feat: add sending otp

2022-07-29 19:49:50 +05:30
parent 0fc9e8ccaa
commit d89be44fe5
15 changed files with 231 additions and 49 deletions
--- a/server/resolvers/invite_members.go
+++ b/server/resolvers/invite_members.go
@@ -35,13 +35,13 @@ func InviteMembersResolver(ctx context.Context, params model.InviteMemberInput)
 	}

 	// this feature is only allowed if email server is configured
-	isEmailVerificationDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableEmailVerification)
+	EnvKeyIsEmailServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsEmailServiceEnabled)
 	if err != nil {
 		log.Debug("Error getting email verification disabled: ", err)
-		isEmailVerificationDisabled = true
+		EnvKeyIsEmailServiceEnabled = false
 	}

-	if isEmailVerificationDisabled {
+	if !EnvKeyIsEmailServiceEnabled {
 		log.Debug("Email server is not configured")
 		return nil, errors.New("email sending is disabled")
 	}
--- a/server/resolvers/login.go
+++ b/server/resolvers/login.go
@@ -2,6 +2,7 @@ package resolvers

 import (
 	"context"
+	"errors"
 	"fmt"
 	"strings"
 	"time"
@@ -13,6 +14,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/cookie"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/email"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/refs"
@@ -99,12 +101,29 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
 	}

 	if refs.BoolValue(user.IsMultiFactorAuthEnabled) {
-		//TODO - send email based on email config
-		db.Provider.UpsertOTP(ctx, &models.OTP{
+		isEnvServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsEmailServiceEnabled)
+		if err != nil || !isEnvServiceEnabled {
+			log.Debug("Email service not enabled:")
+			return nil, errors.New("email service not enabled")
+		}
+		otp := utils.GenerateOTP()
+		otpData, err := db.Provider.UpsertOTP(ctx, &models.OTP{
 			Email:     user.Email,
-			Otp:       utils.GenerateOTP(),
+			Otp:       otp,
 			ExpiresAt: time.Now().Add(1 * time.Minute).Unix(),
 		})
+		if err != nil {
+			log.Debug("Failed to add otp: ", err)
+			return nil, err
+		}
+
+		go func() {
+			err := email.SendOtpMail(user.Email, otpData.Otp)
+			if err != nil {
+				log.Debug("Failed to send otp email: ", err)
+			}
+		}()
+
 		return &model.AuthResponse{
 			Message:             "Please check the OTP in your inbox",
 			ShouldShowOtpScreen: refs.NewBoolRef(true),
--- a/server/resolvers/resend_otp.go
+++ b/server/resolvers/resend_otp.go
@@ -2,6 +2,7 @@ package resolvers

 import (
 	"context"
+	"errors"
 	"fmt"
 	"strings"
 	"time"
@@ -10,6 +11,7 @@ import (

 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/email"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/utils"
@@ -17,8 +19,6 @@ import (

 // ResendOTPResolver is a resolver for resend otp mutation
 func ResendOTPResolver(ctx context.Context, params model.ResendOTPRequest) (*model.Response, error) {
-	var res *model.Response
-
 	log := log.WithFields(log.Fields{
 		"email": params.Email,
 	})
@@ -26,34 +26,57 @@ func ResendOTPResolver(ctx context.Context, params model.ResendOTPRequest) (*mod
 	user, err := db.Provider.GetUserByEmail(ctx, params.Email)
 	if err != nil {
 		log.Debug("Failed to get user by email: ", err)
-		return res, fmt.Errorf(`user with this email not found`)
+		return nil, fmt.Errorf(`user with this email not found`)
 	}

 	if user.RevokedTimestamp != nil {
 		log.Debug("User access is revoked")
-		return res, fmt.Errorf(`user access has been revoked`)
+		return nil, fmt.Errorf(`user access has been revoked`)
 	}

 	if user.EmailVerifiedAt == nil {
 		log.Debug("User email is not verified")
-		return res, fmt.Errorf(`email not verified`)
+		return nil, fmt.Errorf(`email not verified`)
 	}

 	if !refs.BoolValue(user.IsMultiFactorAuthEnabled) {
 		log.Debug("User multi factor authentication is not enabled")
-		return res, fmt.Errorf(`multi factor authentication not enabled`)
+		return nil, fmt.Errorf(`multi factor authentication not enabled`)
 	}

-	//TODO - send email based on email config
-	db.Provider.UpsertOTP(ctx, &models.OTP{
+	// get otp by email
+	otpData, err := db.Provider.GetOTPByEmail(ctx, params.Email)
+	if err != nil {
+		log.Debug("Failed to get otp for given email: ", err)
+		return nil, err
+	}
+
+	if otpData == nil {
+		log.Debug("No otp found for given email: ", params.Email)
+		return &model.Response{
+			Message: "Failed to get for given email",
+		}, errors.New("failed to get otp for given email")
+	}
+
+	otp := utils.GenerateOTP()
+	otpData, err = db.Provider.UpsertOTP(ctx, &models.OTP{
 		Email:     user.Email,
-		Otp:       utils.GenerateOTP(),
+		Otp:       otp,
 		ExpiresAt: time.Now().Add(1 * time.Minute).Unix(),
 	})
-
-	res = &model.Response{
-		Message: `OTP has been sent. Please check your inbox`,
+	if err != nil {
+		log.Debug("Error generating new otp: ", err)
+		return nil, err
 	}

-	return res, nil
+	go func() {
+		err := email.SendOtpMail(params.Email, otp)
+		if err != nil {
+			log.Debug("Error sending otp email: ", otp)
+		}
+	}()
+
+	return &model.Response{
+		Message: `OTP has been sent. Please check your inbox`,
+	}, nil
 }
--- a/server/resolvers/update_env.go
+++ b/server/resolvers/update_env.go
@@ -234,6 +234,7 @@ func UpdateEnvResolver(ctx context.Context, params model.UpdateEnvInput) (*model
 	// handle derivative cases like disabling email verification & magic login
 	// in case SMTP is off but env is set to true
 	if updatedData[constants.EnvKeySmtpHost] == "" || updatedData[constants.EnvKeySmtpUsername] == "" || updatedData[constants.EnvKeySmtpPassword] == "" || updatedData[constants.EnvKeySenderEmail] == "" && updatedData[constants.EnvKeySmtpPort] == "" {
+		updatedData[constants.EnvKeyIsEmailServiceEnabled] = false
 		if !updatedData[constants.EnvKeyDisableEmailVerification].(bool) {
 			updatedData[constants.EnvKeyDisableEmailVerification] = true
 		}
@@ -243,6 +244,10 @@ func UpdateEnvResolver(ctx context.Context, params model.UpdateEnvInput) (*model
 		}
 	}

+	if updatedData[constants.EnvKeySmtpHost] != "" || updatedData[constants.EnvKeySmtpUsername] != "" || updatedData[constants.EnvKeySmtpPassword] != "" || updatedData[constants.EnvKeySenderEmail] != "" && updatedData[constants.EnvKeySmtpPort] != "" {
+		updatedData[constants.EnvKeyIsEmailServiceEnabled] = true
+	}
+
 	// check the roles change
 	if len(params.Roles) > 0 {
 		if len(params.DefaultRoles) > 0 {
--- a/server/resolvers/update_profile.go
+++ b/server/resolvers/update_profile.go
@@ -2,6 +2,7 @@ package resolvers

 import (
 	"context"
+	"errors"
 	"fmt"
 	"strings"
 	"time"
@@ -96,6 +97,13 @@ func UpdateProfileResolver(ctx context.Context, params model.UpdateProfileInput)

 	if params.IsMultiFactorAuthEnabled != nil && refs.BoolValue(user.IsMultiFactorAuthEnabled) != refs.BoolValue(params.IsMultiFactorAuthEnabled) {
 		user.IsMultiFactorAuthEnabled = params.IsMultiFactorAuthEnabled
+		if refs.BoolValue(params.IsMultiFactorAuthEnabled) {
+			isEnvServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsEmailServiceEnabled)
+			if err != nil || !isEnvServiceEnabled {
+				log.Debug("Email service not enabled:")
+				return nil, errors.New("email service not enabled, so cannot enable multi factor authentication")
+			}
+		}
 	}

 	isPasswordChanging := false
--- a/server/resolvers/update_user.go
+++ b/server/resolvers/update_user.go
@@ -2,6 +2,7 @@ package resolvers

 import (
 	"context"
+	"errors"
 	"fmt"
 	"strings"
 	"time"
@@ -91,6 +92,13 @@ func UpdateUserResolver(ctx context.Context, params model.UpdateUserInput) (*mod

 	if params.IsMultiFactorAuthEnabled != nil && refs.BoolValue(user.IsMultiFactorAuthEnabled) != refs.BoolValue(params.IsMultiFactorAuthEnabled) {
 		user.IsMultiFactorAuthEnabled = params.IsMultiFactorAuthEnabled
+		if refs.BoolValue(params.IsMultiFactorAuthEnabled) {
+			isEnvServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsEmailServiceEnabled)
+			if err != nil || !isEnvServiceEnabled {
+				log.Debug("Email service not enabled:")
+				return nil, errors.New("email service not enabled, so cannot enable multi factor authentication")
+			}
+		}
 	}

 	if params.EmailVerified != nil {
--- a/server/resolvers/verify_otp.go
+++ b/server/resolvers/verify_otp.go
@@ -52,8 +52,7 @@ func VerifyOtpResolver(ctx context.Context, params model.VerifyOTPRequest) (*mod

 	isSignUp := user.EmailVerifiedAt == nil

-	// TODO - Add Login method in DB
-
+	// TODO - Add Login method in DB when we introduce OTP for social media login
 	loginMethod := constants.AuthRecipeMethodBasicAuth

 	roles := strings.Split(user.Roles, ",")
@@ -65,11 +64,7 @@ func VerifyOtpResolver(ctx context.Context, params model.VerifyOTPRequest) (*mod
 	}

 	go func() {
-		err = db.Provider.DeleteOTP(gc, otp)
-
-		if err != nil {
-			log.Debug("Failed to delete otp: ", err)
-		}
+		db.Provider.DeleteOTP(gc, otp)
 		if isSignUp {
 			utils.RegisterEvent(ctx, constants.UserSignUpWebhookEvent, loginMethod, user)
 		} else {