fix: user verification

2024-03-28 13:57:47 +05:30
parent 27b51ad369
commit 67f866a787
21 changed files with 1824 additions and 1590 deletions
--- a/server/db/providers/arangodb/user.go
+++ b/server/db/providers/arangodb/user.go
@@ -36,6 +36,10 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 		if u, _ := p.GetUserByPhoneNumber(ctx, refs.StringValue(user.PhoneNumber)); u != nil && u.ID != user.ID {
 			return user, fmt.Errorf("user with given phone number already exists")
 		}
+	} else if user.Email != nil && strings.TrimSpace(refs.StringValue(user.Email)) != "" {
+		if u, _ := p.GetUserByEmail(ctx, refs.StringValue(user.Email)); u != nil && u.ID != user.ID {
+			return user, fmt.Errorf("user with given email already exists")
+		}
 	}

 	user.CreatedAt = time.Now().Unix()
--- a/server/db/providers/cassandradb/user.go
+++ b/server/db/providers/cassandradb/user.go
@@ -35,6 +35,10 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 		if u, _ := p.GetUserByPhoneNumber(ctx, refs.StringValue(user.PhoneNumber)); u != nil && u.ID != user.ID {
 			return user, fmt.Errorf("user with given phone number already exists")
 		}
+	} else if user.Email != nil && strings.TrimSpace(refs.StringValue(user.Email)) != "" {
+		if u, _ := p.GetUserByEmail(ctx, refs.StringValue(user.Email)); u != nil && u.ID != user.ID {
+			return user, fmt.Errorf("user with given email already exists")
+		}
 	}

 	user.CreatedAt = time.Now().Unix()
--- a/server/db/providers/couchbase/user.go
+++ b/server/db/providers/couchbase/user.go
@@ -4,12 +4,14 @@ import (
 	"context"
 	"fmt"
 	"log"
+	"strings"
 	"time"

 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db/models"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/couchbase/gocb/v2"
 	"github.com/google/uuid"
 )
@@ -28,6 +30,16 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 		user.Roles = defaultRoles
 	}

+	if user.PhoneNumber != nil && strings.TrimSpace(refs.StringValue(user.PhoneNumber)) != "" {
+		if u, _ := p.GetUserByPhoneNumber(ctx, refs.StringValue(user.PhoneNumber)); u != nil && u.ID != user.ID {
+			return user, fmt.Errorf("user with given phone number already exists")
+		}
+	} else if user.Email != nil && strings.TrimSpace(refs.StringValue(user.Email)) != "" {
+		if u, _ := p.GetUserByEmail(ctx, refs.StringValue(user.Email)); u != nil && u.ID != user.ID {
+			return user, fmt.Errorf("user with given email already exists")
+		}
+	}
+
 	user.CreatedAt = time.Now().Unix()
 	user.UpdatedAt = time.Now().Unix()
 	insertOpt := gocb.InsertOptions{
--- a/server/db/providers/dynamodb/user.go
+++ b/server/db/providers/dynamodb/user.go
@@ -31,9 +31,13 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 		user.Roles = defaultRoles
 	}
 	if user.PhoneNumber != nil && strings.TrimSpace(refs.StringValue(user.PhoneNumber)) != "" {
-		if u, _ := p.GetUserByPhoneNumber(ctx, refs.StringValue(user.PhoneNumber)); u != nil {
+		if u, _ := p.GetUserByPhoneNumber(ctx, refs.StringValue(user.PhoneNumber)); u != nil && u.ID != user.ID {
 			return user, fmt.Errorf("user with given phone number already exists")
 		}
+	} else if user.Email != nil && strings.TrimSpace(refs.StringValue(user.Email)) != "" {
+		if u, _ := p.GetUserByEmail(ctx, refs.StringValue(user.Email)); u != nil && u.ID != user.ID {
+			return user, fmt.Errorf("user with given email already exists")
+		}
 	}
 	user.CreatedAt = time.Now().Unix()
 	user.UpdatedAt = time.Now().Unix()
--- a/server/db/providers/mongodb/user.go
+++ b/server/db/providers/mongodb/user.go
@@ -2,12 +2,15 @@ package mongodb

 import (
 	"context"
+	"fmt"
+	"strings"
 	"time"

 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db/models"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/google/uuid"
 	log "github.com/sirupsen/logrus"
 	"go.mongodb.org/mongo-driver/bson"
@@ -27,6 +30,15 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 		}
 		user.Roles = defaultRoles
 	}
+	if user.PhoneNumber != nil && strings.TrimSpace(refs.StringValue(user.PhoneNumber)) != "" {
+		if u, _ := p.GetUserByPhoneNumber(ctx, refs.StringValue(user.PhoneNumber)); u != nil && u.ID != user.ID {
+			return user, fmt.Errorf("user with given phone number already exists")
+		}
+	} else if user.Email != nil && strings.TrimSpace(refs.StringValue(user.Email)) != "" {
+		if u, _ := p.GetUserByEmail(ctx, refs.StringValue(user.Email)); u != nil && u.ID != user.ID {
+			return user, fmt.Errorf("user with given email already exists")
+		}
+	}
 	user.CreatedAt = time.Now().Unix()
 	user.UpdatedAt = time.Now().Unix()
 	user.Key = user.ID
--- a/server/db/providers/provider_template/user.go
+++ b/server/db/providers/provider_template/user.go
@@ -2,12 +2,15 @@ package provider_template

 import (
 	"context"
+	"fmt"
+	"strings"
 	"time"

 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db/models"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/google/uuid"
 )

@@ -23,6 +26,15 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 		}
 		user.Roles = defaultRoles
 	}
+	if user.PhoneNumber != nil && strings.TrimSpace(refs.StringValue(user.PhoneNumber)) != "" {
+		if u, _ := p.GetUserByPhoneNumber(ctx, refs.StringValue(user.PhoneNumber)); u != nil && u.ID != user.ID {
+			return user, fmt.Errorf("user with given phone number already exists")
+		}
+	} else if user.Email != nil && strings.TrimSpace(refs.StringValue(user.Email)) != "" {
+		if u, _ := p.GetUserByEmail(ctx, refs.StringValue(user.Email)); u != nil && u.ID != user.ID {
+			return user, fmt.Errorf("user with given email already exists")
+		}
+	}
 	user.CreatedAt = time.Now().Unix()
 	user.UpdatedAt = time.Now().Unix()
 	return user, nil
--- a/server/db/providers/sql/otp.go
+++ b/server/db/providers/sql/otp.go
@@ -7,33 +7,56 @@ import (

 	"github.com/authorizerdev/authorizer/server/db/models"
 	"github.com/google/uuid"
-	"gorm.io/gorm/clause"
 )

 // UpsertOTP to add or update otp
-func (p *provider) UpsertOTP(ctx context.Context, otp *models.OTP) (*models.OTP, error) {
-	if otp.ID == "" {
-		otp.ID = uuid.New().String()
+func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models.OTP, error) {
+	if otpParam.ID == "" {
+		otpParam.ID = uuid.New().String()
 	}
 	// check if email or phone number is present
-	if otp.Email == "" && otp.PhoneNumber == "" {
+	if otpParam.Email == "" && otpParam.PhoneNumber == "" {
 		return nil, errors.New("email or phone_number is required")
 	}
 	uniqueField := models.FieldNameEmail
-	if otp.Email == "" && otp.PhoneNumber != "" {
+	if otpParam.Email == "" && otpParam.PhoneNumber != "" {
 		uniqueField = models.FieldNamePhoneNumber
 	}
-	otp.Key = otp.ID
-	otp.CreatedAt = time.Now().Unix()
-	otp.UpdatedAt = time.Now().Unix()
-	res := p.db.Clauses(clause.OnConflict{
-		Columns:   []clause.Column{{Name: uniqueField}},
-		DoUpdates: clause.AssignmentColumns([]string{"otp", "expires_at", "updated_at"}),
-	}).Create(&otp)
-	if res.Error != nil {
-		return nil, res.Error
+	var otp *models.OTP
+	if uniqueField == models.FieldNameEmail {
+		otp, _ = p.GetOTPByEmail(ctx, otpParam.Email)
+	} else {
+		otp, _ = p.GetOTPByPhoneNumber(ctx, otpParam.PhoneNumber)
+	}
+	shouldCreate := false
+	if otp == nil {
+		id := uuid.NewString()
+		otp = &models.OTP{
+			ID:          id,
+			Key:         id,
+			Otp:         otpParam.Otp,
+			Email:       otpParam.Email,
+			PhoneNumber: otpParam.PhoneNumber,
+			ExpiresAt:   otpParam.ExpiresAt,
+			CreatedAt:   time.Now().Unix(),
+		}
+		shouldCreate = true
+	} else {
+		otp.Otp = otpParam.Otp
+		otp.ExpiresAt = otpParam.ExpiresAt
+	}
+	otp.UpdatedAt = time.Now().Unix()
+	if shouldCreate {
+		result := p.db.Create(&otp)
+		if result.Error != nil {
+			return nil, result.Error
+		}
+	} else {
+		result := p.db.Save(&otp)
+		if result.Error != nil {
+			return nil, result.Error
+		}
 	}
-
 	return otp, nil
 }

--- a/server/db/providers/sql/user.go
+++ b/server/db/providers/sql/user.go
@@ -13,7 +13,6 @@ import (
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/google/uuid"
 	"gorm.io/gorm"
-	"gorm.io/gorm/clause"
 )

 // AddUser to save user information in database
@@ -31,19 +30,19 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User
 	}

 	if user.PhoneNumber != nil && strings.TrimSpace(refs.StringValue(user.PhoneNumber)) != "" {
-		if u, _ := p.GetUserByPhoneNumber(ctx, refs.StringValue(user.PhoneNumber)); u != nil {
+		if u, _ := p.GetUserByPhoneNumber(ctx, refs.StringValue(user.PhoneNumber)); u != nil && u.ID != user.ID {
 			return user, fmt.Errorf("user with given phone number already exists")
 		}
+	} else if user.Email != nil && strings.TrimSpace(refs.StringValue(user.Email)) != "" {
+		if u, _ := p.GetUserByEmail(ctx, refs.StringValue(user.Email)); u != nil && u.ID != user.ID {
+			return user, fmt.Errorf("user with given email already exists")
+		}
 	}

 	user.CreatedAt = time.Now().Unix()
 	user.UpdatedAt = time.Now().Unix()
 	user.Key = user.ID
-	result := p.db.Clauses(
-		clause.OnConflict{
-			UpdateAll: true,
-			Columns:   []clause.Column{{Name: "email"}},
-		}).Create(&user)
+	result := p.db.Create(&user)

 	if result.Error != nil {
 		return user, result.Error