diff --git a/server/graph/generated/generated.go b/server/graph/generated/generated.go index 9852c8c..21f0e59 100644 --- a/server/graph/generated/generated.go +++ b/server/graph/generated/generated.go @@ -2560,6 +2560,7 @@ input AdminSignupInput { admin_secret: String! } +# Deprecated with v1.2.0 input MobileSignUpInput { email: String given_name: String @@ -2584,7 +2585,7 @@ input MobileSignUpInput { } input SignUpInput { - email: String! + email: String given_name: String family_name: String middle_name: String @@ -2607,7 +2608,8 @@ input SignUpInput { } input LoginInput { - email: String! + email: String + phone_number: String password: String! roles: [String!] scope: [String!] @@ -2617,6 +2619,7 @@ input LoginInput { state: String } +# Deprecated with v1.2.0 input MobileLoginInput { phone_number: String! password: String! @@ -2828,8 +2831,10 @@ input GetUserRequest { type Mutation { signup(params: SignUpInput!): AuthResponse! + # Deprecated with v1.2.0 mobile_signup(params: MobileSignUpInput): AuthResponse! login(params: LoginInput!): AuthResponse! + # Deprecated with v1.2.0 mobile_login(params: MobileLoginInput!): AuthResponse! magic_link_login(params: MagicLinkLoginInput!): Response! logout: Response! @@ -16364,7 +16369,7 @@ func (ec *executionContext) unmarshalInputLoginInput(ctx context.Context, obj in asMap[k] = v } - fieldsInOrder := [...]string{"email", "password", "roles", "scope", "state"} + fieldsInOrder := [...]string{"email", "phone_number", "password", "roles", "scope", "state"} for _, k := range fieldsInOrder { v, ok := asMap[k] if !ok { @@ -16375,11 +16380,20 @@ func (ec *executionContext) unmarshalInputLoginInput(ctx context.Context, obj in var err error ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("email")) - data, err := ec.unmarshalNString2string(ctx, v) + data, err := ec.unmarshalOString2ᚖstring(ctx, v) if err != nil { return it, err } it.Email = data + case "phone_number": + var err error + + ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("phone_number")) + data, err := ec.unmarshalOString2ᚖstring(ctx, v) + if err != nil { + return it, err + } + it.PhoneNumber = data case "password": var err error @@ -17018,7 +17032,7 @@ func (ec *executionContext) unmarshalInputSignUpInput(ctx context.Context, obj i var err error ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("email")) - data, err := ec.unmarshalNString2string(ctx, v) + data, err := ec.unmarshalOString2ᚖstring(ctx, v) if err != nil { return it, err } diff --git a/server/graph/model/models_gen.go b/server/graph/model/models_gen.go index e96bfa1..0e1a6c1 100644 --- a/server/graph/model/models_gen.go +++ b/server/graph/model/models_gen.go @@ -166,11 +166,12 @@ type ListWebhookLogRequest struct { } type LoginInput struct { - Email string `json:"email"` - Password string `json:"password"` - Roles []string `json:"roles,omitempty"` - Scope []string `json:"scope,omitempty"` - State *string `json:"state,omitempty"` + Email *string `json:"email,omitempty"` + PhoneNumber *string `json:"phone_number,omitempty"` + Password string `json:"password"` + Roles []string `json:"roles,omitempty"` + Scope []string `json:"scope,omitempty"` + State *string `json:"state,omitempty"` } type MagicLinkLoginInput struct { @@ -284,7 +285,7 @@ type SessionQueryInput struct { } type SignUpInput struct { - Email string `json:"email"` + Email *string `json:"email,omitempty"` GivenName *string `json:"given_name,omitempty"` FamilyName *string `json:"family_name,omitempty"` MiddleName *string `json:"middle_name,omitempty"` diff --git a/server/graph/schema.graphqls b/server/graph/schema.graphqls index b9c9600..82c5588 100644 --- a/server/graph/schema.graphqls +++ b/server/graph/schema.graphqls @@ -306,6 +306,7 @@ input AdminSignupInput { admin_secret: String! } +# Deprecated with v1.2.0 input MobileSignUpInput { email: String given_name: String @@ -330,7 +331,7 @@ input MobileSignUpInput { } input SignUpInput { - email: String! + email: String given_name: String family_name: String middle_name: String @@ -353,7 +354,8 @@ input SignUpInput { } input LoginInput { - email: String! + email: String + phone_number: String password: String! roles: [String!] scope: [String!] @@ -363,6 +365,7 @@ input LoginInput { state: String } +# Deprecated with v1.2.0 input MobileLoginInput { phone_number: String! password: String! @@ -574,8 +577,10 @@ input GetUserRequest { type Mutation { signup(params: SignUpInput!): AuthResponse! + # Deprecated with v1.2.0 mobile_signup(params: MobileSignUpInput): AuthResponse! login(params: LoginInput!): AuthResponse! + # Deprecated with v1.2.0 mobile_login(params: MobileLoginInput!): AuthResponse! magic_link_login(params: MagicLinkLoginInput!): Response! logout: Response! diff --git a/server/resolvers/login.go b/server/resolvers/login.go index 6b16c3e..db54345 100644 --- a/server/resolvers/login.go +++ b/server/resolvers/login.go @@ -14,16 +14,18 @@ import ( "github.com/authorizerdev/authorizer/server/cookie" "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/db/models" - "github.com/authorizerdev/authorizer/server/email" + mailService "github.com/authorizerdev/authorizer/server/email" "github.com/authorizerdev/authorizer/server/graph/model" "github.com/authorizerdev/authorizer/server/memorystore" "github.com/authorizerdev/authorizer/server/refs" + "github.com/authorizerdev/authorizer/server/smsproviders" "github.com/authorizerdev/authorizer/server/token" "github.com/authorizerdev/authorizer/server/utils" "github.com/authorizerdev/authorizer/server/validators" ) // LoginResolver is a resolver for login mutation +// User can login with email or phone number, but not both func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthResponse, error) { var res *model.AuthResponse @@ -39,43 +41,72 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes isBasicAuthDisabled = true } + isMobileBasicAuthDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableMobileBasicAuthentication) + if err != nil { + log.Debug("Error getting mobile basic auth disabled: ", err) + isMobileBasicAuthDisabled = true + } + + email := refs.StringValue(params.Email) + phoneNumber := refs.StringValue(params.PhoneNumber) + if email == "" && phoneNumber == "" { + log.Debug("Email or phone number is required") + return res, fmt.Errorf(`email or phone number is required`) + } + log := log.WithFields(log.Fields{ + "email": refs.StringValue(params.Email), + "phone_number": refs.StringValue(params.PhoneNumber), + }) + isEmailLogin := email != "" + isMobileLogin := phoneNumber != "" if isBasicAuthDisabled { log.Debug("Basic authentication is disabled.") return res, fmt.Errorf(`basic authentication is disabled for this instance`) } - - log := log.WithFields(log.Fields{ - "email": params.Email, - }) - params.Email = strings.ToLower(params.Email) - user, err := db.Provider.GetUserByEmail(ctx, params.Email) + if isMobileBasicAuthDisabled && isMobileLogin { + log.Debug("Mobile basic authentication is disabled.") + return res, fmt.Errorf(`mobile basic authentication is disabled for this instance`) + } + var user *models.User + if isEmailLogin { + user, err = db.Provider.GetUserByEmail(ctx, email) + } else { + user, err = db.Provider.GetUserByPhoneNumber(ctx, phoneNumber) + } if err != nil { - log.Debug("Failed to get user by email: ", err) + log.Debug("Failed to get user: ", err) return res, fmt.Errorf(`bad user credentials`) } - if user.RevokedTimestamp != nil { log.Debug("User access is revoked") return res, fmt.Errorf(`user access has been revoked`) } + if isEmailLogin { + if !strings.Contains(user.SignupMethods, constants.AuthRecipeMethodBasicAuth) { + log.Debug("User signup method is not basic auth") + return res, fmt.Errorf(`user has not signed up email & password`) + } - if !strings.Contains(user.SignupMethods, constants.AuthRecipeMethodBasicAuth) { - log.Debug("User signup method is not basic auth") - return res, fmt.Errorf(`user has not signed up email & password`) + if user.EmailVerifiedAt == nil { + log.Debug("User email is not verified") + return res, fmt.Errorf(`email not verified`) + } + } else { + if !strings.Contains(user.SignupMethods, constants.AuthRecipeMethodMobileBasicAuth) { + log.Debug("User signup method is not mobile basic auth") + return res, fmt.Errorf(`user has not signed up with phone number & password`) + } + + if user.PhoneNumberVerifiedAt == nil { + log.Debug("User phone number is not verified") + return res, fmt.Errorf(`phone number is not verified`) + } } - - if user.EmailVerifiedAt == nil { - log.Debug("User email is not verified") - return res, fmt.Errorf(`email not verified`) - } - err = bcrypt.CompareHashAndPassword([]byte(*user.Password), []byte(params.Password)) - if err != nil { log.Debug("Failed to compare password: ", err) return res, fmt.Errorf(`bad user credentials`) } - defaultRolesString, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles) roles := []string{} if err != nil { @@ -84,34 +115,33 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes } else { roles = strings.Split(defaultRolesString, ",") } - currentRoles := strings.Split(user.Roles, ",") if len(params.Roles) > 0 { if !validators.IsValidRoles(params.Roles, currentRoles) { log.Debug("Invalid roles: ", params.Roles) return res, fmt.Errorf(`invalid roles`) } - roles = params.Roles } - scope := []string{"openid", "email", "profile"} if params.Scope != nil && len(scope) > 0 { scope = params.Scope } - isEmailServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsEmailServiceEnabled) if err != nil || !isEmailServiceEnabled { log.Debug("Email service not enabled: ", err) } + isSMSServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsSMSServiceEnabled) + if err != nil || !isSMSServiceEnabled { + log.Debug("SMS service not enabled: ", err) + } isMFADisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableMultiFactorAuthentication) if err != nil || !isMFADisabled { log.Debug("MFA service not enabled: ", err) } - // If email service is not enabled continue the process in any way - if refs.BoolValue(user.IsMultiFactorAuthEnabled) && isEmailServiceEnabled && !isMFADisabled { + if refs.BoolValue(user.IsMultiFactorAuthEnabled) && !isMFADisabled { otp := utils.GenerateOTP() expires := time.Now().Add(1 * time.Minute).Unix() otpData, err := db.Provider.UpsertOTP(ctx, &models.OTP{ @@ -131,22 +161,33 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes return nil, err } cookie.SetMfaSession(gc, mfaSession) - - go func() { - // exec it as go routine so that we can reduce the api latency - go email.SendEmail([]string{params.Email}, constants.VerificationTypeOTP, map[string]interface{}{ - "user": user.ToMap(), - "organization": utils.GetOrganization(), - "otp": otpData.Otp, - }) - if err != nil { - log.Debug("Failed to send otp email: ", err) - } - }() - + if isEmailServiceEnabled && isEmailLogin { + go func() { + // exec it as go routine so that we can reduce the api latency + if err := mailService.SendEmail([]string{email}, constants.VerificationTypeOTP, map[string]interface{}{ + "user": user.ToMap(), + "organization": utils.GetOrganization(), + "otp": otpData.Otp, + }); err != nil { + log.Debug("Failed to send otp email: ", err) + } + utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodBasicAuth, user) + }() + } else if isSMSServiceEnabled && isMobileLogin { + smsBody := strings.Builder{} + smsBody.WriteString("Your verification code is: ") + smsBody.WriteString(otpData.Otp) + go func() { + utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodMobileBasicAuth, user) + if err := smsproviders.SendSMS(phoneNumber, smsBody.String()); err != nil { + log.Debug("Failed to send sms: ", err) + } + }() + } return &model.AuthResponse{ - Message: "Please check the OTP in your inbox", - ShouldShowEmailOtpScreen: refs.NewBoolRef(true), + Message: "Please check the OTP in", + ShouldShowEmailOtpScreen: refs.NewBoolRef(isEmailLogin), + ShouldShowMobileOtpScreen: refs.NewBoolRef(isMobileLogin), }, nil } @@ -210,7 +251,13 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes } go func() { - utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodBasicAuth, user) + // Register event + if isEmailLogin { + utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodBasicAuth, user) + } else { + utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodMobileBasicAuth, user) + } + // Record session db.Provider.AddSession(ctx, &models.Session{ UserID: user.ID, UserAgent: utils.GetUserAgent(gc.Request), diff --git a/server/resolvers/signup.go b/server/resolvers/signup.go index c8632ac..f39d6a7 100644 --- a/server/resolvers/signup.go +++ b/server/resolvers/signup.go @@ -16,11 +16,12 @@ import ( "github.com/authorizerdev/authorizer/server/crypto" "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/db/models" - "github.com/authorizerdev/authorizer/server/email" + emailService "github.com/authorizerdev/authorizer/server/email" "github.com/authorizerdev/authorizer/server/graph/model" "github.com/authorizerdev/authorizer/server/memorystore" "github.com/authorizerdev/authorizer/server/parsers" "github.com/authorizerdev/authorizer/server/refs" + "github.com/authorizerdev/authorizer/server/smsproviders" "github.com/authorizerdev/authorizer/server/token" "github.com/authorizerdev/authorizer/server/utils" "github.com/authorizerdev/authorizer/server/validators" @@ -51,46 +52,77 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR log.Debug("Error getting basic auth disabled: ", err) isBasicAuthDisabled = true } - - if isBasicAuthDisabled { - log.Debug("Basic authentication is disabled") - return res, fmt.Errorf(`basic authentication is disabled for this instance`) + isMobileBasicAuthDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableMobileBasicAuthentication) + if err != nil { + log.Debug("Error getting mobile basic auth disabled: ", err) + isMobileBasicAuthDisabled = true } - if params.ConfirmPassword != params.Password { log.Debug("Passwords do not match") return res, fmt.Errorf(`password and confirm password does not match`) } - if err := validators.IsValidPassword(params.Password); err != nil { log.Debug("Invalid password") return res, err } - - params.Email = strings.ToLower(params.Email) - - if !validators.IsValidEmail(params.Email) { + email := strings.TrimSpace(refs.StringValue(params.Email)) + phoneNumber := strings.TrimSpace(refs.StringValue(params.PhoneNumber)) + if email == "" && phoneNumber == "" { + log.Debug("Email or phone number is required") + return res, fmt.Errorf(`email or phone number is required`) + } + isEmailSignup := email != "" + isMobileSignup := phoneNumber != "" + if isBasicAuthDisabled { + log.Debug("Basic authentication is disabled") + return res, fmt.Errorf(`basic authentication is disabled for this instance`) + } + if isMobileBasicAuthDisabled && isMobileSignup { + log.Debug("Mobile basic authentication is disabled") + return res, fmt.Errorf(`mobile basic authentication is disabled for this instance`) + } + if isEmailSignup && !validators.IsValidEmail(email) { log.Debug("Invalid email: ", params.Email) return res, fmt.Errorf(`invalid email address`) } - - log := log.WithFields(log.Fields{ - "email": params.Email, - }) - // find user with email - existingUser, err := db.Provider.GetUserByEmail(ctx, params.Email) - if err != nil { - log.Debug("Failed to get user by email: ", err) + if isMobileSignup && (phoneNumber == "" || len(phoneNumber) < 10) { + log.Debug("Invalid phone number: ", phoneNumber) + return res, fmt.Errorf(`invalid phone number`) } - - if existingUser != nil { - if existingUser.EmailVerifiedAt != nil { - // email is verified - log.Debug("Email is already verified and signed up.") - return res, fmt.Errorf(`%s has already signed up`, params.Email) - } else if existingUser.ID != "" && existingUser.EmailVerifiedAt == nil { - log.Debug("Email is already signed up. Verification pending...") - return res, fmt.Errorf("%s has already signed up. please complete the email verification process or reset the password", params.Email) + log := log.WithFields(log.Fields{ + "email": email, + "phone_number": phoneNumber, + }) + // find user with email / phone number + if isEmailSignup { + existingUser, err := db.Provider.GetUserByEmail(ctx, email) + if err != nil { + log.Debug("Failed to get user by email: ", err) + } + if existingUser != nil { + if existingUser.EmailVerifiedAt != nil { + // email is verified + log.Debug("Email is already verified and signed up.") + return res, fmt.Errorf(`%s has already signed up`, email) + } else if existingUser.ID != "" && existingUser.EmailVerifiedAt == nil { + log.Debug("Email is already signed up. Verification pending...") + return res, fmt.Errorf("%s has already signed up. please complete the email verification process or reset the password", email) + } + } + } else { + existingUser, err := db.Provider.GetUserByPhoneNumber(ctx, phoneNumber) + if err != nil { + log.Debug("Failed to get user by phone number: ", err) + } + if existingUser != nil { + if existingUser.PhoneNumberVerifiedAt != nil { + // email is verified + log.Debug("Phone number is already verified and signed up.") + return res, fmt.Errorf(`%s has already signed up`, phoneNumber) + } else if existingUser.ID != "" && existingUser.PhoneNumberVerifiedAt == nil { + log.Debug("Phone number is already signed up. Verification pending...") + return res, fmt.Errorf("%s has already signed up. please complete the phone number verification process or reset the password", phoneNumber) + } } } @@ -120,13 +152,14 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR inputRoles = strings.Split(inputRolesString, ",") } } - user := &models.User{ - Email: params.Email, - } + user := &models.User{} user.Roles = strings.Join(inputRoles, ",") password, _ := crypto.EncryptPassword(params.Password) user.Password = &password - + if email != "" { + user.SignupMethods = constants.AuthRecipeMethodBasicAuth + user.Email = email + } if params.GivenName != nil { user.GivenName = params.GivenName } @@ -151,8 +184,9 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR user.Birthdate = params.Birthdate } - if params.PhoneNumber != nil { - user.PhoneNumber = params.PhoneNumber + if phoneNumber != "" { + user.SignupMethods = constants.AuthRecipeMethodMobileBasicAuth + user.PhoneNumber = refs.NewStringRef(phoneNumber) } if params.Picture != nil { @@ -183,8 +217,6 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR appDataString = string(appDataBytes) user.AppData = &appDataString } - - user.SignupMethods = constants.AuthRecipeMethodBasicAuth isEmailVerificationDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableEmailVerification) if err != nil { log.Debug("Error getting email verification disabled: ", err) @@ -194,6 +226,15 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR now := time.Now().Unix() user.EmailVerifiedAt = &now } + disablePhoneVerification, _ := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisablePhoneVerification) + if disablePhoneVerification { + now := time.Now().Unix() + user.PhoneNumberVerifiedAt = &now + } + isSMSServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsSMSServiceEnabled) + if err != nil || !isSMSServiceEnabled { + log.Debug("SMS service not enabled: ", err) + } user, err = db.Provider.AddUser(ctx, user) if err != nil { log.Debug("Failed to add user: ", err) @@ -201,9 +242,8 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR } roles := strings.Split(user.Roles, ",") userToReturn := user.AsAPIUser() - hostname := parsers.GetHost(gc) - if !isEmailVerificationDisabled { + if !isEmailVerificationDisabled && isEmailSignup { // insert verification request _, nonceHash, err := utils.GenerateNonce() if err != nil { @@ -215,7 +255,7 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR if params.RedirectURI != nil { redirectURL = *params.RedirectURI } - verificationToken, err := token.CreateVerificationToken(params.Email, verificationType, hostname, nonceHash, redirectURL) + verificationToken, err := token.CreateVerificationToken(email, verificationType, hostname, nonceHash, redirectURL) if err != nil { log.Debug("Failed to create verification token: ", err) return res, err @@ -224,7 +264,7 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR Token: verificationToken, Identifier: verificationType, ExpiresAt: time.Now().Add(time.Minute * 30).Unix(), - Email: params.Email, + Email: email, Nonce: nonceHash, RedirectURI: redirectURL, }) @@ -232,11 +272,10 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR log.Debug("Failed to add verification request: ", err) return res, err } - // exec it as go routine so that we can reduce the api latency go func() { // exec it as go routine so that we can reduce the api latency - email.SendEmail([]string{params.Email}, constants.VerificationTypeBasicAuthSignup, map[string]interface{}{ + emailService.SendEmail([]string{email}, constants.VerificationTypeBasicAuthSignup, map[string]interface{}{ "user": user.ToMap(), "organization": utils.GetOrganization(), "verification_url": utils.GetEmailVerificationURL(verificationToken, hostname, redirectURL), @@ -244,86 +283,120 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR utils.RegisterEvent(ctx, constants.UserCreatedWebhookEvent, constants.AuthRecipeMethodBasicAuth, user) }() - res = &model.AuthResponse{ + return &model.AuthResponse{ Message: `Verification email has been sent. Please check your inbox`, User: userToReturn, - } - } else { - scope := []string{"openid", "email", "profile"} - if params.Scope != nil && len(scope) > 0 { - scope = params.Scope - } + }, nil + } else if !disablePhoneVerification && isSMSServiceEnabled && isMobileSignup { + duration, _ := time.ParseDuration("10m") + smsCode := utils.GenerateOTP() - code := "" - codeChallenge := "" - nonce := "" - if params.State != nil { - // Get state from store - authorizeState, _ := memorystore.Provider.GetState(refs.StringValue(params.State)) - if authorizeState != "" { - authorizeStateSplit := strings.Split(authorizeState, "@@") - if len(authorizeStateSplit) > 1 { - code = authorizeStateSplit[0] - codeChallenge = authorizeStateSplit[1] - } else { - nonce = authorizeState - } - go memorystore.Provider.RemoveState(refs.StringValue(params.State)) - } - } + smsBody := strings.Builder{} + smsBody.WriteString("Your verification code is: ") + smsBody.WriteString(smsCode) - if nonce == "" { - nonce = uuid.New().String() - } - - authToken, err := token.CreateAuthToken(gc, user, roles, scope, constants.AuthRecipeMethodBasicAuth, nonce, code) + // TODO: For those who enabled the webhook to call their sms vendor separately - sending the otp to their api if err != nil { - log.Debug("Failed to create auth token: ", err) + log.Debug("error while upserting user: ", err.Error()) + return nil, err + } + _, err = db.Provider.UpsertOTP(ctx, &models.OTP{ + PhoneNumber: phoneNumber, + Otp: smsCode, + ExpiresAt: time.Now().Add(duration).Unix(), + }) + if err != nil { + log.Debug("error while upserting OTP: ", err.Error()) + return nil, err + } + go func() { + smsproviders.SendSMS(phoneNumber, smsBody.String()) + utils.RegisterEvent(ctx, constants.UserCreatedWebhookEvent, constants.AuthRecipeMethodMobileBasicAuth, user) + }() + return &model.AuthResponse{ + Message: "Please check the OTP in your inbox", + ShouldShowMobileOtpScreen: refs.NewBoolRef(true), + }, nil + } + scope := []string{"openid", "email", "profile"} + if params.Scope != nil && len(scope) > 0 { + scope = params.Scope + } + + code := "" + codeChallenge := "" + nonce := "" + if params.State != nil { + // Get state from store + authorizeState, _ := memorystore.Provider.GetState(refs.StringValue(params.State)) + if authorizeState != "" { + authorizeStateSplit := strings.Split(authorizeState, "@@") + if len(authorizeStateSplit) > 1 { + code = authorizeStateSplit[0] + codeChallenge = authorizeStateSplit[1] + } else { + nonce = authorizeState + } + go memorystore.Provider.RemoveState(refs.StringValue(params.State)) + } + } + + if nonce == "" { + nonce = uuid.New().String() + } + + authToken, err := token.CreateAuthToken(gc, user, roles, scope, constants.AuthRecipeMethodBasicAuth, nonce, code) + if err != nil { + log.Debug("Failed to create auth token: ", err) + return res, err + } + + // Code challenge could be optional if PKCE flow is not used + if code != "" { + if err := memorystore.Provider.SetState(code, codeChallenge+"@@"+authToken.FingerPrintHash); err != nil { + log.Debug("SetState failed: ", err) return res, err } - - // Code challenge could be optional if PKCE flow is not used - if code != "" { - if err := memorystore.Provider.SetState(code, codeChallenge+"@@"+authToken.FingerPrintHash); err != nil { - log.Debug("SetState failed: ", err) - return res, err - } - } - - expiresIn := authToken.AccessToken.ExpiresAt - time.Now().Unix() - if expiresIn <= 0 { - expiresIn = 1 - } - - res = &model.AuthResponse{ - Message: `Signed up successfully.`, - AccessToken: &authToken.AccessToken.Token, - ExpiresIn: &expiresIn, - User: userToReturn, - } - - sessionKey := constants.AuthRecipeMethodBasicAuth + ":" + user.ID - cookie.SetSession(gc, authToken.FingerPrintHash) - memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeSessionToken+"_"+authToken.FingerPrint, authToken.FingerPrintHash, authToken.SessionTokenExpiresAt) - memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeAccessToken+"_"+authToken.FingerPrint, authToken.AccessToken.Token, authToken.AccessToken.ExpiresAt) - - if authToken.RefreshToken != nil { - res.RefreshToken = &authToken.RefreshToken.Token - memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeRefreshToken+"_"+authToken.FingerPrint, authToken.RefreshToken.Token, authToken.RefreshToken.ExpiresAt) - } - - go func() { - utils.RegisterEvent(ctx, constants.UserCreatedWebhookEvent, constants.AuthRecipeMethodBasicAuth, user) - utils.RegisterEvent(ctx, constants.UserSignUpWebhookEvent, constants.AuthRecipeMethodBasicAuth, user) - // User is also logged in with signup - utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodBasicAuth, user) - db.Provider.AddSession(ctx, &models.Session{ - UserID: user.ID, - UserAgent: utils.GetUserAgent(gc.Request), - IP: utils.GetIP(gc.Request), - }) - }() } + expiresIn := authToken.AccessToken.ExpiresAt - time.Now().Unix() + if expiresIn <= 0 { + expiresIn = 1 + } + + res = &model.AuthResponse{ + Message: `Signed up successfully.`, + AccessToken: &authToken.AccessToken.Token, + ExpiresIn: &expiresIn, + User: userToReturn, + } + + sessionKey := constants.AuthRecipeMethodBasicAuth + ":" + user.ID + cookie.SetSession(gc, authToken.FingerPrintHash) + memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeSessionToken+"_"+authToken.FingerPrint, authToken.FingerPrintHash, authToken.SessionTokenExpiresAt) + memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeAccessToken+"_"+authToken.FingerPrint, authToken.AccessToken.Token, authToken.AccessToken.ExpiresAt) + + if authToken.RefreshToken != nil { + res.RefreshToken = &authToken.RefreshToken.Token + memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeRefreshToken+"_"+authToken.FingerPrint, authToken.RefreshToken.Token, authToken.RefreshToken.ExpiresAt) + } + + go func() { + utils.RegisterEvent(ctx, constants.UserCreatedWebhookEvent, constants.AuthRecipeMethodBasicAuth, user) + if isEmailSignup { + utils.RegisterEvent(ctx, constants.UserSignUpWebhookEvent, constants.AuthRecipeMethodBasicAuth, user) + utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodBasicAuth, user) + } else { + utils.RegisterEvent(ctx, constants.UserSignUpWebhookEvent, constants.AuthRecipeMethodMobileBasicAuth, user) + utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodMobileBasicAuth, user) + } + + db.Provider.AddSession(ctx, &models.Session{ + UserID: user.ID, + UserAgent: utils.GetUserAgent(gc.Request), + IP: utils.GetIP(gc.Request), + }) + }() + return res, nil } diff --git a/server/test/deactivate_account_test.go b/server/test/deactivate_account_test.go index eba8e49..665c5cc 100644 --- a/server/test/deactivate_account_test.go +++ b/server/test/deactivate_account_test.go @@ -7,6 +7,7 @@ import ( "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/graph/model" + "github.com/authorizerdev/authorizer/server/refs" "github.com/authorizerdev/authorizer/server/resolvers" "github.com/stretchr/testify/assert" ) @@ -18,7 +19,7 @@ func deactivateAccountTests(t *testing.T, s TestSetup) { email := "deactiavte_account." + s.TestInfo.Email resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) diff --git a/server/test/delete_user_test.go b/server/test/delete_user_test.go index 2e11cf2..94957f0 100644 --- a/server/test/delete_user_test.go +++ b/server/test/delete_user_test.go @@ -8,6 +8,7 @@ import ( "github.com/authorizerdev/authorizer/server/crypto" "github.com/authorizerdev/authorizer/server/graph/model" "github.com/authorizerdev/authorizer/server/memorystore" + "github.com/authorizerdev/authorizer/server/refs" "github.com/authorizerdev/authorizer/server/resolvers" "github.com/stretchr/testify/assert" ) @@ -18,7 +19,7 @@ func deleteUserTest(t *testing.T, s TestSetup) { req, ctx := createContext(s) email := "delete_user." + s.TestInfo.Email resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) diff --git a/server/test/forgot_password_test.go b/server/test/forgot_password_test.go index fd8a3bd..2e4e3ac 100644 --- a/server/test/forgot_password_test.go +++ b/server/test/forgot_password_test.go @@ -6,6 +6,7 @@ import ( "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/graph/model" + "github.com/authorizerdev/authorizer/server/refs" "github.com/authorizerdev/authorizer/server/resolvers" "github.com/stretchr/testify/assert" ) @@ -16,7 +17,7 @@ func forgotPasswordTest(t *testing.T, s TestSetup) { _, ctx := createContext(s) email := "forgot_password." + s.TestInfo.Email res, err := resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) diff --git a/server/test/login_test.go b/server/test/login_test.go index 3599efc..6855b94 100644 --- a/server/test/login_test.go +++ b/server/test/login_test.go @@ -6,6 +6,7 @@ import ( "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/graph/model" + "github.com/authorizerdev/authorizer/server/refs" "github.com/authorizerdev/authorizer/server/resolvers" "github.com/authorizerdev/authorizer/server/utils" "github.com/stretchr/testify/assert" @@ -17,14 +18,14 @@ func loginTests(t *testing.T, s TestSetup) { _, ctx := createContext(s) email := "login." + s.TestInfo.Email signUpRes, err := resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) assert.NoError(t, err) assert.NotNil(t, signUpRes) res, err := resolvers.LoginResolver(ctx, model.LoginInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, }) @@ -43,20 +44,20 @@ func loginTests(t *testing.T, s TestSetup) { assert.NoError(t, err) assert.NotNil(t, res) _, err = resolvers.LoginResolver(ctx, model.LoginInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, Roles: []string{"test"}, }) assert.NotNil(t, err, "invalid roles") _, err = resolvers.LoginResolver(ctx, model.LoginInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password + "s", }) assert.NotNil(t, err, "invalid password") loginRes, err := resolvers.LoginResolver(ctx, model.LoginInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, }) diff --git a/server/test/mobile_login_test.go b/server/test/mobile_login_test.go index 6f0823c..d1ca182 100644 --- a/server/test/mobile_login_test.go +++ b/server/test/mobile_login_test.go @@ -20,33 +20,17 @@ func mobileLoginTests(t *testing.T, s TestSetup) { t.Helper() t.Run(`should login via mobile`, func(t *testing.T) { _, ctx := createContext(s) - email := "mobile_login." + s.TestInfo.Email phoneNumber := "2234567890" - signUpRes, err := resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{ - Email: refs.NewStringRef(email), - PhoneNumber: phoneNumber, + signUpRes, err := resolvers.SignupResolver(ctx, model.SignUpInput{ + PhoneNumber: refs.NewStringRef(phoneNumber), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) assert.NoError(t, err) assert.NotNil(t, signUpRes) - res, err := resolvers.MobileLoginResolver(ctx, model.MobileLoginInput{ - PhoneNumber: phoneNumber, - Password: "random_test", - }) - assert.Error(t, err) - assert.Nil(t, res) - - // Should fail for email login - res, err = resolvers.LoginResolver(ctx, model.LoginInput{ - Email: email, - Password: s.TestInfo.Password, - }) - assert.Error(t, err) - assert.Nil(t, res) // should fail because phone is not verified - res, err = resolvers.MobileLoginResolver(ctx, model.MobileLoginInput{ - PhoneNumber: phoneNumber, + res, err := resolvers.LoginResolver(ctx, model.LoginInput{ + PhoneNumber: refs.NewStringRef(phoneNumber), Password: s.TestInfo.Password, }) assert.NotNil(t, err, "should fail because phone is not verified") @@ -73,6 +57,5 @@ func mobileLoginTests(t *testing.T, s TestSetup) { assert.NotEqual(t, verifySMSRequest.Message, "", "message should not be empty") assert.NotEmpty(t, verifySMSRequest.AccessToken) assert.NotEmpty(t, verifySMSRequest.IDToken) - cleanData(email) }) } diff --git a/server/test/mobile_signup_test.go b/server/test/mobile_signup_test.go index e0982e1..949895b 100644 --- a/server/test/mobile_signup_test.go +++ b/server/test/mobile_signup_test.go @@ -20,25 +20,23 @@ func mobileSingupTest(t *testing.T, s TestSetup) { t.Helper() t.Run(`should complete the signup with mobile and check duplicates`, func(t *testing.T) { _, ctx := createContext(s) - email := "mobile_basic_auth_signup." + s.TestInfo.Email - res, err := resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{ - Email: refs.NewStringRef(email), + phoneNumber := "1234567890" + res, err := resolvers.SignupResolver(ctx, model.SignUpInput{ + PhoneNumber: refs.NewStringRef(phoneNumber), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password + "s", }) assert.NotNil(t, err, "invalid password") assert.Nil(t, res) - - res, err = resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{ - Email: refs.NewStringRef(email), + res, err = resolvers.SignupResolver(ctx, model.SignUpInput{ Password: "test", ConfirmPassword: "test", }) - assert.Error(t, err) + assert.Error(t, err, "phone number or email should be provided") assert.Nil(t, res) memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDisableSignUp, true) - res, err = resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{ - Email: refs.NewStringRef(email), + res, err = resolvers.SignupResolver(ctx, model.SignUpInput{ + PhoneNumber: refs.NewStringRef(phoneNumber), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) @@ -46,8 +44,8 @@ func mobileSingupTest(t *testing.T, s TestSetup) { assert.Nil(t, res) memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDisableSignUp, false) memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDisableMobileBasicAuthentication, true) - res, err = resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{ - Email: refs.NewStringRef(email), + res, err = resolvers.SignupResolver(ctx, model.SignUpInput{ + PhoneNumber: refs.NewStringRef(phoneNumber), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) @@ -55,24 +53,24 @@ func mobileSingupTest(t *testing.T, s TestSetup) { assert.Nil(t, res) memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDisableMobileBasicAuthentication, false) - res, err = resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{ - PhoneNumber: " ", + res, err = resolvers.SignupResolver(ctx, model.SignUpInput{ + PhoneNumber: refs.NewStringRef(" "), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) assert.Error(t, err) assert.Nil(t, res) - res, err = resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{ - PhoneNumber: "test", + res, err = resolvers.SignupResolver(ctx, model.SignUpInput{ + PhoneNumber: refs.NewStringRef("test"), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) assert.Error(t, err) assert.Nil(t, res) - phoneNumber := "1234567890" - res, err = resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{ - PhoneNumber: phoneNumber, + + res, err = resolvers.SignupResolver(ctx, model.SignUpInput{ + PhoneNumber: refs.NewStringRef(phoneNumber), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) @@ -95,20 +93,18 @@ func mobileSingupTest(t *testing.T, s TestSetup) { req, ctx := createContext(s) req.Header.Set("Cookie", cookie) otpRes, err := resolvers.VerifyOtpResolver(ctx, model.VerifyOTPRequest{ - PhoneNumber: &phoneNumber, + PhoneNumber: refs.NewStringRef(phoneNumber), Otp: otp.Otp, }) assert.Nil(t, err) assert.NotEmpty(t, otpRes.Message) - res, err = resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{ - PhoneNumber: "1234567890", + res, err = resolvers.SignupResolver(ctx, model.SignUpInput{ + PhoneNumber: refs.NewStringRef(phoneNumber), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) assert.Error(t, err) assert.Nil(t, res) - - cleanData(email) cleanData("1234567890@authorizer.dev") }) } diff --git a/server/test/profile_test.go b/server/test/profile_test.go index 81fc6b7..7386fac 100644 --- a/server/test/profile_test.go +++ b/server/test/profile_test.go @@ -7,6 +7,7 @@ import ( "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/graph/model" + "github.com/authorizerdev/authorizer/server/refs" "github.com/authorizerdev/authorizer/server/resolvers" "github.com/stretchr/testify/assert" ) @@ -18,7 +19,7 @@ func profileTests(t *testing.T, s TestSetup) { email := "profile." + s.TestInfo.Email resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) diff --git a/server/test/resend_otp_test.go b/server/test/resend_otp_test.go index 3f1e738..152d143 100644 --- a/server/test/resend_otp_test.go +++ b/server/test/resend_otp_test.go @@ -23,7 +23,7 @@ func resendOTPTest(t *testing.T, s TestSetup) { req, ctx := createContext(s) email := "resend_otp." + s.TestInfo.Email res, err := resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) @@ -32,7 +32,7 @@ func resendOTPTest(t *testing.T, s TestSetup) { // Login should fail as email is not verified loginRes, err := resolvers.LoginResolver(ctx, model.LoginInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, }) assert.Error(t, err) @@ -63,7 +63,7 @@ func resendOTPTest(t *testing.T, s TestSetup) { // Login should not return error but access token should be empty as otp should have been sent loginRes, err = resolvers.LoginResolver(ctx, model.LoginInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, }) assert.NoError(t, err) diff --git a/server/test/resend_verify_email_test.go b/server/test/resend_verify_email_test.go index 4119762..028d89a 100644 --- a/server/test/resend_verify_email_test.go +++ b/server/test/resend_verify_email_test.go @@ -5,6 +5,7 @@ import ( "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/graph/model" + "github.com/authorizerdev/authorizer/server/refs" "github.com/authorizerdev/authorizer/server/resolvers" "github.com/stretchr/testify/assert" ) @@ -15,7 +16,7 @@ func resendVerifyEmailTests(t *testing.T, s TestSetup) { _, ctx := createContext(s) email := "resend_verify_email." + s.TestInfo.Email _, err := resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) diff --git a/server/test/reset_password_test.go b/server/test/reset_password_test.go index 8b0aa6f..0950810 100644 --- a/server/test/reset_password_test.go +++ b/server/test/reset_password_test.go @@ -6,6 +6,7 @@ import ( "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/graph/model" + "github.com/authorizerdev/authorizer/server/refs" "github.com/authorizerdev/authorizer/server/resolvers" "github.com/stretchr/testify/assert" ) @@ -16,7 +17,7 @@ func resetPasswordTest(t *testing.T, s TestSetup) { email := "reset_password." + s.TestInfo.Email _, ctx := createContext(s) _, err := resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) diff --git a/server/test/session_test.go b/server/test/session_test.go index 273904b..e80633c 100644 --- a/server/test/session_test.go +++ b/server/test/session_test.go @@ -9,6 +9,7 @@ import ( "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/graph/model" "github.com/authorizerdev/authorizer/server/memorystore" + "github.com/authorizerdev/authorizer/server/refs" "github.com/authorizerdev/authorizer/server/resolvers" "github.com/authorizerdev/authorizer/server/token" "github.com/stretchr/testify/assert" @@ -21,7 +22,7 @@ func sessionTests(t *testing.T, s TestSetup) { email := "session." + s.TestInfo.Email resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) diff --git a/server/test/signup_test.go b/server/test/signup_test.go index 491a2ee..628b775 100644 --- a/server/test/signup_test.go +++ b/server/test/signup_test.go @@ -7,6 +7,7 @@ import ( "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/graph/model" "github.com/authorizerdev/authorizer/server/memorystore" + "github.com/authorizerdev/authorizer/server/refs" "github.com/authorizerdev/authorizer/server/resolvers" "github.com/stretchr/testify/assert" ) @@ -17,14 +18,14 @@ func signupTests(t *testing.T, s TestSetup) { _, ctx := createContext(s) email := "signup." + s.TestInfo.Email res, err := resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password + "s", }) assert.NotNil(t, err, "invalid password") assert.Nil(t, res) res, err = resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: "test", ConfirmPassword: "test", }) @@ -32,7 +33,7 @@ func signupTests(t *testing.T, s TestSetup) { assert.Nil(t, res) memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDisableSignUp, true) res, err = resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) @@ -40,7 +41,7 @@ func signupTests(t *testing.T, s TestSetup) { assert.Nil(t, res) memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDisableSignUp, false) res, err = resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, AppData: map[string]interface{}{ @@ -53,7 +54,7 @@ func signupTests(t *testing.T, s TestSetup) { assert.Equal(t, "test", user.AppData["test"]) assert.Nil(t, res.AccessToken, "access token should be nil") res, err = resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) diff --git a/server/test/update_profile_test.go b/server/test/update_profile_test.go index 70f974a..12a0ab5 100644 --- a/server/test/update_profile_test.go +++ b/server/test/update_profile_test.go @@ -7,6 +7,7 @@ import ( "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/graph/model" + "github.com/authorizerdev/authorizer/server/refs" "github.com/authorizerdev/authorizer/server/resolvers" "github.com/stretchr/testify/assert" ) @@ -18,7 +19,7 @@ func updateProfileTests(t *testing.T, s TestSetup) { email := "update_profile." + s.TestInfo.Email resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) diff --git a/server/test/update_user_test.go b/server/test/update_user_test.go index 68b1647..eab1731 100644 --- a/server/test/update_user_test.go +++ b/server/test/update_user_test.go @@ -8,6 +8,7 @@ import ( "github.com/authorizerdev/authorizer/server/crypto" "github.com/authorizerdev/authorizer/server/graph/model" "github.com/authorizerdev/authorizer/server/memorystore" + "github.com/authorizerdev/authorizer/server/refs" "github.com/authorizerdev/authorizer/server/resolvers" "github.com/stretchr/testify/assert" ) @@ -18,7 +19,7 @@ func updateUserTest(t *testing.T, s TestSetup) { req, ctx := createContext(s) email := "update_user." + s.TestInfo.Email signupRes, _ := resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) diff --git a/server/test/user_test.go b/server/test/user_test.go index 0529d29..e8f12c4 100644 --- a/server/test/user_test.go +++ b/server/test/user_test.go @@ -19,7 +19,7 @@ func userTest(t *testing.T, s TestSetup) { req, ctx := createContext(s) email := "user." + s.TestInfo.Email res, err := resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) diff --git a/server/test/users_test.go b/server/test/users_test.go index 26d7a61..22551ec 100644 --- a/server/test/users_test.go +++ b/server/test/users_test.go @@ -8,6 +8,7 @@ import ( "github.com/authorizerdev/authorizer/server/crypto" "github.com/authorizerdev/authorizer/server/graph/model" "github.com/authorizerdev/authorizer/server/memorystore" + "github.com/authorizerdev/authorizer/server/refs" "github.com/authorizerdev/authorizer/server/resolvers" "github.com/stretchr/testify/assert" ) @@ -18,7 +19,7 @@ func usersTest(t *testing.T, s TestSetup) { req, ctx := createContext(s) email := "users." + s.TestInfo.Email resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) diff --git a/server/test/validate_session_test.go b/server/test/validate_session_test.go index b9573cb..9e2cbd5 100644 --- a/server/test/validate_session_test.go +++ b/server/test/validate_session_test.go @@ -9,6 +9,7 @@ import ( "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/graph/model" "github.com/authorizerdev/authorizer/server/memorystore" + "github.com/authorizerdev/authorizer/server/refs" "github.com/authorizerdev/authorizer/server/resolvers" "github.com/authorizerdev/authorizer/server/token" "github.com/stretchr/testify/assert" @@ -22,7 +23,7 @@ func validateSessionTests(t *testing.T, s TestSetup) { email := "validate_session." + s.TestInfo.Email resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) diff --git a/server/test/verification_requests_test.go b/server/test/verification_requests_test.go index e5d5d73..93b4643 100644 --- a/server/test/verification_requests_test.go +++ b/server/test/verification_requests_test.go @@ -8,6 +8,7 @@ import ( "github.com/authorizerdev/authorizer/server/crypto" "github.com/authorizerdev/authorizer/server/graph/model" "github.com/authorizerdev/authorizer/server/memorystore" + "github.com/authorizerdev/authorizer/server/refs" "github.com/authorizerdev/authorizer/server/resolvers" "github.com/stretchr/testify/assert" ) @@ -19,7 +20,7 @@ func verificationRequestsTest(t *testing.T, s TestSetup) { req, ctx := createContext(s) email := "verification_requests." + s.TestInfo.Email res, err := resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) diff --git a/server/test/verify_email_test.go b/server/test/verify_email_test.go index 2a07656..5cb0246 100644 --- a/server/test/verify_email_test.go +++ b/server/test/verify_email_test.go @@ -6,6 +6,7 @@ import ( "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/graph/model" + "github.com/authorizerdev/authorizer/server/refs" "github.com/authorizerdev/authorizer/server/resolvers" "github.com/stretchr/testify/assert" ) @@ -16,7 +17,7 @@ func verifyEmailTest(t *testing.T, s TestSetup) { _, ctx := createContext(s) email := "verify_email." + s.TestInfo.Email res, err := resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) diff --git a/server/test/verify_otp_test.go b/server/test/verify_otp_test.go index 455ac12..c184d60 100644 --- a/server/test/verify_otp_test.go +++ b/server/test/verify_otp_test.go @@ -23,7 +23,7 @@ func verifyOTPTest(t *testing.T, s TestSetup) { req, ctx := createContext(s) email := "verify_otp." + s.TestInfo.Email res, err := resolvers.SignupResolver(ctx, model.SignUpInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) @@ -32,7 +32,7 @@ func verifyOTPTest(t *testing.T, s TestSetup) { // Login should fail as email is not verified loginRes, err := resolvers.LoginResolver(ctx, model.LoginInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, }) assert.Error(t, err) @@ -57,7 +57,7 @@ func verifyOTPTest(t *testing.T, s TestSetup) { // Login should not return error but access token should be empty as otp should have been sent loginRes, err = resolvers.LoginResolver(ctx, model.LoginInput{ - Email: email, + Email: refs.NewStringRef(email), Password: s.TestInfo.Password, }) assert.NoError(t, err)