fix: refactor schema for open id claim standards

2021-12-22 10:51:12 +05:30
parent 8f7582e1ec
commit 508c714932
51 changed files with 1650 additions and 960 deletions
--- a/server/resolvers/update_profile.go
+++ b/server/resolvers/update_profile.go
@@ -0,0 +1,161 @@
+package resolvers
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"strings"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/enum"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/session"
+	"github.com/authorizerdev/authorizer/server/utils"
+	"golang.org/x/crypto/bcrypt"
+)
+
+func UpdateProfile(ctx context.Context, params model.UpdateProfileInput) (*model.Response, error) {
+	gc, err := utils.GinContextFromContext(ctx)
+	var res *model.Response
+	if err != nil {
+		return res, err
+	}
+
+	token, err := utils.GetAuthToken(gc)
+	if err != nil {
+		return res, err
+	}
+
+	claim, err := utils.VerifyAuthToken(token)
+	if err != nil {
+		return res, err
+	}
+
+	id := fmt.Sprintf("%v", claim["id"])
+	sessionToken := session.GetToken(id, token)
+
+	if sessionToken == "" {
+		return res, fmt.Errorf(`unauthorized`)
+	}
+
+	// validate if all params are not empty
+	if params.GivenName == nil && params.FamilyName == nil && params.Picture == nil && params.MiddleName == nil && params.Nickname == nil && params.OldPassword == nil && params.Email == nil && params.Birthdate == nil && params.Gender == nil && params.PhoneNumber == nil {
+		return res, fmt.Errorf("please enter atleast one param to update")
+	}
+
+	email := fmt.Sprintf("%v", claim["email"])
+	user, err := db.Mgr.GetUserByEmail(email)
+	if err != nil {
+		return res, err
+	}
+
+	if params.GivenName != nil && user.GivenName != *params.GivenName {
+		user.GivenName = *params.GivenName
+	}
+
+	if params.FamilyName != nil && user.FamilyName != *params.FamilyName {
+		user.FamilyName = *params.FamilyName
+	}
+
+	if params.MiddleName != nil && user.MiddleName != *params.MiddleName {
+		user.MiddleName = *params.MiddleName
+	}
+
+	if params.Nickname != nil && user.Nickname != *params.Nickname {
+		user.Nickname = *params.Nickname
+	}
+
+	if params.Birthdate != nil && user.Birthdate != *params.Birthdate {
+		user.Birthdate = *params.Birthdate
+	}
+
+	if params.Gender != nil && user.Gender != *params.Gender {
+		user.Gender = *params.Gender
+	}
+
+	if params.PhoneNumber != nil && user.PhoneNumber != *params.PhoneNumber {
+		user.PhoneNumber = *params.PhoneNumber
+	}
+
+	if params.Picture != nil && user.Picture != *params.Picture {
+		user.Picture = *params.Picture
+	}
+
+	if params.OldPassword != nil {
+		if err = bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(*params.OldPassword)); err != nil {
+			return res, fmt.Errorf("incorrect old password")
+		}
+
+		if params.NewPassword == nil {
+			return res, fmt.Errorf("new password is required")
+		}
+
+		if params.ConfirmNewPassword == nil {
+			return res, fmt.Errorf("confirm password is required")
+		}
+
+		if *params.ConfirmNewPassword != *params.NewPassword {
+			return res, fmt.Errorf(`password and confirm password does not match`)
+		}
+
+		password, _ := utils.HashPassword(*params.NewPassword)
+
+		user.Password = password
+	}
+
+	hasEmailChanged := false
+
+	if params.Email != nil && user.Email != *params.Email {
+		// check if valid email
+		if !utils.IsValidEmail(*params.Email) {
+			return res, fmt.Errorf("invalid email address")
+		}
+		newEmail := strings.ToLower(*params.Email)
+		// check if user with new email exists
+		_, err = db.Mgr.GetUserByEmail(newEmail)
+		// err = nil means user exists
+		if err == nil {
+			return res, fmt.Errorf("user with this email address already exists")
+		}
+
+		session.DeleteUserSession(fmt.Sprintf("%v", user.ID))
+		utils.DeleteCookie(gc)
+
+		user.Email = newEmail
+		user.EmailVerifiedAt = 0
+		hasEmailChanged = true
+		// insert verification request
+		verificationType := enum.UpdateEmail.String()
+		token, err := utils.CreateVerificationToken(newEmail, verificationType)
+		if err != nil {
+			log.Println(`error generating token`, err)
+		}
+		db.Mgr.AddVerification(db.VerificationRequest{
+			Token:      token,
+			Identifier: verificationType,
+			ExpiresAt:  time.Now().Add(time.Minute * 30).Unix(),
+			Email:      newEmail,
+		})
+
+		// exec it as go routin so that we can reduce the api latency
+		go func() {
+			utils.SendVerificationMail(newEmail, token)
+		}()
+	}
+
+	_, err = db.Mgr.UpdateUser(user)
+	if err != nil {
+		log.Println("error updating user:", err)
+		return res, err
+	}
+	message := `Profile details updated successfully.`
+	if hasEmailChanged {
+		message += `For the email change we have sent new verification email, please verify and continue`
+	}
+	res = &model.Response{
+		Message: message,
+	}
+
+	return res, nil
+}