolean2bool(ctx, field.Selections, res)
 }
 func (ec *executionContext) fieldContext_Env_DISABLE_MOBILE_BASIC_AUTHENTICATION(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) {
 	fc = &graphql.FieldContext{
 		Object:     "Env",
 		Field:      field,
 		IsMethod:   false,
 		IsResolver: false,
 		Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) {
 			return nil, errors.New("field of type Boolean does not have child fields")
 		},
 	}
 	return fc, nil
 }
 func (ec *executionContext) _Env_DISABLE_MAGIC_LINK_LOGIN(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
 	fc, err := ec.fieldContext_Env_DISABLE_MAGIC_LINK_LOGIN(ctx, field)
 	if err != nil {
@ -11695,6 +11749,8 @@ func (ec *executionContext) fieldContext_Query__env(ctx context.Context, field g
 				return ec.fieldContext_Env_DISABLE_EMAIL_VERIFICATION(ctx, field)
 			case "DISABLE_BASIC_AUTHENTICATION":
 				return ec.fieldContext_Env_DISABLE_BASIC_AUTHENTICATION(ctx, field)
 			case "DISABLE_MOBILE_BASIC_AUTHENTICATION":
 				return ec.fieldContext_Env_DISABLE_MOBILE_BASIC_AUTHENTICATION(ctx, field)
 			case "DISABLE_MAGIC_LINK_LOGIN":
 				return ec.fieldContext_Env_DISABLE_MAGIC_LINK_LOGIN(ctx, field)
 			case "DISABLE_LOGIN_PAGE":
@ -18289,7 +18345,7 @@ func (ec *executionContext) unmarshalInputUpdateEnvInput(ctx context.Context, ob
 		asMap[k] = v
 	}
-	fieldsInOrder := [...]string{"ACCESS_TOKEN_EXPIRY_TIME", "ADMIN_SECRET", "CUSTOM_ACCESS_TOKEN_SCRIPT", "OLD_ADMIN_SECRET", "SMTP_HOST", "SMTP_PORT", "SMTP_USERNAME", "SMTP_PASSWORD", "SMTP_LOCAL_NAME", "SENDER_EMAIL", "SENDER_NAME", "JWT_TYPE", "JWT_SECRET", "JWT_PRIVATE_KEY", "JWT_PUBLIC_KEY", "ALLOWED_ORIGINS", "APP_URL", "RESET_PASSWORD_URL", "APP_COOKIE_SECURE", "ADMIN_COOKIE_SECURE", "DISABLE_EMAIL_VERIFICATION", "DISABLE_BASIC_AUTHENTICATION", "DISABLE_MAGIC_LINK_LOGIN", "DISABLE_LOGIN_PAGE", "DISABLE_SIGN_UP", "DISABLE_REDIS_FOR_ENV", "DISABLE_STRONG_PASSWORD", "DISABLE_MULTI_FACTOR_AUTHENTICATION", "ENFORCE_MULTI_FACTOR_AUTHENTICATION", "ROLES", "PROTECTED_ROLES", "DEFAULT_ROLES", "JWT_ROLE_CLAIM", "GOOGLE_CLIENT_ID", "GOOGLE_CLIENT_SECRET", "GITHUB_CLIENT_ID", "GITHUB_CLIENT_SECRET", "FACEBOOK_CLIENT_ID", "FACEBOOK_CLIENT_SECRET", "LINKEDIN_CLIENT_ID", "LINKEDIN_CLIENT_SECRET", "APPLE_CLIENT_ID", "APPLE_CLIENT_SECRET", "DISCORD_CLIENT_ID", "DISCORD_CLIENT_SECRET", "TWITTER_CLIENT_ID", "TWITTER_CLIENT_SECRET", "MICROSOFT_CLIENT_ID", "MICROSOFT_CLIENT_SECRET", "MICROSOFT_ACTIVE_DIRECTORY_TENANT_ID", "TWITCH_CLIENT_ID", "TWITCH_CLIENT_SECRET", "ORGANIZATION_NAME", "ORGANIZATION_LOGO", "DEFAULT_AUTHORIZE_RESPONSE_TYPE", "DEFAULT_AUTHORIZE_RESPONSE_MODE", "DISABLE_PLAYGROUND", "DISABLE_MAIL_OTP_LOGIN", "DISABLE_TOTP_LOGIN"}
+	fieldsInOrder := [...]string{"ACCESS_TOKEN_EXPIRY_TIME", "ADMIN_SECRET", "CUSTOM_ACCESS_TOKEN_SCRIPT", "OLD_ADMIN_SECRET", "SMTP_HOST", "SMTP_PORT", "SMTP_USERNAME", "SMTP_PASSWORD", "SMTP_LOCAL_NAME", "SENDER_EMAIL", "SENDER_NAME", "JWT_TYPE", "JWT_SECRET", "JWT_PRIVATE_KEY", "JWT_PUBLIC_KEY", "ALLOWED_ORIGINS", "APP_URL", "RESET_PASSWORD_URL", "APP_COOKIE_SECURE", "ADMIN_COOKIE_SECURE", "DISABLE_EMAIL_VERIFICATION", "DISABLE_BASIC_AUTHENTICATION", "DISABLE_MOBILE_BASIC_AUTHENTICATION", "DISABLE_MAGIC_LINK_LOGIN", "DISABLE_LOGIN_PAGE", "DISABLE_SIGN_UP", "DISABLE_REDIS_FOR_ENV", "DISABLE_STRONG_PASSWORD", "DISABLE_MULTI_FACTOR_AUTHENTICATION", "ENFORCE_MULTI_FACTOR_AUTHENTICATION", "ROLES", "PROTECTED_ROLES", "DEFAULT_ROLES", "JWT_ROLE_CLAIM", "GOOGLE_CLIENT_ID", "GOOGLE_CLIENT_SECRET", "GITHUB_CLIENT_ID", "GITHUB_CLIENT_SECRET", "FACEBOOK_CLIENT_ID", "FACEBOOK_CLIENT_SECRET", "LINKEDIN_CLIENT_ID", "LINKEDIN_CLIENT_SECRET", "APPLE_CLIENT_ID", "APPLE_CLIENT_SECRET", "DISCORD_CLIENT_ID", "DISCORD_CLIENT_SECRET", "TWITTER_CLIENT_ID", "TWITTER_CLIENT_SECRET", "MICROSOFT_CLIENT_ID", "MICROSOFT_CLIENT_SECRET", "MICROSOFT_ACTIVE_DIRECTORY_TENANT_ID", "TWITCH_CLIENT_ID", "TWITCH_CLIENT_SECRET", "ORGANIZATION_NAME", "ORGANIZATION_LOGO", "DEFAULT_AUTHORIZE_RESPONSE_TYPE", "DEFAULT_AUTHORIZE_RESPONSE_MODE", "DISABLE_PLAYGROUND", "DISABLE_MAIL_OTP_LOGIN", "DISABLE_TOTP_LOGIN"}
 	for _, k := range fieldsInOrder {
 		v, ok := asMap[k]
 		if !ok {
@ -18494,6 +18550,15 @@ func (ec *executionContext) unmarshalInputUpdateEnvInput(ctx context.Context, ob
 				return it, err
 			}
 			it.DisableBasicAuthentication = data
 		case "DISABLE_MOBILE_BASIC_AUTHENTICATION":
 			var err error
 			ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("DISABLE_MOBILE_BASIC_AUTHENTICATION"))
 			data, err := ec.unmarshalOBoolean2ᚖbool(ctx, v)
 			if err != nil {
 				return it, err
 			}
 			it.DisableMobileBasicAuthentication = data
 		case "DISABLE_MAGIC_LINK_LOGIN":
 			var err error
@ -19682,6 +19747,11 @@ func (ec *executionContext) _Env(ctx context.Context, sel ast.SelectionSet, obj
 			if out.Values[i] == graphql.Null {
 				out.Invalids++
 			}
 		case "DISABLE_MOBILE_BASIC_AUTHENTICATION":
 			out.Values[i] = ec._Env_DISABLE_MOBILE_BASIC_AUTHENTICATION(ctx, field, obj)
 			if out.Values[i] == graphql.Null {
 				out.Invalids++
 			}
 		case "DISABLE_MAGIC_LINK_LOGIN":
 			out.Values[i] = ec._Env_DISABLE_MAGIC_LINK_LOGIN(ctx, field, obj)
 			if out.Values[i] == graphql.Null {
--- a/server/graph/model/models_gen.go
+++ b/server/graph/model/models_gen.go
@ -93,6 +93,7 @@ type Env struct {
 	ResetPasswordURL                 *string  `json:"RESET_PASSWORD_URL,omitempty"`
 	DisableEmailVerification         bool     `json:"DISABLE_EMAIL_VERIFICATION"`
 	DisableBasicAuthentication       bool     `json:"DISABLE_BASIC_AUTHENTICATION"`
 	DisableMobileBasicAuthentication bool     `json:"DISABLE_MOBILE_BASIC_AUTHENTICATION"`
 	DisableMagicLinkLogin            bool     `json:"DISABLE_MAGIC_LINK_LOGIN"`
 	DisableLoginPage                 bool     `json:"DISABLE_LOGIN_PAGE"`
 	DisableSignUp                    bool     `json:"DISABLE_SIGN_UP"`
@ -373,6 +374,7 @@ type UpdateEnvInput struct {
 	AdminCookieSecure                *bool    `json:"ADMIN_COOKIE_SECURE,omitempty"`
 	DisableEmailVerification         *bool    `json:"DISABLE_EMAIL_VERIFICATION,omitempty"`
 	DisableBasicAuthentication       *bool    `json:"DISABLE_BASIC_AUTHENTICATION,omitempty"`
 	DisableMobileBasicAuthentication *bool    `json:"DISABLE_MOBILE_BASIC_AUTHENTICATION,omitempty"`
 	DisableMagicLinkLogin            *bool    `json:"DISABLE_MAGIC_LINK_LOGIN,omitempty"`
 	DisableLoginPage                 *bool    `json:"DISABLE_LOGIN_PAGE,omitempty"`
 	DisableSignUp                    *bool    `json:"DISABLE_SIGN_UP,omitempty"`
--- a/server/graph/schema.graphqls
+++ b/server/graph/schema.graphqls
@ -158,6 +158,7 @@ type Env {
  RESET_PASSWORD_URL: String
  DISABLE_EMAIL_VERIFICATION: Boolean!
  DISABLE_BASIC_AUTHENTICATION: Boolean!
  DISABLE_MOBILE_BASIC_AUTHENTICATION: Boolean!
  DISABLE_MAGIC_LINK_LOGIN: Boolean!
  DISABLE_LOGIN_PAGE: Boolean!
  DISABLE_SIGN_UP: Boolean!
@ -289,6 +290,7 @@ input UpdateEnvInput {
  ADMIN_COOKIE_SECURE: Boolean
  DISABLE_EMAIL_VERIFICATION: Boolean
  DISABLE_BASIC_AUTHENTICATION: Boolean
  DISABLE_MOBILE_BASIC_AUTHENTICATION: Boolean
  DISABLE_MAGIC_LINK_LOGIN: Boolean
  DISABLE_LOGIN_PAGE: Boolean
  DISABLE_SIGN_UP: Boolean
--- a/server/handlers/oauth_callback.go
+++ b/server/handlers/oauth_callback.go
@ -617,7 +617,7 @@ func processAppleUserInfo(ctx context.Context, code string) (*models.User, error
 		}
 	}
-	return user, err
+	return nil, err
 }
 func processDiscordUserInfo(ctx context.Context, code string) (*models.User, error) {
--- a/server/handlers/revoke_refresh_token.go
+++ b/server/handlers/revoke_refresh_token.go
@ -24,9 +24,13 @@ func RevokeRefreshTokenHandler() gin.HandlerFunc {
 			})
 			return
 		}
 		// get client ID
 		clientID := strings.TrimSpace(reqBody["client_id"]) // kept for backward compatibility // else we expect to be present as header
 		if clientID == "" {
 			clientID = gc.Request.Header.Get("x-authorizer-client-id")
 		}
 		// get fingerprint hash
 		refreshToken := strings.TrimSpace(reqBody["refresh_token"])
 		clientID := strings.TrimSpace(reqBody["client_id"])
 		if clientID == "" {
 			log.Debug("Client ID is empty")
--- a/server/middlewares/client_check.go
+++ b/server/middlewares/client_check.go
@ -0,0 +1,29 @@
 package middlewares
 import (
 	"net/http"
 	"github.com/gin-gonic/gin"
 	log "github.com/sirupsen/logrus"
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/memorystore"
 )
 // ClientCheckMiddleware is a middleware to verify the client ID
 // Note: client ID is passed in the header
 func ClientCheckMiddleware() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		clientID := c.Request.Header.Get("X-Authorizer-Client-ID")
 		if client, _ := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyClientID); clientID != "" && client != "" && client != clientID {
 			log.Debug("Client ID is invalid: ", clientID)
 			c.JSON(http.StatusBadRequest, gin.H{
 				"error":             "invalid_client_id",
 				"error_description": "The client id is invalid",
 			})
 			return
 		}
 		c.Next()
 	}
 }
--- a/server/middlewares/cors.go
+++ b/server/middlewares/cors.go
@ -14,7 +14,7 @@ func CORSMiddleware() gin.HandlerFunc {
 		}
 		c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
-		c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With,  X-authorizer-url")
+		c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With,  X-authorizer-url, X-Forwarded-Proto, X-authorizer-client-id")
 		c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT")
 		if c.Request.Method == "OPTIONS" {
--- a/server/resolvers/env.go
+++ b/server/resolvers/env.go
@ -205,6 +205,7 @@ func EnvResolver(ctx context.Context) (*model.Env, error) {
 	// bool vars
 	res.DisableEmailVerification = store[constants.EnvKeyDisableEmailVerification].(bool)
 	res.DisableBasicAuthentication = store[constants.EnvKeyDisableBasicAuthentication].(bool)
 	res.DisableMobileBasicAuthentication = store[constants.EnvKeyDisableMobileBasicAuthentication].(bool)
 	res.DisableMagicLinkLogin = store[constants.EnvKeyDisableMagicLinkLogin].(bool)
 	res.DisableLoginPage = store[constants.EnvKeyDisableLoginPage].(bool)
 	res.DisableSignUp = store[constants.EnvKeyDisableSignUp].(bool)
--- a/server/routes/routes.go
+++ b/server/routes/routes.go
@ -16,6 +16,7 @@ func InitRouter(log *logrus.Logger) *gin.Engine {
 	router.Use(middlewares.Logger(log), gin.Recovery())
 	router.Use(middlewares.GinContextToContextMiddleware())
 	router.Use(middlewares.CORSMiddleware())
 	router.Use(middlewares.ClientCheckMiddleware())
 	router.GET("/", handlers.RootHandler())
 	router.GET("/health", handlers.HealthHandler())
--- a/server/test/login_test.go
+++ b/server/test/login_test.go
@ -28,9 +28,11 @@ func loginTests(t *testing.T, s TestSetup) {
 			Email:    refs.NewStringRef(email),
 			Password: s.TestInfo.Password,
 		})
-
+		// access token should be empty as email is not verified
-		assert.NotNil(t, err, "should fail because email is not verified")
+		assert.NoError(t, err)
-		assert.Nil(t, res)
+		assert.NotNil(t, res)
 		assert.Nil(t, res.AccessToken)
 		assert.NotEmpty(t, res.Message)
 		verificationRequest, err := db.Provider.GetVerificationRequestByEmail(ctx, email, constants.VerificationTypeBasicAuthSignup)
 		assert.NoError(t, err)
 		assert.NotNil(t, verificationRequest)
--- a/server/test/mobile_login_test.go
+++ b/server/test/mobile_login_test.go
@ -33,8 +33,12 @@ func mobileLoginTests(t *testing.T, s TestSetup) {
 			PhoneNumber: refs.NewStringRef(phoneNumber),
 			Password:    s.TestInfo.Password,
 		})
-		assert.NotNil(t, err, "should fail because phone is not verified")
+		// access token should be empty as email is not verified
-		assert.Nil(t, res)
+		assert.NoError(t, err)
 		assert.NotNil(t, res)
 		assert.Nil(t, res.AccessToken)
 		assert.NotEmpty(t, res.Message)
 		assert.True(t, *res.ShouldShowMobileOtpScreen)
 		smsRequest, err := db.Provider.GetOTPByPhoneNumber(ctx, phoneNumber)
 		assert.NoError(t, err)
 		assert.NotEmpty(t, smsRequest.Otp)
--- a/server/test/resend_otp_test.go
+++ b/server/test/resend_otp_test.go
@ -35,8 +35,11 @@ func resendOTPTest(t *testing.T, s TestSetup) {
 			Email:    refs.NewStringRef(email),
 			Password: s.TestInfo.Password,
 		})
-		assert.Error(t, err)
+		// access token should be empty as email is not verified
-		assert.Nil(t, loginRes)
+		assert.NoError(t, err)
 		assert.NotNil(t, loginRes)
 		assert.Nil(t, loginRes.AccessToken)
 		assert.NotEmpty(t, loginRes.Message)
 		verificationRequest, err := db.Provider.GetVerificationRequestByEmail(ctx, email, constants.VerificationTypeBasicAuthSignup)
 		assert.Nil(t, err)
 		assert.Equal(t, email, verificationRequest.Email)
@ -57,13 +60,6 @@ func resendOTPTest(t *testing.T, s TestSetup) {
 		memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDisableMailOTPLogin, false)
 		memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDisableTOTPLogin, true)
 		// Resend otp should return error as no initial opt is being sent
 		resendOtpRes, err := resolvers.ResendOTPResolver(ctx, model.ResendOTPRequest{
 			Email: refs.NewStringRef(email),
 		})
 		assert.Error(t, err)
 		assert.Nil(t, resendOtpRes)
 		// Login should not return error but access token should be empty as otp should have been sent
 		loginRes, err = resolvers.LoginResolver(ctx, model.LoginInput{
 			Email:    refs.NewStringRef(email),
@ -79,7 +75,7 @@ func resendOTPTest(t *testing.T, s TestSetup) {
 		assert.NotEmpty(t, otp.Otp)
 		// resend otp
-		resendOtpRes, err = resolvers.ResendOTPResolver(ctx, model.ResendOTPRequest{
+		resendOtpRes, err := resolvers.ResendOTPResolver(ctx, model.ResendOTPRequest{
 			Email: refs.NewStringRef(email),
 		})
 		assert.NoError(t, err)
--- a/server/test/totp_login_test.go
+++ b/server/test/totp_login_test.go
@ -42,8 +42,11 @@ func totpLoginTest(t *testing.T, s TestSetup) {
 			Email:    &email,
 			Password: s.TestInfo.Password,
 		})
-		assert.Error(t, err)
+		// access token should be empty as email is not verified
-		assert.Nil(t, loginRes)
+		assert.NoError(t, err)
 		assert.NotNil(t, loginRes)
 		assert.Nil(t, loginRes.AccessToken)
 		assert.NotEmpty(t, loginRes.Message)
 		verificationRequest, err := db.Provider.GetVerificationRequestByEmail(ctx, email, constants.VerificationTypeBasicAuthSignup)
 		assert.Nil(t, err)
 		assert.Equal(t, email, verificationRequest.Email)
--- a/server/test/verify_otp_test.go
+++ b/server/test/verify_otp_test.go
@ -47,8 +47,10 @@ func verifyOTPTest(t *testing.T, s TestSetup) {
 				Email:    refs.NewStringRef(email),
 				Password: s.TestInfo.Password,
 			})
-			assert.NotNil(t, err, "email is not verified")
+			assert.NoError(t, err)
-			assert.Nil(t, loginRes)
+			assert.NotNil(t, loginRes)
 			assert.Nil(t, loginRes.AccessToken)
 			assert.NotEmpty(t, loginRes.Message)
 			// Verify the email
 			verificationRequest, err := db.Provider.GetVerificationRequestByEmail(ctx, email, constants.VerificationTypeBasicAuthSignup)