feat: unify email & mobile singup + login

2023-10-22 02:33:36 +05:30 · 2023-10-22 02:33:36 +05:30 · 3ed31b0557
commit 3ed31b0557
parent 734e54db69
25 changed files with 377 additions and 243 deletions
--- a/server/graph/generated/generated.go
+++ b/server/graph/generated/generated.go
@ -2560,6 +2560,7 @@ input AdminSignupInput {
  admin_secret: String!
 }
 # Deprecated with v1.2.0
 input MobileSignUpInput {
  email: String
  given_name: String
@ -2584,7 +2585,7 @@ input MobileSignUpInput {
 }
 input SignUpInput {
-  email: String!
+  email: String
  given_name: String
  family_name: String
  middle_name: String
@ -2607,7 +2608,8 @@ input SignUpInput {
 }
 input LoginInput {
-  email: String!
+  email: String
  phone_number: String
  password: String!
  roles: [String!]
  scope: [String!]
@ -2617,6 +2619,7 @@ input LoginInput {
  state: String
 }
 # Deprecated with v1.2.0
 input MobileLoginInput {
  phone_number: String!
  password: String!
@ -2828,8 +2831,10 @@ input GetUserRequest {
 type Mutation {
  signup(params: SignUpInput!): AuthResponse!
  # Deprecated with v1.2.0
  mobile_signup(params: MobileSignUpInput): AuthResponse!
  login(params: LoginInput!): AuthResponse!
  # Deprecated with v1.2.0
  mobile_login(params: MobileLoginInput!): AuthResponse!
  magic_link_login(params: MagicLinkLoginInput!): Response!
  logout: Response!
@ -16364,7 +16369,7 @@ func (ec *executionContext) unmarshalInputLoginInput(ctx context.Context, obj in
 		asMap[k] = v
 	}
-	fieldsInOrder := [...]string{"email", "password", "roles", "scope", "state"}
+	fieldsInOrder := [...]string{"email", "phone_number", "password", "roles", "scope", "state"}
 	for _, k := range fieldsInOrder {
 		v, ok := asMap[k]
 		if !ok {
@ -16375,11 +16380,20 @@ func (ec *executionContext) unmarshalInputLoginInput(ctx context.Context, obj in
 			var err error
 			ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("email"))
-			data, err := ec.unmarshalNString2string(ctx, v)
+			data, err := ec.unmarshalOString2ᚖstring(ctx, v)
 			if err != nil {
 				return it, err
 			}
 			it.Email = data
 		case "phone_number":
 			var err error
 			ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("phone_number"))
 			data, err := ec.unmarshalOString2ᚖstring(ctx, v)
 			if err != nil {
 				return it, err
 			}
 			it.PhoneNumber = data
 		case "password":
 			var err error
@ -17018,7 +17032,7 @@ func (ec *executionContext) unmarshalInputSignUpInput(ctx context.Context, obj i
 			var err error
 			ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("email"))
-			data, err := ec.unmarshalNString2string(ctx, v)
+			data, err := ec.unmarshalOString2ᚖstring(ctx, v)
 			if err != nil {
 				return it, err
 			}
--- a/server/graph/model/models_gen.go
+++ b/server/graph/model/models_gen.go
@ -166,7 +166,8 @@ type ListWebhookLogRequest struct {
 }
 type LoginInput struct {
-	Email    string   `json:"email"`
+	Email       *string  `json:"email,omitempty"`
 	PhoneNumber *string  `json:"phone_number,omitempty"`
 	Password    string   `json:"password"`
 	Roles       []string `json:"roles,omitempty"`
 	Scope       []string `json:"scope,omitempty"`
@ -284,7 +285,7 @@ type SessionQueryInput struct {
 }
 type SignUpInput struct {
-	Email                    string                 `json:"email"`
+	Email                    *string                `json:"email,omitempty"`
 	GivenName                *string                `json:"given_name,omitempty"`
 	FamilyName               *string                `json:"family_name,omitempty"`
 	MiddleName               *string                `json:"middle_name,omitempty"`
--- a/server/graph/schema.graphqls
+++ b/server/graph/schema.graphqls
@ -306,6 +306,7 @@ input AdminSignupInput {
  admin_secret: String!
 }
 # Deprecated with v1.2.0
 input MobileSignUpInput {
  email: String
  given_name: String
@ -330,7 +331,7 @@ input MobileSignUpInput {
 }
 input SignUpInput {
-  email: String!
+  email: String
  given_name: String
  family_name: String
  middle_name: String
@ -353,7 +354,8 @@ input SignUpInput {
 }
 input LoginInput {
-  email: String!
+  email: String
  phone_number: String
  password: String!
  roles: [String!]
  scope: [String!]
@ -363,6 +365,7 @@ input LoginInput {
  state: String
 }
 # Deprecated with v1.2.0
 input MobileLoginInput {
  phone_number: String!
  password: String!
@ -574,8 +577,10 @@ input GetUserRequest {
 type Mutation {
  signup(params: SignUpInput!): AuthResponse!
  # Deprecated with v1.2.0
  mobile_signup(params: MobileSignUpInput): AuthResponse!
  login(params: LoginInput!): AuthResponse!
  # Deprecated with v1.2.0
  mobile_login(params: MobileLoginInput!): AuthResponse!
  magic_link_login(params: MagicLinkLoginInput!): Response!
  logout: Response!
--- a/server/resolvers/login.go
+++ b/server/resolvers/login.go
@ -14,16 +14,18 @@ import (
 	"github.com/authorizerdev/authorizer/server/cookie"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/db/models"
-	"github.com/authorizerdev/authorizer/server/email"
+	mailService "github.com/authorizerdev/authorizer/server/email"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/smsproviders"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
 	"github.com/authorizerdev/authorizer/server/validators"
 )
 // LoginResolver is a resolver for login mutation
 // User can login with email or phone number, but not both
 func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthResponse, error) {
 	var res *model.AuthResponse
@ -39,26 +41,47 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
 		isBasicAuthDisabled = true
 	}
 	isMobileBasicAuthDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableMobileBasicAuthentication)
 	if err != nil {
 		log.Debug("Error getting mobile basic auth disabled: ", err)
 		isMobileBasicAuthDisabled = true
 	}
 	email := refs.StringValue(params.Email)
 	phoneNumber := refs.StringValue(params.PhoneNumber)
 	if email == "" && phoneNumber == "" {
 		log.Debug("Email or phone number is required")
 		return res, fmt.Errorf(`email or phone number is required`)
 	}
 	log := log.WithFields(log.Fields{
 		"email":        refs.StringValue(params.Email),
 		"phone_number": refs.StringValue(params.PhoneNumber),
 	})
 	isEmailLogin := email != ""
 	isMobileLogin := phoneNumber != ""
 	if isBasicAuthDisabled {
 		log.Debug("Basic authentication is disabled.")
 		return res, fmt.Errorf(`basic authentication is disabled for this instance`)
 	}
-
+	if isMobileBasicAuthDisabled && isMobileLogin {
-	log := log.WithFields(log.Fields{
+		log.Debug("Mobile basic authentication is disabled.")
-		"email": params.Email,
+		return res, fmt.Errorf(`mobile basic authentication is disabled for this instance`)
-	})
+	}
-	params.Email = strings.ToLower(params.Email)
+	var user *models.User
-	user, err := db.Provider.GetUserByEmail(ctx, params.Email)
+	if isEmailLogin {
 		user, err = db.Provider.GetUserByEmail(ctx, email)
 	} else {
 		user, err = db.Provider.GetUserByPhoneNumber(ctx, phoneNumber)
 	}
 	if err != nil {
-		log.Debug("Failed to get user by email: ", err)
+		log.Debug("Failed to get user: ", err)
 		return res, fmt.Errorf(`bad user credentials`)
 	}
 	if user.RevokedTimestamp != nil {
 		log.Debug("User access is revoked")
 		return res, fmt.Errorf(`user access has been revoked`)
 	}
-
+	if isEmailLogin {
 		if !strings.Contains(user.SignupMethods, constants.AuthRecipeMethodBasicAuth) {
 			log.Debug("User signup method is not basic auth")
 			return res, fmt.Errorf(`user has not signed up email & password`)
@ -68,14 +91,22 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
 			log.Debug("User email is not verified")
 			return res, fmt.Errorf(`email not verified`)
 		}
 	} else {
 		if !strings.Contains(user.SignupMethods, constants.AuthRecipeMethodMobileBasicAuth) {
 			log.Debug("User signup method is not mobile basic auth")
 			return res, fmt.Errorf(`user has not signed up with phone number & password`)
 		}
 		if user.PhoneNumberVerifiedAt == nil {
 			log.Debug("User phone number is not verified")
 			return res, fmt.Errorf(`phone number is not verified`)
 		}
 	}
 	err = bcrypt.CompareHashAndPassword([]byte(*user.Password), []byte(params.Password))
 	if err != nil {
 		log.Debug("Failed to compare password: ", err)
 		return res, fmt.Errorf(`bad user credentials`)
 	}
 	defaultRolesString, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
 	roles := []string{}
 	if err != nil {
@ -84,34 +115,33 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
 	} else {
 		roles = strings.Split(defaultRolesString, ",")
 	}
 	currentRoles := strings.Split(user.Roles, ",")
 	if len(params.Roles) > 0 {
 		if !validators.IsValidRoles(params.Roles, currentRoles) {
 			log.Debug("Invalid roles: ", params.Roles)
 			return res, fmt.Errorf(`invalid roles`)
 		}
 		roles = params.Roles
 	}
 	scope := []string{"openid", "email", "profile"}
 	if params.Scope != nil && len(scope) > 0 {
 		scope = params.Scope
 	}
 	isEmailServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsEmailServiceEnabled)
 	if err != nil || !isEmailServiceEnabled {
 		log.Debug("Email service not enabled: ", err)
 	}
 	isSMSServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsSMSServiceEnabled)
 	if err != nil || !isSMSServiceEnabled {
 		log.Debug("SMS service not enabled: ", err)
 	}
 	isMFADisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableMultiFactorAuthentication)
 	if err != nil || !isMFADisabled {
 		log.Debug("MFA service not enabled: ", err)
 	}
-	// If email service is not enabled continue the process in any way
+	if refs.BoolValue(user.IsMultiFactorAuthEnabled) && !isMFADisabled {
 	if refs.BoolValue(user.IsMultiFactorAuthEnabled) && isEmailServiceEnabled && !isMFADisabled {
 		otp := utils.GenerateOTP()
 		expires := time.Now().Add(1 * time.Minute).Unix()
 		otpData, err := db.Provider.UpsertOTP(ctx, &models.OTP{
@ -131,22 +161,33 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
 			return nil, err
 		}
 		cookie.SetMfaSession(gc, mfaSession)
-
+		if isEmailServiceEnabled && isEmailLogin {
 			go func() {
 				// exec it as go routine so that we can reduce the api latency
-			go email.SendEmail([]string{params.Email}, constants.VerificationTypeOTP, map[string]interface{}{
+				if err := mailService.SendEmail([]string{email}, constants.VerificationTypeOTP, map[string]interface{}{
 					"user":         user.ToMap(),
 					"organization": utils.GetOrganization(),
 					"otp":          otpData.Otp,
-			})
+				}); err != nil {
 			if err != nil {
 					log.Debug("Failed to send otp email: ", err)
 				}
 				utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodBasicAuth, user)
 			}()
-
+		} else if isSMSServiceEnabled && isMobileLogin {
 			smsBody := strings.Builder{}
 			smsBody.WriteString("Your verification code is: ")
 			smsBody.WriteString(otpData.Otp)
 			go func() {
 				utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodMobileBasicAuth, user)
 				if err := smsproviders.SendSMS(phoneNumber, smsBody.String()); err != nil {
 					log.Debug("Failed to send sms: ", err)
 				}
 			}()
 		}
 		return &model.AuthResponse{
-			Message:                  "Please check the OTP in your inbox",
+			Message:                   "Please check the OTP in",
-			ShouldShowEmailOtpScreen: refs.NewBoolRef(true),
+			ShouldShowEmailOtpScreen:  refs.NewBoolRef(isEmailLogin),
 			ShouldShowMobileOtpScreen: refs.NewBoolRef(isMobileLogin),
 		}, nil
 	}
@ -210,7 +251,13 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
 	}
 	go func() {
 		// Register event
 		if isEmailLogin {
 			utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodBasicAuth, user)
 		} else {
 			utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodMobileBasicAuth, user)
 		}
 		// Record session
 		db.Provider.AddSession(ctx, &models.Session{
 			UserID:    user.ID,
 			UserAgent: utils.GetUserAgent(gc.Request),
--- a/server/resolvers/signup.go
+++ b/server/resolvers/signup.go
@ -16,11 +16,12 @@ import (
 	"github.com/authorizerdev/authorizer/server/crypto"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/db/models"
-	"github.com/authorizerdev/authorizer/server/email"
+	emailService "github.com/authorizerdev/authorizer/server/email"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/parsers"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/smsproviders"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
 	"github.com/authorizerdev/authorizer/server/validators"
@ -51,46 +52,77 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
 		log.Debug("Error getting basic auth disabled: ", err)
 		isBasicAuthDisabled = true
 	}
-
+	isMobileBasicAuthDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableMobileBasicAuthentication)
-	if isBasicAuthDisabled {
+	if err != nil {
-		log.Debug("Basic authentication is disabled")
+		log.Debug("Error getting mobile basic auth disabled: ", err)
-		return res, fmt.Errorf(`basic authentication is disabled for this instance`)
+		isMobileBasicAuthDisabled = true
 	}
 	if params.ConfirmPassword != params.Password {
 		log.Debug("Passwords do not match")
 		return res, fmt.Errorf(`password and confirm password does not match`)
 	}
 	if err := validators.IsValidPassword(params.Password); err != nil {
 		log.Debug("Invalid password")
 		return res, err
 	}
-
+	email := strings.TrimSpace(refs.StringValue(params.Email))
-	params.Email = strings.ToLower(params.Email)
+	phoneNumber := strings.TrimSpace(refs.StringValue(params.PhoneNumber))
-
+	if email == "" && phoneNumber == "" {
-	if !validators.IsValidEmail(params.Email) {
+		log.Debug("Email or phone number is required")
 		return res, fmt.Errorf(`email or phone number is required`)
 	}
 	isEmailSignup := email != ""
 	isMobileSignup := phoneNumber != ""
 	if isBasicAuthDisabled {
 		log.Debug("Basic authentication is disabled")
 		return res, fmt.Errorf(`basic authentication is disabled for this instance`)
 	}
 	if isMobileBasicAuthDisabled && isMobileSignup {
 		log.Debug("Mobile basic authentication is disabled")
 		return res, fmt.Errorf(`mobile basic authentication is disabled for this instance`)
 	}
 	if isEmailSignup && !validators.IsValidEmail(email) {
 		log.Debug("Invalid email: ", params.Email)
 		return res, fmt.Errorf(`invalid email address`)
 	}
-
+	if isMobileSignup && (phoneNumber == "" || len(phoneNumber) < 10) {
 		log.Debug("Invalid phone number: ", phoneNumber)
 		return res, fmt.Errorf(`invalid phone number`)
 	}
 	log := log.WithFields(log.Fields{
-		"email": params.Email,
+		"email":        email,
 		"phone_number": phoneNumber,
 	})
-	// find user with email
+	// find user with email / phone number
-	existingUser, err := db.Provider.GetUserByEmail(ctx, params.Email)
+	if isEmailSignup {
 		existingUser, err := db.Provider.GetUserByEmail(ctx, email)
 		if err != nil {
 			log.Debug("Failed to get user by email: ", err)
 		}
 		if existingUser != nil {
 			if existingUser.EmailVerifiedAt != nil {
 				// email is verified
 				log.Debug("Email is already verified and signed up.")
-			return res, fmt.Errorf(`%s has already signed up`, params.Email)
+				return res, fmt.Errorf(`%s has already signed up`, email)
 			} else if existingUser.ID != "" && existingUser.EmailVerifiedAt == nil {
 				log.Debug("Email is already signed up. Verification pending...")
-			return res, fmt.Errorf("%s has already signed up. please complete the email verification process or reset the password", params.Email)
+				return res, fmt.Errorf("%s has already signed up. please complete the email verification process or reset the password", email)
 			}
 		}
 	} else {
 		existingUser, err := db.Provider.GetUserByPhoneNumber(ctx, phoneNumber)
 		if err != nil {
 			log.Debug("Failed to get user by phone number: ", err)
 		}
 		if existingUser != nil {
 			if existingUser.PhoneNumberVerifiedAt != nil {
 				// email is verified
 				log.Debug("Phone number is already verified and signed up.")
 				return res, fmt.Errorf(`%s has already signed up`, phoneNumber)
 			} else if existingUser.ID != "" && existingUser.PhoneNumberVerifiedAt == nil {
 				log.Debug("Phone number is already signed up. Verification pending...")
 				return res, fmt.Errorf("%s has already signed up. please complete the phone number verification process or reset the password", phoneNumber)
 			}
 		}
 	}
@ -120,13 +152,14 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
 			inputRoles = strings.Split(inputRolesString, ",")
 		}
 	}
-	user := &models.User{
+	user := &models.User{}
 		Email: params.Email,
 	}
 	user.Roles = strings.Join(inputRoles, ",")
 	password, _ := crypto.EncryptPassword(params.Password)
 	user.Password = &password
-
+	if email != "" {
 		user.SignupMethods = constants.AuthRecipeMethodBasicAuth
 		user.Email = email
 	}
 	if params.GivenName != nil {
 		user.GivenName = params.GivenName
 	}
@ -151,8 +184,9 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
 		user.Birthdate = params.Birthdate
 	}
-	if params.PhoneNumber != nil {
+	if phoneNumber != "" {
-		user.PhoneNumber = params.PhoneNumber
+		user.SignupMethods = constants.AuthRecipeMethodMobileBasicAuth
 		user.PhoneNumber = refs.NewStringRef(phoneNumber)
 	}
 	if params.Picture != nil {
@ -183,8 +217,6 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
 		appDataString = string(appDataBytes)
 		user.AppData = &appDataString
 	}
 	user.SignupMethods = constants.AuthRecipeMethodBasicAuth
 	isEmailVerificationDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableEmailVerification)
 	if err != nil {
 		log.Debug("Error getting email verification disabled: ", err)
@ -194,6 +226,15 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
 		now := time.Now().Unix()
 		user.EmailVerifiedAt = &now
 	}
 	disablePhoneVerification, _ := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisablePhoneVerification)
 	if disablePhoneVerification {
 		now := time.Now().Unix()
 		user.PhoneNumberVerifiedAt = &now
 	}
 	isSMSServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsSMSServiceEnabled)
 	if err != nil || !isSMSServiceEnabled {
 		log.Debug("SMS service not enabled: ", err)
 	}
 	user, err = db.Provider.AddUser(ctx, user)
 	if err != nil {
 		log.Debug("Failed to add user: ", err)
@ -201,9 +242,8 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
 	}
 	roles := strings.Split(user.Roles, ",")
 	userToReturn := user.AsAPIUser()
 	hostname := parsers.GetHost(gc)
-	if !isEmailVerificationDisabled {
+	if !isEmailVerificationDisabled && isEmailSignup {
 		// insert verification request
 		_, nonceHash, err := utils.GenerateNonce()
 		if err != nil {
@ -215,7 +255,7 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
 		if params.RedirectURI != nil {
 			redirectURL = *params.RedirectURI
 		}
-		verificationToken, err := token.CreateVerificationToken(params.Email, verificationType, hostname, nonceHash, redirectURL)
+		verificationToken, err := token.CreateVerificationToken(email, verificationType, hostname, nonceHash, redirectURL)
 		if err != nil {
 			log.Debug("Failed to create verification token: ", err)
 			return res, err
@ -224,7 +264,7 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
 			Token:       verificationToken,
 			Identifier:  verificationType,
 			ExpiresAt:   time.Now().Add(time.Minute * 30).Unix(),
-			Email:       params.Email,
+			Email:       email,
 			Nonce:       nonceHash,
 			RedirectURI: redirectURL,
 		})
@ -232,11 +272,10 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
 			log.Debug("Failed to add verification request: ", err)
 			return res, err
 		}
 		// exec it as go routine so that we can reduce the api latency
 		go func() {
 			// exec it as go routine so that we can reduce the api latency
-			email.SendEmail([]string{params.Email}, constants.VerificationTypeBasicAuthSignup, map[string]interface{}{
+			emailService.SendEmail([]string{email}, constants.VerificationTypeBasicAuthSignup, map[string]interface{}{
 				"user":             user.ToMap(),
 				"organization":     utils.GetOrganization(),
 				"verification_url": utils.GetEmailVerificationURL(verificationToken, hostname, redirectURL),
@ -244,11 +283,41 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
 			utils.RegisterEvent(ctx, constants.UserCreatedWebhookEvent, constants.AuthRecipeMethodBasicAuth, user)
 		}()
-		res = &model.AuthResponse{
+		return &model.AuthResponse{
 			Message: `Verification email has been sent. Please check your inbox`,
 			User:    userToReturn,
 		}, nil
 	} else if !disablePhoneVerification && isSMSServiceEnabled && isMobileSignup {
 		duration, _ := time.ParseDuration("10m")
 		smsCode := utils.GenerateOTP()
 		smsBody := strings.Builder{}
 		smsBody.WriteString("Your verification code is: ")
 		smsBody.WriteString(smsCode)
 		// TODO: For those who enabled the webhook to call their sms vendor separately - sending the otp to their api
 		if err != nil {
 			log.Debug("error while upserting user: ", err.Error())
 			return nil, err
 		}
 		_, err = db.Provider.UpsertOTP(ctx, &models.OTP{
 			PhoneNumber: phoneNumber,
 			Otp:         smsCode,
 			ExpiresAt:   time.Now().Add(duration).Unix(),
 		})
 		if err != nil {
 			log.Debug("error while upserting OTP: ", err.Error())
 			return nil, err
 		}
 		go func() {
 			smsproviders.SendSMS(phoneNumber, smsBody.String())
 			utils.RegisterEvent(ctx, constants.UserCreatedWebhookEvent, constants.AuthRecipeMethodMobileBasicAuth, user)
 		}()
 		return &model.AuthResponse{
 			Message:                   "Please check the OTP in your inbox",
 			ShouldShowMobileOtpScreen: refs.NewBoolRef(true),
 		}, nil
 	}
 	} else {
 	scope := []string{"openid", "email", "profile"}
 	if params.Scope != nil && len(scope) > 0 {
 		scope = params.Scope
@ -314,16 +383,20 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
 	go func() {
 		utils.RegisterEvent(ctx, constants.UserCreatedWebhookEvent, constants.AuthRecipeMethodBasicAuth, user)
 		if isEmailSignup {
 			utils.RegisterEvent(ctx, constants.UserSignUpWebhookEvent, constants.AuthRecipeMethodBasicAuth, user)
 			// User is also logged in with signup
 			utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodBasicAuth, user)
 		} else {
 			utils.RegisterEvent(ctx, constants.UserSignUpWebhookEvent, constants.AuthRecipeMethodMobileBasicAuth, user)
 			utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodMobileBasicAuth, user)
 		}
 		db.Provider.AddSession(ctx, &models.Session{
 			UserID:    user.ID,
 			UserAgent: utils.GetUserAgent(gc.Request),
 			IP:        utils.GetIP(gc.Request),
 		})
 	}()
 	}
 	return res, nil
 }
--- a/server/test/deactivate_account_test.go
+++ b/server/test/deactivate_account_test.go
@ -7,6 +7,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
 	"github.com/stretchr/testify/assert"
 )
@ -18,7 +19,7 @@ func deactivateAccountTests(t *testing.T, s TestSetup) {
 		email := "deactiavte_account." + s.TestInfo.Email
 		resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
--- a/server/test/delete_user_test.go
+++ b/server/test/delete_user_test.go
@ -8,6 +8,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/crypto"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
 	"github.com/stretchr/testify/assert"
 )
@ -18,7 +19,7 @@ func deleteUserTest(t *testing.T, s TestSetup) {
 		req, ctx := createContext(s)
 		email := "delete_user." + s.TestInfo.Email
 		resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
--- a/server/test/forgot_password_test.go
+++ b/server/test/forgot_password_test.go
@ -6,6 +6,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
 	"github.com/stretchr/testify/assert"
 )
@ -16,7 +17,7 @@ func forgotPasswordTest(t *testing.T, s TestSetup) {
 		_, ctx := createContext(s)
 		email := "forgot_password." + s.TestInfo.Email
 		res, err := resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
--- a/server/test/login_test.go
+++ b/server/test/login_test.go
@ -6,6 +6,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
 	"github.com/authorizerdev/authorizer/server/utils"
 	"github.com/stretchr/testify/assert"
@ -17,14 +18,14 @@ func loginTests(t *testing.T, s TestSetup) {
 		_, ctx := createContext(s)
 		email := "login." + s.TestInfo.Email
 		signUpRes, err := resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
 		assert.NoError(t, err)
 		assert.NotNil(t, signUpRes)
 		res, err := resolvers.LoginResolver(ctx, model.LoginInput{
-			Email:    email,
+			Email:    refs.NewStringRef(email),
 			Password: s.TestInfo.Password,
 		})
@ -43,20 +44,20 @@ func loginTests(t *testing.T, s TestSetup) {
 		assert.NoError(t, err)
 		assert.NotNil(t, res)
 		_, err = resolvers.LoginResolver(ctx, model.LoginInput{
-			Email:    email,
+			Email:    refs.NewStringRef(email),
 			Password: s.TestInfo.Password,
 			Roles:    []string{"test"},
 		})
 		assert.NotNil(t, err, "invalid roles")
 		_, err = resolvers.LoginResolver(ctx, model.LoginInput{
-			Email:    email,
+			Email:    refs.NewStringRef(email),
 			Password: s.TestInfo.Password + "s",
 		})
 		assert.NotNil(t, err, "invalid password")
 		loginRes, err := resolvers.LoginResolver(ctx, model.LoginInput{
-			Email:    email,
+			Email:    refs.NewStringRef(email),
 			Password: s.TestInfo.Password,
 		})
--- a/server/test/mobile_login_test.go
+++ b/server/test/mobile_login_test.go
@ -20,33 +20,17 @@ func mobileLoginTests(t *testing.T, s TestSetup) {
 	t.Helper()
 	t.Run(`should login via mobile`, func(t *testing.T) {
 		_, ctx := createContext(s)
 		email := "mobile_login." + s.TestInfo.Email
 		phoneNumber := "2234567890"
-		signUpRes, err := resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{
+		signUpRes, err := resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           refs.NewStringRef(email),
+			PhoneNumber:     refs.NewStringRef(phoneNumber),
 			PhoneNumber:     phoneNumber,
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
 		assert.NoError(t, err)
 		assert.NotNil(t, signUpRes)
 		res, err := resolvers.MobileLoginResolver(ctx, model.MobileLoginInput{
 			PhoneNumber: phoneNumber,
 			Password:    "random_test",
 		})
 		assert.Error(t, err)
 		assert.Nil(t, res)
 		// Should fail for email login
 		res, err = resolvers.LoginResolver(ctx, model.LoginInput{
 			Email:    email,
 			Password: s.TestInfo.Password,
 		})
 		assert.Error(t, err)
 		assert.Nil(t, res)
 		// should fail because phone is not verified
-		res, err = resolvers.MobileLoginResolver(ctx, model.MobileLoginInput{
+		res, err := resolvers.LoginResolver(ctx, model.LoginInput{
-			PhoneNumber: phoneNumber,
+			PhoneNumber: refs.NewStringRef(phoneNumber),
 			Password:    s.TestInfo.Password,
 		})
 		assert.NotNil(t, err, "should fail because phone is not verified")
@ -73,6 +57,5 @@ func mobileLoginTests(t *testing.T, s TestSetup) {
 		assert.NotEqual(t, verifySMSRequest.Message, "", "message should not be empty")
 		assert.NotEmpty(t, verifySMSRequest.AccessToken)
 		assert.NotEmpty(t, verifySMSRequest.IDToken)
 		cleanData(email)
 	})
 }
--- a/server/test/mobile_signup_test.go
+++ b/server/test/mobile_signup_test.go
@ -20,25 +20,23 @@ func mobileSingupTest(t *testing.T, s TestSetup) {
 	t.Helper()
 	t.Run(`should complete the signup with mobile and check duplicates`, func(t *testing.T) {
 		_, ctx := createContext(s)
-		email := "mobile_basic_auth_signup." + s.TestInfo.Email
+		phoneNumber := "1234567890"
-		res, err := resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{
+		res, err := resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           refs.NewStringRef(email),
+			PhoneNumber:     refs.NewStringRef(phoneNumber),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password + "s",
 		})
 		assert.NotNil(t, err, "invalid password")
 		assert.Nil(t, res)
-
+		res, err = resolvers.SignupResolver(ctx, model.SignUpInput{
 		res, err = resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{
 			Email:           refs.NewStringRef(email),
 			Password:        "test",
 			ConfirmPassword: "test",
 		})
-		assert.Error(t, err)
+		assert.Error(t, err, "phone number or email should be provided")
 		assert.Nil(t, res)
 		memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDisableSignUp, true)
-		res, err = resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{
+		res, err = resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           refs.NewStringRef(email),
+			PhoneNumber:     refs.NewStringRef(phoneNumber),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
@ -46,8 +44,8 @@ func mobileSingupTest(t *testing.T, s TestSetup) {
 		assert.Nil(t, res)
 		memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDisableSignUp, false)
 		memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDisableMobileBasicAuthentication, true)
-		res, err = resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{
+		res, err = resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           refs.NewStringRef(email),
+			PhoneNumber:     refs.NewStringRef(phoneNumber),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
@ -55,24 +53,24 @@ func mobileSingupTest(t *testing.T, s TestSetup) {
 		assert.Nil(t, res)
 		memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDisableMobileBasicAuthentication, false)
-		res, err = resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{
+		res, err = resolvers.SignupResolver(ctx, model.SignUpInput{
-			PhoneNumber:     "   ",
+			PhoneNumber:     refs.NewStringRef("   "),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
 		assert.Error(t, err)
 		assert.Nil(t, res)
-		res, err = resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{
+		res, err = resolvers.SignupResolver(ctx, model.SignUpInput{
-			PhoneNumber:     "test",
+			PhoneNumber:     refs.NewStringRef("test"),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
 		assert.Error(t, err)
 		assert.Nil(t, res)
-		phoneNumber := "1234567890"
+
-		res, err = resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{
+		res, err = resolvers.SignupResolver(ctx, model.SignUpInput{
-			PhoneNumber:     phoneNumber,
+			PhoneNumber:     refs.NewStringRef(phoneNumber),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
@ -95,20 +93,18 @@ func mobileSingupTest(t *testing.T, s TestSetup) {
 		req, ctx := createContext(s)
 		req.Header.Set("Cookie", cookie)
 		otpRes, err := resolvers.VerifyOtpResolver(ctx, model.VerifyOTPRequest{
-			PhoneNumber: &phoneNumber,
+			PhoneNumber: refs.NewStringRef(phoneNumber),
 			Otp:         otp.Otp,
 		})
 		assert.Nil(t, err)
 		assert.NotEmpty(t, otpRes.Message)
-		res, err = resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{
+		res, err = resolvers.SignupResolver(ctx, model.SignUpInput{
-			PhoneNumber:     "1234567890",
+			PhoneNumber:     refs.NewStringRef(phoneNumber),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
 		assert.Error(t, err)
 		assert.Nil(t, res)
 		cleanData(email)
 		cleanData("1234567890@authorizer.dev")
 	})
 }
--- a/server/test/profile_test.go
+++ b/server/test/profile_test.go
@ -7,6 +7,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
 	"github.com/stretchr/testify/assert"
 )
@ -18,7 +19,7 @@ func profileTests(t *testing.T, s TestSetup) {
 		email := "profile." + s.TestInfo.Email
 		resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
--- a/server/test/resend_otp_test.go
+++ b/server/test/resend_otp_test.go
@ -23,7 +23,7 @@ func resendOTPTest(t *testing.T, s TestSetup) {
 		req, ctx := createContext(s)
 		email := "resend_otp." + s.TestInfo.Email
 		res, err := resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
@ -32,7 +32,7 @@ func resendOTPTest(t *testing.T, s TestSetup) {
 		// Login should fail as email is not verified
 		loginRes, err := resolvers.LoginResolver(ctx, model.LoginInput{
-			Email:    email,
+			Email:    refs.NewStringRef(email),
 			Password: s.TestInfo.Password,
 		})
 		assert.Error(t, err)
@ -63,7 +63,7 @@ func resendOTPTest(t *testing.T, s TestSetup) {
 		// Login should not return error but access token should be empty as otp should have been sent
 		loginRes, err = resolvers.LoginResolver(ctx, model.LoginInput{
-			Email:    email,
+			Email:    refs.NewStringRef(email),
 			Password: s.TestInfo.Password,
 		})
 		assert.NoError(t, err)
--- a/server/test/resend_verify_email_test.go
+++ b/server/test/resend_verify_email_test.go
@ -5,6 +5,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
 	"github.com/stretchr/testify/assert"
 )
@ -15,7 +16,7 @@ func resendVerifyEmailTests(t *testing.T, s TestSetup) {
 		_, ctx := createContext(s)
 		email := "resend_verify_email." + s.TestInfo.Email
 		_, err := resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
--- a/server/test/reset_password_test.go
+++ b/server/test/reset_password_test.go
@ -6,6 +6,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
 	"github.com/stretchr/testify/assert"
 )
@ -16,7 +17,7 @@ func resetPasswordTest(t *testing.T, s TestSetup) {
 		email := "reset_password." + s.TestInfo.Email
 		_, ctx := createContext(s)
 		_, err := resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
--- a/server/test/session_test.go
+++ b/server/test/session_test.go
@ -9,6 +9,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/stretchr/testify/assert"
@ -21,7 +22,7 @@ func sessionTests(t *testing.T, s TestSetup) {
 		email := "session." + s.TestInfo.Email
 		resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
--- a/server/test/signup_test.go
+++ b/server/test/signup_test.go
@ -7,6 +7,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
 	"github.com/stretchr/testify/assert"
 )
@ -17,14 +18,14 @@ func signupTests(t *testing.T, s TestSetup) {
 		_, ctx := createContext(s)
 		email := "signup." + s.TestInfo.Email
 		res, err := resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password + "s",
 		})
 		assert.NotNil(t, err, "invalid password")
 		assert.Nil(t, res)
 		res, err = resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        "test",
 			ConfirmPassword: "test",
 		})
@ -32,7 +33,7 @@ func signupTests(t *testing.T, s TestSetup) {
 		assert.Nil(t, res)
 		memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDisableSignUp, true)
 		res, err = resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
@ -40,7 +41,7 @@ func signupTests(t *testing.T, s TestSetup) {
 		assert.Nil(t, res)
 		memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDisableSignUp, false)
 		res, err = resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 			AppData: map[string]interface{}{
@ -53,7 +54,7 @@ func signupTests(t *testing.T, s TestSetup) {
 		assert.Equal(t, "test", user.AppData["test"])
 		assert.Nil(t, res.AccessToken, "access token should be nil")
 		res, err = resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
--- a/server/test/update_profile_test.go
+++ b/server/test/update_profile_test.go
@ -7,6 +7,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
 	"github.com/stretchr/testify/assert"
 )
@ -18,7 +19,7 @@ func updateProfileTests(t *testing.T, s TestSetup) {
 		email := "update_profile." + s.TestInfo.Email
 		resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
--- a/server/test/update_user_test.go
+++ b/server/test/update_user_test.go
@ -8,6 +8,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/crypto"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
 	"github.com/stretchr/testify/assert"
 )
@ -18,7 +19,7 @@ func updateUserTest(t *testing.T, s TestSetup) {
 		req, ctx := createContext(s)
 		email := "update_user." + s.TestInfo.Email
 		signupRes, _ := resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
--- a/server/test/user_test.go
+++ b/server/test/user_test.go
@ -19,7 +19,7 @@ func userTest(t *testing.T, s TestSetup) {
 		req, ctx := createContext(s)
 		email := "user." + s.TestInfo.Email
 		res, err := resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
--- a/server/test/users_test.go
+++ b/server/test/users_test.go
@ -8,6 +8,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/crypto"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
 	"github.com/stretchr/testify/assert"
 )
@ -18,7 +19,7 @@ func usersTest(t *testing.T, s TestSetup) {
 		req, ctx := createContext(s)
 		email := "users." + s.TestInfo.Email
 		resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
--- a/server/test/validate_session_test.go
+++ b/server/test/validate_session_test.go
@ -9,6 +9,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/stretchr/testify/assert"
@ -22,7 +23,7 @@ func validateSessionTests(t *testing.T, s TestSetup) {
 		email := "validate_session." + s.TestInfo.Email
 		resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
--- a/server/test/verification_requests_test.go
+++ b/server/test/verification_requests_test.go
@ -8,6 +8,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/crypto"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
 	"github.com/stretchr/testify/assert"
 )
@ -19,7 +20,7 @@ func verificationRequestsTest(t *testing.T, s TestSetup) {
 		req, ctx := createContext(s)
 		email := "verification_requests." + s.TestInfo.Email
 		res, err := resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
--- a/server/test/verify_email_test.go
+++ b/server/test/verify_email_test.go
@ -6,6 +6,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
 	"github.com/stretchr/testify/assert"
 )
@ -16,7 +17,7 @@ func verifyEmailTest(t *testing.T, s TestSetup) {
 		_, ctx := createContext(s)
 		email := "verify_email." + s.TestInfo.Email
 		res, err := resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
--- a/server/test/verify_otp_test.go
+++ b/server/test/verify_otp_test.go
@ -23,7 +23,7 @@ func verifyOTPTest(t *testing.T, s TestSetup) {
 		req, ctx := createContext(s)
 		email := "verify_otp." + s.TestInfo.Email
 		res, err := resolvers.SignupResolver(ctx, model.SignUpInput{
-			Email:           email,
+			Email:           refs.NewStringRef(email),
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
 		})
@ -32,7 +32,7 @@ func verifyOTPTest(t *testing.T, s TestSetup) {
 		// Login should fail as email is not verified
 		loginRes, err := resolvers.LoginResolver(ctx, model.LoginInput{
-			Email:    email,
+			Email:    refs.NewStringRef(email),
 			Password: s.TestInfo.Password,
 		})
 		assert.Error(t, err)
@ -57,7 +57,7 @@ func verifyOTPTest(t *testing.T, s TestSetup) {
 		// Login should not return error but access token should be empty as otp should have been sent
 		loginRes, err = resolvers.LoginResolver(ctx, model.LoginInput{
-			Email:    email,
+			Email:    refs.NewStringRef(email),
 			Password: s.TestInfo.Password,
 		})
 		assert.NoError(t, err)