chore: format graphql schema

fix: email template resolver and for matting changes
fix: allow design variable empty value for email templates
2022-11-15 22:39:04 +05:30 · 2022-11-15 22:12:14 +05:30 · 2022-11-09 22:54:05 +05:30 · 2022-11-09 22:48:12 +05:30 · 2022-11-09 22:17:41 +05:30 · 2022-11-07 07:11:23 +05:30
14 changed files with 659 additions and 1529 deletions
--- a/dashboard/package-lock.json
+++ b/dashboard/package-lock.json
--- a/dashboard/src/components/UpdateEmailTemplateModal.tsx
+++ b/dashboard/src/components/UpdateEmailTemplateModal.tsx
@@ -29,6 +29,10 @@ import {
 	Tbody,
 	Td,
 	Code,
+	Radio,
+	RadioGroup,
+	Stack,
+	Textarea,
 } from '@chakra-ui/react';
 import { FaPlus, FaAngleDown, FaAngleUp } from 'react-icons/fa';
 import { useClient } from 'urql';
@@ -38,6 +42,7 @@ import {
 	EmailTemplateInputDataFields,
 	emailTemplateEventNames,
 	emailTemplateVariables,
+	EmailTemplateEditors,
 } from '../constants';
 import { capitalizeFirstLetter } from '../utils';
 import { AddEmailTemplate, EditEmailTemplate } from '../graphql/mutation';
@@ -66,6 +71,8 @@ interface templateVariableDataTypes {
 interface emailTemplateDataType {
 	[EmailTemplateInputDataFields.EVENT_NAME]: string;
 	[EmailTemplateInputDataFields.SUBJECT]: string;
+	[EmailTemplateInputDataFields.TEMPLATE]: string;
+	[EmailTemplateInputDataFields.DESIGN]: string;
 }

 interface validatorDataType {
@@ -75,6 +82,8 @@ interface validatorDataType {
 const initTemplateData: emailTemplateDataType = {
 	[EmailTemplateInputDataFields.EVENT_NAME]: emailTemplateEventNames.Signup,
 	[EmailTemplateInputDataFields.SUBJECT]: '',
+	[EmailTemplateInputDataFields.TEMPLATE]: '',
+	[EmailTemplateInputDataFields.DESIGN]: '',
 };

 const initTemplateValidatorData: validatorDataType = {
@@ -91,6 +100,9 @@ const UpdateEmailTemplate = ({
 	const emailEditorRef = useRef(null);
 	const { isOpen, onOpen, onClose } = useDisclosure();
 	const [loading, setLoading] = useState<boolean>(false);
+	const [editor, setEditor] = useState<string>(
+		EmailTemplateEditors.PLAIN_HTML_EDITOR,
+	);
 	const [templateVariables, setTemplateVariables] = useState<
 		templateVariableDataTypes[]
 	>([]);
@@ -107,9 +119,11 @@ const UpdateEmailTemplate = ({
 		if (selectedTemplate) {
 			const { design } = selectedTemplate;
 			try {
-				const designData = JSON.parse(design);
-				// @ts-ignore
-				emailEditorRef.current.editor.loadDesign(designData);
+				if (design) {
+					const designData = JSON.parse(design);
+					// @ts-ignore
+					emailEditorRef.current.editor.loadDesign(designData);
+				}
 			} catch (error) {
 				console.error(error);
 				onClose();
@@ -136,70 +150,85 @@ const UpdateEmailTemplate = ({
 		);
 	};

+	const updateTemplate = async (params: emailTemplateDataType) => {
+		let res: any = {};
+		if (
+			view === UpdateModalViews.Edit &&
+			selectedTemplate?.[EmailTemplateInputDataFields.ID]
+		) {
+			res = await client
+				.mutation(EditEmailTemplate, {
+					params: {
+						...params,
+						id: selectedTemplate[EmailTemplateInputDataFields.ID],
+					},
+				})
+				.toPromise();
+		} else {
+			res = await client.mutation(AddEmailTemplate, { params }).toPromise();
+		}
+		setLoading(false);
+		if (res.error) {
+			toast({
+				title: capitalizeFirstLetter(res.error.message),
+				isClosable: true,
+				status: 'error',
+				position: 'bottom-right',
+			});
+		} else if (
+			res.data?._add_email_template ||
+			res.data?._update_email_template
+		) {
+			toast({
+				title: capitalizeFirstLetter(
+					res.data?._add_email_template?.message ||
+						res.data?._update_email_template?.message,
+				),
+				isClosable: true,
+				status: 'success',
+				position: 'bottom-right',
+			});
+			setTemplateData({
+				...initTemplateData,
+			});
+			setValidator({ ...initTemplateValidatorData });
+			fetchEmailTemplatesData();
+		}
+	};
+
 	const saveData = async () => {
 		if (!validateData()) return;
 		setLoading(true);
-		// @ts-ignore
-		return await emailEditorRef.current.editor.exportHtml(async (data) => {
-			const { design, html } = data;
-			if (!html || !design) {
-				setLoading(false);
-				return;
-			}
-			const params = {
-				[EmailTemplateInputDataFields.EVENT_NAME]:
-					templateData[EmailTemplateInputDataFields.EVENT_NAME],
-				[EmailTemplateInputDataFields.SUBJECT]:
-					templateData[EmailTemplateInputDataFields.SUBJECT],
-				[EmailTemplateInputDataFields.TEMPLATE]: html.trim(),
-				[EmailTemplateInputDataFields.DESIGN]: JSON.stringify(design),
-			};
-			let res: any = {};
-			if (
-				view === UpdateModalViews.Edit &&
-				selectedTemplate?.[EmailTemplateInputDataFields.ID]
-			) {
-				res = await client
-					.mutation(EditEmailTemplate, {
-						params: {
-							...params,
-							id: selectedTemplate[EmailTemplateInputDataFields.ID],
-						},
-					})
-					.toPromise();
-			} else {
-				res = await client.mutation(AddEmailTemplate, { params }).toPromise();
-			}
-			setLoading(false);
-			if (res.error) {
-				toast({
-					title: capitalizeFirstLetter(res.error.message),
-					isClosable: true,
-					status: 'error',
-					position: 'bottom-right',
-				});
-			} else if (
-				res.data?._add_email_template ||
-				res.data?._update_email_template
-			) {
-				toast({
-					title: capitalizeFirstLetter(
-						res.data?._add_email_template?.message ||
-							res.data?._update_email_template?.message,
-					),
-					isClosable: true,
-					status: 'success',
-					position: 'bottom-right',
-				});
-				setTemplateData({
-					...initTemplateData,
-				});
-				setValidator({ ...initTemplateValidatorData });
-				fetchEmailTemplatesData();
-			}
-			view === UpdateModalViews.ADD && onClose();
-		});
+		let params: emailTemplateDataType = {
+			[EmailTemplateInputDataFields.EVENT_NAME]:
+				templateData[EmailTemplateInputDataFields.EVENT_NAME],
+			[EmailTemplateInputDataFields.SUBJECT]:
+				templateData[EmailTemplateInputDataFields.SUBJECT],
+			[EmailTemplateInputDataFields.TEMPLATE]:
+				templateData[EmailTemplateInputDataFields.TEMPLATE],
+			[EmailTemplateInputDataFields.DESIGN]: '',
+		};
+		if (editor === EmailTemplateEditors.UNLAYER_EDITOR) {
+			// @ts-ignore
+			await emailEditorRef.current.editor.exportHtml(async (data) => {
+				const { design, html } = data;
+				if (!html || !design) {
+					setLoading(false);
+					return;
+				}
+				params = {
+					...params,
+					[EmailTemplateInputDataFields.TEMPLATE]: html.trim(),
+					[EmailTemplateInputDataFields.DESIGN]: JSON.stringify(design),
+				};
+				await updateTemplate(params);
+			});
+		} else {
+			await updateTemplate(params);
+		}
+		view === UpdateModalViews.ADD && onClose();
 	};
+
 	const resetData = () => {
 		if (selectedTemplate) {
 			setTemplateData(selectedTemplate);
@@ -207,6 +236,8 @@ const UpdateEmailTemplate = ({
 			setTemplateData({ ...initTemplateData });
 		}
 	};
+
+	// set template data if edit modal is open
 	useEffect(() => {
 		if (
 			isOpen &&
@@ -214,10 +245,12 @@ const UpdateEmailTemplate = ({
 			selectedTemplate &&
 			Object.keys(selectedTemplate || {}).length
 		) {
-			const { id, created_at, template, design, ...rest } = selectedTemplate;
+			const { id, created_at, ...rest } = selectedTemplate;
 			setTemplateData(rest);
 		}
 	}, [isOpen]);
+
+	// set template variables
 	useEffect(() => {
 		const updatedTemplateVariables = Object.entries(
 			emailTemplateVariables,
@@ -244,6 +277,51 @@ const UpdateEmailTemplate = ({
 		setTemplateVariables(updatedTemplateVariables);
 	}, [templateData[EmailTemplateInputDataFields.EVENT_NAME]]);

+	// change editor
+	useEffect(() => {
+		if (isOpen && selectedTemplate) {
+			const { design } = selectedTemplate;
+			if (design) {
+				setEditor(EmailTemplateEditors.UNLAYER_EDITOR);
+			} else {
+				setEditor(EmailTemplateEditors.PLAIN_HTML_EDITOR);
+			}
+		}
+	}, [isOpen, selectedTemplate]);
+
+	// reset fields when editor is changed
+	useEffect(() => {
+		if (selectedTemplate?.design) {
+			if (editor === EmailTemplateEditors.UNLAYER_EDITOR) {
+				setTemplateData({
+					...templateData,
+					[EmailTemplateInputDataFields.TEMPLATE]: selectedTemplate.template,
+					[EmailTemplateInputDataFields.DESIGN]: selectedTemplate.design,
+				});
+			} else {
+				setTemplateData({
+					...templateData,
+					[EmailTemplateInputDataFields.TEMPLATE]: '',
+					[EmailTemplateInputDataFields.DESIGN]: '',
+				});
+			}
+		} else if (selectedTemplate?.template) {
+			if (editor === EmailTemplateEditors.UNLAYER_EDITOR) {
+				setTemplateData({
+					...templateData,
+					[EmailTemplateInputDataFields.TEMPLATE]: '',
+					[EmailTemplateInputDataFields.DESIGN]: '',
+				});
+			} else {
+				setTemplateData({
+					...templateData,
+					[EmailTemplateInputDataFields.TEMPLATE]: selectedTemplate?.template,
+					[EmailTemplateInputDataFields.DESIGN]: '',
+				});
+			}
+		}
+	}, [editor]);
+
 	return (
 		<>
 			{view === UpdateModalViews.ADD ? (
@@ -414,7 +492,22 @@ const UpdateEmailTemplate = ({
 								alignItems="center"
 								marginBottom="2%"
 							>
-								Template Body
+								<Flex flex="1">Template Body</Flex>
+								<Flex flex="3">
+									<RadioGroup
+										onChange={(value) => setEditor(value)}
+										value={editor}
+									>
+										<Stack direction="row" spacing="50px">
+											<Radio value={EmailTemplateEditors.PLAIN_HTML_EDITOR}>
+												Plain HTML
+											</Radio>
+											<Radio value={EmailTemplateEditors.UNLAYER_EDITOR}>
+												Unlayer Editor
+											</Radio>
+										</Stack>
+									</RadioGroup>
+								</Flex>
 							</Flex>
 							<Flex
 								width="100%"
@@ -423,7 +516,22 @@ const UpdateEmailTemplate = ({
 								border="1px solid"
 								borderColor="gray.200"
 							>
-								<EmailEditor ref={emailEditorRef} onReady={onReady} />
+								{editor === EmailTemplateEditors.UNLAYER_EDITOR ? (
+									<EmailEditor ref={emailEditorRef} onReady={onReady} />
+								) : (
+									<Textarea
+										value={templateData.template}
+										onChange={(e) => {
+											setTemplateData({
+												...templateData,
+												[EmailTemplateInputDataFields.TEMPLATE]: e.target.value,
+											});
+										}}
+										placeholder="Template HTML"
+										border="0"
+										height="500px"
+									/>
+								)}
 							</Flex>
 						</Flex>
 					</ModalBody>
--- a/dashboard/src/constants.ts
+++ b/dashboard/src/constants.ts
@@ -337,3 +337,8 @@ export const webhookPayloadExample: string = `{
 	},
 	"auth_recipe":"google"
 }`;
+
+export enum EmailTemplateEditors {
+	UNLAYER_EDITOR = 'unlayer_editor',
+	PLAIN_HTML_EDITOR = 'plain_html_editor',
+}
--- a/server/db/providers/dynamodb/provider.go
+++ b/server/db/providers/dynamodb/provider.go
@@ -26,7 +26,6 @@ func NewProvider() (*provider, error) {
 	config := aws.Config{
 		MaxRetries:                    aws.Int(3),
 		CredentialsChainVerboseErrors: aws.Bool(true), // for full error logs
-
 	}

 	if awsRegion != "" {
--- a/server/graph/generated/generated.go
+++ b/server/graph/generated/generated.go
@@ -246,6 +246,7 @@ type ComplexityRoot struct {
 	}

 	ValidateJWTTokenResponse struct {
+		Claims  func(childComplexity int) int
 		IsValid func(childComplexity int) int
 	}

@@ -1646,6 +1647,13 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in

 		return e.complexity.Users.Users(childComplexity), true

+	case "ValidateJWTTokenResponse.claims":
+		if e.complexity.ValidateJWTTokenResponse.Claims == nil {
+			break
+		}
+
+		return e.complexity.ValidateJWTTokenResponse.Claims(childComplexity), true
+
 	case "ValidateJWTTokenResponse.is_valid":
 		if e.complexity.ValidateJWTTokenResponse.IsValid == nil {
 			break
@@ -1963,500 +1971,501 @@ scalar Map
 scalar Any

 type Pagination {
-  limit: Int64!
-  page: Int64!
-  offset: Int64!
-  total: Int64!
+	limit: Int64!
+	page: Int64!
+	offset: Int64!
+	total: Int64!
 }

 type Meta {
-  version: String!
-  client_id: String!
-  is_google_login_enabled: Boolean!
-  is_facebook_login_enabled: Boolean!
-  is_github_login_enabled: Boolean!
-  is_linkedin_login_enabled: Boolean!
-  is_apple_login_enabled: Boolean!
-  is_twitter_login_enabled: Boolean!
-  is_email_verification_enabled: Boolean!
-  is_basic_authentication_enabled: Boolean!
-  is_magic_link_login_enabled: Boolean!
-  is_sign_up_enabled: Boolean!
-  is_strong_password_enabled: Boolean!
-  is_multi_factor_auth_enabled: Boolean!
+	version: String!
+	client_id: String!
+	is_google_login_enabled: Boolean!
+	is_facebook_login_enabled: Boolean!
+	is_github_login_enabled: Boolean!
+	is_linkedin_login_enabled: Boolean!
+	is_apple_login_enabled: Boolean!
+	is_twitter_login_enabled: Boolean!
+	is_email_verification_enabled: Boolean!
+	is_basic_authentication_enabled: Boolean!
+	is_magic_link_login_enabled: Boolean!
+	is_sign_up_enabled: Boolean!
+	is_strong_password_enabled: Boolean!
+	is_multi_factor_auth_enabled: Boolean!
 }

 type User {
-  id: ID!
-  email: String!
-  email_verified: Boolean!
-  signup_methods: String!
-  given_name: String
-  family_name: String
-  middle_name: String
-  nickname: String
-  # defaults to email
-  preferred_username: String
-  gender: String
-  birthdate: String
-  phone_number: String
-  phone_number_verified: Boolean
-  picture: String
-  roles: [String!]!
-  created_at: Int64
-  updated_at: Int64
-  revoked_timestamp: Int64
-  is_multi_factor_auth_enabled: Boolean
+	id: ID!
+	email: String!
+	email_verified: Boolean!
+	signup_methods: String!
+	given_name: String
+	family_name: String
+	middle_name: String
+	nickname: String
+	# defaults to email
+	preferred_username: String
+	gender: String
+	birthdate: String
+	phone_number: String
+	phone_number_verified: Boolean
+	picture: String
+	roles: [String!]!
+	created_at: Int64
+	updated_at: Int64
+	revoked_timestamp: Int64
+	is_multi_factor_auth_enabled: Boolean
 }

 type Users {
-  pagination: Pagination!
-  users: [User!]!
+	pagination: Pagination!
+	users: [User!]!
 }

 type VerificationRequest {
-  id: ID!
-  identifier: String
-  token: String
-  email: String
-  expires: Int64
-  created_at: Int64
-  updated_at: Int64
-  nonce: String
-  redirect_uri: String
+	id: ID!
+	identifier: String
+	token: String
+	email: String
+	expires: Int64
+	created_at: Int64
+	updated_at: Int64
+	nonce: String
+	redirect_uri: String
 }

 type VerificationRequests {
-  pagination: Pagination!
-  verification_requests: [VerificationRequest!]!
+	pagination: Pagination!
+	verification_requests: [VerificationRequest!]!
 }

 type Error {
-  message: String!
-  reason: String!
+	message: String!
+	reason: String!
 }

 type AuthResponse {
-  message: String!
-  should_show_otp_screen: Boolean
-  access_token: String
-  id_token: String
-  refresh_token: String
-  expires_in: Int64
-  user: User
+	message: String!
+	should_show_otp_screen: Boolean
+	access_token: String
+	id_token: String
+	refresh_token: String
+	expires_in: Int64
+	user: User
 }

 type Response {
-  message: String!
+	message: String!
 }

 type Env {
-  ACCESS_TOKEN_EXPIRY_TIME: String
-  ADMIN_SECRET: String
-  DATABASE_NAME: String
-  DATABASE_URL: String
-  DATABASE_TYPE: String
-  DATABASE_USERNAME: String
-  DATABASE_PASSWORD: String
-  DATABASE_HOST: String
-  DATABASE_PORT: String
-  CLIENT_ID: String!
-  CLIENT_SECRET: String!
-  CUSTOM_ACCESS_TOKEN_SCRIPT: String
-  SMTP_HOST: String
-  SMTP_PORT: String
-  SMTP_USERNAME: String
-  SMTP_PASSWORD: String
-  SMTP_LOCAL_NAME: String
-  SENDER_EMAIL: String
-  JWT_TYPE: String
-  JWT_SECRET: String
-  JWT_PRIVATE_KEY: String
-  JWT_PUBLIC_KEY: String
-  ALLOWED_ORIGINS: [String!]
-  APP_URL: String
-  REDIS_URL: String
-  RESET_PASSWORD_URL: String
-  DISABLE_EMAIL_VERIFICATION: Boolean!
-  DISABLE_BASIC_AUTHENTICATION: Boolean!
-  DISABLE_MAGIC_LINK_LOGIN: Boolean!
-  DISABLE_LOGIN_PAGE: Boolean!
-  DISABLE_SIGN_UP: Boolean!
-  DISABLE_REDIS_FOR_ENV: Boolean!
-  DISABLE_STRONG_PASSWORD: Boolean!
-  DISABLE_MULTI_FACTOR_AUTHENTICATION: Boolean!
-  ENFORCE_MULTI_FACTOR_AUTHENTICATION: Boolean!
-  ROLES: [String!]
-  PROTECTED_ROLES: [String!]
-  DEFAULT_ROLES: [String!]
-  JWT_ROLE_CLAIM: String
-  GOOGLE_CLIENT_ID: String
-  GOOGLE_CLIENT_SECRET: String
-  GITHUB_CLIENT_ID: String
-  GITHUB_CLIENT_SECRET: String
-  FACEBOOK_CLIENT_ID: String
-  FACEBOOK_CLIENT_SECRET: String
-  LINKEDIN_CLIENT_ID: String
-  LINKEDIN_CLIENT_SECRET: String
-  APPLE_CLIENT_ID: String
-  APPLE_CLIENT_SECRET: String
-  TWITTER_CLIENT_ID: String
-  TWITTER_CLIENT_SECRET: String
-  ORGANIZATION_NAME: String
-  ORGANIZATION_LOGO: String
-  APP_COOKIE_SECURE: Boolean!
-  ADMIN_COOKIE_SECURE: Boolean!
+	ACCESS_TOKEN_EXPIRY_TIME: String
+	ADMIN_SECRET: String
+	DATABASE_NAME: String
+	DATABASE_URL: String
+	DATABASE_TYPE: String
+	DATABASE_USERNAME: String
+	DATABASE_PASSWORD: String
+	DATABASE_HOST: String
+	DATABASE_PORT: String
+	CLIENT_ID: String!
+	CLIENT_SECRET: String!
+	CUSTOM_ACCESS_TOKEN_SCRIPT: String
+	SMTP_HOST: String
+	SMTP_PORT: String
+	SMTP_USERNAME: String
+	SMTP_PASSWORD: String
+	SMTP_LOCAL_NAME: String
+	SENDER_EMAIL: String
+	JWT_TYPE: String
+	JWT_SECRET: String
+	JWT_PRIVATE_KEY: String
+	JWT_PUBLIC_KEY: String
+	ALLOWED_ORIGINS: [String!]
+	APP_URL: String
+	REDIS_URL: String
+	RESET_PASSWORD_URL: String
+	DISABLE_EMAIL_VERIFICATION: Boolean!
+	DISABLE_BASIC_AUTHENTICATION: Boolean!
+	DISABLE_MAGIC_LINK_LOGIN: Boolean!
+	DISABLE_LOGIN_PAGE: Boolean!
+	DISABLE_SIGN_UP: Boolean!
+	DISABLE_REDIS_FOR_ENV: Boolean!
+	DISABLE_STRONG_PASSWORD: Boolean!
+	DISABLE_MULTI_FACTOR_AUTHENTICATION: Boolean!
+	ENFORCE_MULTI_FACTOR_AUTHENTICATION: Boolean!
+	ROLES: [String!]
+	PROTECTED_ROLES: [String!]
+	DEFAULT_ROLES: [String!]
+	JWT_ROLE_CLAIM: String
+	GOOGLE_CLIENT_ID: String
+	GOOGLE_CLIENT_SECRET: String
+	GITHUB_CLIENT_ID: String
+	GITHUB_CLIENT_SECRET: String
+	FACEBOOK_CLIENT_ID: String
+	FACEBOOK_CLIENT_SECRET: String
+	LINKEDIN_CLIENT_ID: String
+	LINKEDIN_CLIENT_SECRET: String
+	APPLE_CLIENT_ID: String
+	APPLE_CLIENT_SECRET: String
+	TWITTER_CLIENT_ID: String
+	TWITTER_CLIENT_SECRET: String
+	ORGANIZATION_NAME: String
+	ORGANIZATION_LOGO: String
+	APP_COOKIE_SECURE: Boolean!
+	ADMIN_COOKIE_SECURE: Boolean!
 }

 type ValidateJWTTokenResponse {
-  is_valid: Boolean!
+	is_valid: Boolean!
+	claims: Map
 }

 type GenerateJWTKeysResponse {
-  secret: String
-  public_key: String
-  private_key: String
+	secret: String
+	public_key: String
+	private_key: String
 }

 type Webhook {
-  id: ID!
-  event_name: String
-  endpoint: String
-  enabled: Boolean
-  headers: Map
-  created_at: Int64
-  updated_at: Int64
+	id: ID!
+	event_name: String
+	endpoint: String
+	enabled: Boolean
+	headers: Map
+	created_at: Int64
+	updated_at: Int64
 }

 type Webhooks {
-  pagination: Pagination!
-  webhooks: [Webhook!]!
+	pagination: Pagination!
+	webhooks: [Webhook!]!
 }

 type WebhookLog {
-  id: ID!
-  http_status: Int64
-  response: String
-  request: String
-  webhook_id: ID
-  created_at: Int64
-  updated_at: Int64
+	id: ID!
+	http_status: Int64
+	response: String
+	request: String
+	webhook_id: ID
+	created_at: Int64
+	updated_at: Int64
 }

 type TestEndpointResponse {
-  http_status: Int64
-  response: String
+	http_status: Int64
+	response: String
 }

 type WebhookLogs {
-  pagination: Pagination!
-  webhook_logs: [WebhookLog!]!
+	pagination: Pagination!
+	webhook_logs: [WebhookLog!]!
 }

 type EmailTemplate {
-  id: ID!
-  event_name: String!
-  template: String!
-  design: String!
-  subject: String!
-  created_at: Int64
-  updated_at: Int64
+	id: ID!
+	event_name: String!
+	template: String!
+	design: String!
+	subject: String!
+	created_at: Int64
+	updated_at: Int64
 }

 type EmailTemplates {
-  pagination: Pagination!
-  email_templates: [EmailTemplate!]!
+	pagination: Pagination!
+	email_templates: [EmailTemplate!]!
 }

 input UpdateEnvInput {
-  ACCESS_TOKEN_EXPIRY_TIME: String
-  ADMIN_SECRET: String
-  CUSTOM_ACCESS_TOKEN_SCRIPT: String
-  OLD_ADMIN_SECRET: String
-  SMTP_HOST: String
-  SMTP_PORT: String
-  SMTP_USERNAME: String
-  SMTP_PASSWORD: String
-  SMTP_LOCAL_NAME: String
-  SENDER_EMAIL: String
-  JWT_TYPE: String
-  JWT_SECRET: String
-  JWT_PRIVATE_KEY: String
-  JWT_PUBLIC_KEY: String
-  ALLOWED_ORIGINS: [String!]
-  APP_URL: String
-  RESET_PASSWORD_URL: String
-  APP_COOKIE_SECURE: Boolean
-  ADMIN_COOKIE_SECURE: Boolean
-  DISABLE_EMAIL_VERIFICATION: Boolean
-  DISABLE_BASIC_AUTHENTICATION: Boolean
-  DISABLE_MAGIC_LINK_LOGIN: Boolean
-  DISABLE_LOGIN_PAGE: Boolean
-  DISABLE_SIGN_UP: Boolean
-  DISABLE_REDIS_FOR_ENV: Boolean
-  DISABLE_STRONG_PASSWORD: Boolean
-  DISABLE_MULTI_FACTOR_AUTHENTICATION: Boolean
-  ENFORCE_MULTI_FACTOR_AUTHENTICATION: Boolean
-  ROLES: [String!]
-  PROTECTED_ROLES: [String!]
-  DEFAULT_ROLES: [String!]
-  JWT_ROLE_CLAIM: String
-  GOOGLE_CLIENT_ID: String
-  GOOGLE_CLIENT_SECRET: String
-  GITHUB_CLIENT_ID: String
-  GITHUB_CLIENT_SECRET: String
-  FACEBOOK_CLIENT_ID: String
-  FACEBOOK_CLIENT_SECRET: String
-  LINKEDIN_CLIENT_ID: String
-  LINKEDIN_CLIENT_SECRET: String
-  APPLE_CLIENT_ID: String
-  APPLE_CLIENT_SECRET: String
-  TWITTER_CLIENT_ID: String
-  TWITTER_CLIENT_SECRET: String
-  ORGANIZATION_NAME: String
-  ORGANIZATION_LOGO: String
+	ACCESS_TOKEN_EXPIRY_TIME: String
+	ADMIN_SECRET: String
+	CUSTOM_ACCESS_TOKEN_SCRIPT: String
+	OLD_ADMIN_SECRET: String
+	SMTP_HOST: String
+	SMTP_PORT: String
+	SMTP_USERNAME: String
+	SMTP_PASSWORD: String
+	SMTP_LOCAL_NAME: String
+	SENDER_EMAIL: String
+	JWT_TYPE: String
+	JWT_SECRET: String
+	JWT_PRIVATE_KEY: String
+	JWT_PUBLIC_KEY: String
+	ALLOWED_ORIGINS: [String!]
+	APP_URL: String
+	RESET_PASSWORD_URL: String
+	APP_COOKIE_SECURE: Boolean
+	ADMIN_COOKIE_SECURE: Boolean
+	DISABLE_EMAIL_VERIFICATION: Boolean
+	DISABLE_BASIC_AUTHENTICATION: Boolean
+	DISABLE_MAGIC_LINK_LOGIN: Boolean
+	DISABLE_LOGIN_PAGE: Boolean
+	DISABLE_SIGN_UP: Boolean
+	DISABLE_REDIS_FOR_ENV: Boolean
+	DISABLE_STRONG_PASSWORD: Boolean
+	DISABLE_MULTI_FACTOR_AUTHENTICATION: Boolean
+	ENFORCE_MULTI_FACTOR_AUTHENTICATION: Boolean
+	ROLES: [String!]
+	PROTECTED_ROLES: [String!]
+	DEFAULT_ROLES: [String!]
+	JWT_ROLE_CLAIM: String
+	GOOGLE_CLIENT_ID: String
+	GOOGLE_CLIENT_SECRET: String
+	GITHUB_CLIENT_ID: String
+	GITHUB_CLIENT_SECRET: String
+	FACEBOOK_CLIENT_ID: String
+	FACEBOOK_CLIENT_SECRET: String
+	LINKEDIN_CLIENT_ID: String
+	LINKEDIN_CLIENT_SECRET: String
+	APPLE_CLIENT_ID: String
+	APPLE_CLIENT_SECRET: String
+	TWITTER_CLIENT_ID: String
+	TWITTER_CLIENT_SECRET: String
+	ORGANIZATION_NAME: String
+	ORGANIZATION_LOGO: String
 }

 input AdminLoginInput {
-  admin_secret: String!
+	admin_secret: String!
 }

 input AdminSignupInput {
-  admin_secret: String!
+	admin_secret: String!
 }

 input SignUpInput {
-  email: String!
-  given_name: String
-  family_name: String
-  middle_name: String
-  nickname: String
-  gender: String
-  birthdate: String
-  phone_number: String
-  picture: String
-  password: String!
-  confirm_password: String!
-  roles: [String!]
-  scope: [String!]
-  redirect_uri: String
-  is_multi_factor_auth_enabled: Boolean
+	email: String!
+	given_name: String
+	family_name: String
+	middle_name: String
+	nickname: String
+	gender: String
+	birthdate: String
+	phone_number: String
+	picture: String
+	password: String!
+	confirm_password: String!
+	roles: [String!]
+	scope: [String!]
+	redirect_uri: String
+	is_multi_factor_auth_enabled: Boolean
 }

 input LoginInput {
-  email: String!
-  password: String!
-  roles: [String!]
-  scope: [String!]
+	email: String!
+	password: String!
+	roles: [String!]
+	scope: [String!]
 }

 input VerifyEmailInput {
-  token: String!
+	token: String!
 }

 input ResendVerifyEmailInput {
-  email: String!
-  identifier: String!
+	email: String!
+	identifier: String!
 }

 input UpdateProfileInput {
-  old_password: String
-  new_password: String
-  confirm_new_password: String
-  email: String
-  given_name: String
-  family_name: String
-  middle_name: String
-  nickname: String
-  gender: String
-  birthdate: String
-  phone_number: String
-  picture: String
-  is_multi_factor_auth_enabled: Boolean
+	old_password: String
+	new_password: String
+	confirm_new_password: String
+	email: String
+	given_name: String
+	family_name: String
+	middle_name: String
+	nickname: String
+	gender: String
+	birthdate: String
+	phone_number: String
+	picture: String
+	is_multi_factor_auth_enabled: Boolean
 }

 input UpdateUserInput {
-  id: ID!
-  email: String
-  email_verified: Boolean
-  given_name: String
-  family_name: String
-  middle_name: String
-  nickname: String
-  gender: String
-  birthdate: String
-  phone_number: String
-  picture: String
-  roles: [String]
-  is_multi_factor_auth_enabled: Boolean
+	id: ID!
+	email: String
+	email_verified: Boolean
+	given_name: String
+	family_name: String
+	middle_name: String
+	nickname: String
+	gender: String
+	birthdate: String
+	phone_number: String
+	picture: String
+	roles: [String]
+	is_multi_factor_auth_enabled: Boolean
 }

 input ForgotPasswordInput {
-  email: String!
-  state: String
-  redirect_uri: String
+	email: String!
+	state: String
+	redirect_uri: String
 }

 input ResetPasswordInput {
-  token: String!
-  password: String!
-  confirm_password: String!
+	token: String!
+	password: String!
+	confirm_password: String!
 }

 input DeleteUserInput {
-  email: String!
+	email: String!
 }

 input MagicLinkLoginInput {
-  email: String!
-  roles: [String!]
-  scope: [String!]
-  state: String
-  redirect_uri: String
+	email: String!
+	roles: [String!]
+	scope: [String!]
+	state: String
+	redirect_uri: String
 }

 input SessionQueryInput {
-  roles: [String!]
-  scope: [String!]
+	roles: [String!]
+	scope: [String!]
 }

 input PaginationInput {
-  limit: Int64
-  page: Int64
+	limit: Int64
+	page: Int64
 }

 input PaginatedInput {
-  pagination: PaginationInput
+	pagination: PaginationInput
 }

 input OAuthRevokeInput {
-  refresh_token: String!
+	refresh_token: String!
 }

 input InviteMemberInput {
-  emails: [String!]!
-  redirect_uri: String
+	emails: [String!]!
+	redirect_uri: String
 }

 input UpdateAccessInput {
-  user_id: String!
+	user_id: String!
 }

 input ValidateJWTTokenInput {
-  token_type: String!
-  token: String!
-  roles: [String!]
+	token_type: String!
+	token: String!
+	roles: [String!]
 }

 input GenerateJWTKeysInput {
-  type: String!
+	type: String!
 }

 input ListWebhookLogRequest {
-  pagination: PaginationInput
-  webhook_id: String
+	pagination: PaginationInput
+	webhook_id: String
 }

 input AddWebhookRequest {
-  event_name: String!
-  endpoint: String!
-  enabled: Boolean!
-  headers: Map
+	event_name: String!
+	endpoint: String!
+	enabled: Boolean!
+	headers: Map
 }

 input UpdateWebhookRequest {
-  id: ID!
-  event_name: String
-  endpoint: String
-  enabled: Boolean
-  headers: Map
+	id: ID!
+	event_name: String
+	endpoint: String
+	enabled: Boolean
+	headers: Map
 }

 input WebhookRequest {
-  id: ID!
+	id: ID!
 }

 input TestEndpointRequest {
-  endpoint: String!
-  event_name: String!
-  headers: Map
+	endpoint: String!
+	event_name: String!
+	headers: Map
 }

 input AddEmailTemplateRequest {
-  event_name: String!
-  subject: String!
-  template: String!
-  design: String!
+	event_name: String!
+	subject: String!
+	template: String!
+	design: String
 }

 input UpdateEmailTemplateRequest {
-  id: ID!
-  event_name: String
-  template: String
-  subject: String
-  design: String
+	id: ID!
+	event_name: String
+	template: String
+	subject: String
+	design: String
 }

 input DeleteEmailTemplateRequest {
-  id: ID!
+	id: ID!
 }

 input VerifyOTPRequest {
-  email: String!
-  otp: String!
+	email: String!
+	otp: String!
 }

 input ResendOTPRequest {
-  email: String!
+	email: String!
 }

 type Mutation {
-  signup(params: SignUpInput!): AuthResponse!
-  login(params: LoginInput!): AuthResponse!
-  magic_link_login(params: MagicLinkLoginInput!): Response!
-  logout: Response!
-  update_profile(params: UpdateProfileInput!): Response!
-  verify_email(params: VerifyEmailInput!): AuthResponse!
-  resend_verify_email(params: ResendVerifyEmailInput!): Response!
-  forgot_password(params: ForgotPasswordInput!): Response!
-  reset_password(params: ResetPasswordInput!): Response!
-  revoke(params: OAuthRevokeInput!): Response!
-  verify_otp(params: VerifyOTPRequest!): AuthResponse!
-  resend_otp(params: ResendOTPRequest!): Response!
-  # admin only apis
-  _delete_user(params: DeleteUserInput!): Response!
-  _update_user(params: UpdateUserInput!): User!
-  _admin_signup(params: AdminSignupInput!): Response!
-  _admin_login(params: AdminLoginInput!): Response!
-  _admin_logout: Response!
-  _update_env(params: UpdateEnvInput!): Response!
-  _invite_members(params: InviteMemberInput!): Response!
-  _revoke_access(param: UpdateAccessInput!): Response!
-  _enable_access(param: UpdateAccessInput!): Response!
-  _generate_jwt_keys(params: GenerateJWTKeysInput!): GenerateJWTKeysResponse!
-  _add_webhook(params: AddWebhookRequest!): Response!
-  _update_webhook(params: UpdateWebhookRequest!): Response!
-  _delete_webhook(params: WebhookRequest!): Response!
-  _test_endpoint(params: TestEndpointRequest!): TestEndpointResponse!
-  _add_email_template(params: AddEmailTemplateRequest!): Response!
-  _update_email_template(params: UpdateEmailTemplateRequest!): Response!
-  _delete_email_template(params: DeleteEmailTemplateRequest!): Response!
+	signup(params: SignUpInput!): AuthResponse!
+	login(params: LoginInput!): AuthResponse!
+	magic_link_login(params: MagicLinkLoginInput!): Response!
+	logout: Response!
+	update_profile(params: UpdateProfileInput!): Response!
+	verify_email(params: VerifyEmailInput!): AuthResponse!
+	resend_verify_email(params: ResendVerifyEmailInput!): Response!
+	forgot_password(params: ForgotPasswordInput!): Response!
+	reset_password(params: ResetPasswordInput!): Response!
+	revoke(params: OAuthRevokeInput!): Response!
+	verify_otp(params: VerifyOTPRequest!): AuthResponse!
+	resend_otp(params: ResendOTPRequest!): Response!
+	# admin only apis
+	_delete_user(params: DeleteUserInput!): Response!
+	_update_user(params: UpdateUserInput!): User!
+	_admin_signup(params: AdminSignupInput!): Response!
+	_admin_login(params: AdminLoginInput!): Response!
+	_admin_logout: Response!
+	_update_env(params: UpdateEnvInput!): Response!
+	_invite_members(params: InviteMemberInput!): Response!
+	_revoke_access(param: UpdateAccessInput!): Response!
+	_enable_access(param: UpdateAccessInput!): Response!
+	_generate_jwt_keys(params: GenerateJWTKeysInput!): GenerateJWTKeysResponse!
+	_add_webhook(params: AddWebhookRequest!): Response!
+	_update_webhook(params: UpdateWebhookRequest!): Response!
+	_delete_webhook(params: WebhookRequest!): Response!
+	_test_endpoint(params: TestEndpointRequest!): TestEndpointResponse!
+	_add_email_template(params: AddEmailTemplateRequest!): Response!
+	_update_email_template(params: UpdateEmailTemplateRequest!): Response!
+	_delete_email_template(params: DeleteEmailTemplateRequest!): Response!
 }

 type Query {
-  meta: Meta!
-  session(params: SessionQueryInput): AuthResponse!
-  profile: User!
-  validate_jwt_token(params: ValidateJWTTokenInput!): ValidateJWTTokenResponse!
-  # admin only apis
-  _users(params: PaginatedInput): Users!
-  _verification_requests(params: PaginatedInput): VerificationRequests!
-  _admin_session: Response!
-  _env: Env!
-  _webhook(params: WebhookRequest!): Webhook!
-  _webhooks(params: PaginatedInput): Webhooks!
-  _webhook_logs(params: ListWebhookLogRequest): WebhookLogs!
-  _email_templates(params: PaginatedInput): EmailTemplates!
+	meta: Meta!
+	session(params: SessionQueryInput): AuthResponse!
+	profile: User!
+	validate_jwt_token(params: ValidateJWTTokenInput!): ValidateJWTTokenResponse!
+	# admin only apis
+	_users(params: PaginatedInput): Users!
+	_verification_requests(params: PaginatedInput): VerificationRequests!
+	_admin_session: Response!
+	_env: Env!
+	_webhook(params: WebhookRequest!): Webhook!
+	_webhooks(params: PaginatedInput): Webhooks!
+	_webhook_logs(params: ListWebhookLogRequest): WebhookLogs!
+	_email_templates(params: PaginatedInput): EmailTemplates!
 }
 `, BuiltIn: false},
 }
@@ -9136,6 +9145,8 @@ func (ec *executionContext) fieldContext_Query_validate_jwt_token(ctx context.Co
 			switch field.Name {
 			case "is_valid":
 				return ec.fieldContext_ValidateJWTTokenResponse_is_valid(ctx, field)
+			case "claims":
+				return ec.fieldContext_ValidateJWTTokenResponse_claims(ctx, field)
 			}
 			return nil, fmt.Errorf("no field named %q was found under type ValidateJWTTokenResponse", field.Name)
 		},
@@ -10965,6 +10976,47 @@ func (ec *executionContext) fieldContext_ValidateJWTTokenResponse_is_valid(ctx c
 	return fc, nil
 }

+func (ec *executionContext) _ValidateJWTTokenResponse_claims(ctx context.Context, field graphql.CollectedField, obj *model.ValidateJWTTokenResponse) (ret graphql.Marshaler) {
+	fc, err := ec.fieldContext_ValidateJWTTokenResponse_claims(ctx, field)
+	if err != nil {
+		return graphql.Null
+	}
+	ctx = graphql.WithFieldContext(ctx, fc)
+	defer func() {
+		if r := recover(); r != nil {
+			ec.Error(ctx, ec.Recover(ctx, r))
+			ret = graphql.Null
+		}
+	}()
+	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
+		ctx = rctx // use context from middleware stack in children
+		return obj.Claims, nil
+	})
+	if err != nil {
+		ec.Error(ctx, err)
+		return graphql.Null
+	}
+	if resTmp == nil {
+		return graphql.Null
+	}
+	res := resTmp.(map[string]interface{})
+	fc.Result = res
+	return ec.marshalOMap2map(ctx, field.Selections, res)
+}
+
+func (ec *executionContext) fieldContext_ValidateJWTTokenResponse_claims(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) {
+	fc = &graphql.FieldContext{
+		Object:     "ValidateJWTTokenResponse",
+		Field:      field,
+		IsMethod:   false,
+		IsResolver: false,
+		Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) {
+			return nil, errors.New("field of type Map does not have child fields")
+		},
+	}
+	return fc, nil
+}
+
 func (ec *executionContext) _VerificationRequest_id(ctx context.Context, field graphql.CollectedField, obj *model.VerificationRequest) (ret graphql.Marshaler) {
 	fc, err := ec.fieldContext_VerificationRequest_id(ctx, field)
 	if err != nil {
@@ -14078,7 +14130,7 @@ func (ec *executionContext) unmarshalInputAddEmailTemplateRequest(ctx context.Co
 			var err error

 			ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("design"))
-			it.Design, err = ec.unmarshalNString2string(ctx, v)
+			it.Design, err = ec.unmarshalOString2ᚖstring(ctx, v)
 			if err != nil {
 				return it, err
 			}
@@ -17353,6 +17405,10 @@ func (ec *executionContext) _ValidateJWTTokenResponse(ctx context.Context, sel a
 			if out.Values[i] == graphql.Null {
 				invalids++
 			}
+		case "claims":
+
+			out.Values[i] = ec._ValidateJWTTokenResponse_claims(ctx, field, obj)
+
 		default:
 			panic("unknown field " + strconv.Quote(field.Name))
 		}
--- a/server/graph/model/models_gen.go
+++ b/server/graph/model/models_gen.go
@@ -3,10 +3,10 @@
 package model

 type AddEmailTemplateRequest struct {
-	EventName string `json:"event_name"`
-	Subject   string `json:"subject"`
-	Template  string `json:"template"`
-	Design    string `json:"design"`
+	EventName string  `json:"event_name"`
+	Subject   string  `json:"subject"`
+	Template  string  `json:"template"`
+	Design    *string `json:"design"`
 }

 type AddWebhookRequest struct {
@@ -386,7 +386,8 @@ type ValidateJWTTokenInput struct {
 }

 type ValidateJWTTokenResponse struct {
-	IsValid bool `json:"is_valid"`
+	IsValid bool                   `json:"is_valid"`
+	Claims  map[string]interface{} `json:"claims"`
 }

 type VerificationRequest struct {
--- a/server/graph/schema.graphqls
+++ b/server/graph/schema.graphqls
@@ -153,6 +153,7 @@ type Env {

 type ValidateJWTTokenResponse {
  is_valid: Boolean!
+  claims: Map
 }

 type GenerateJWTKeysResponse {
@@ -429,7 +430,7 @@ input AddEmailTemplateRequest {
  event_name: String!
  subject: String!
  template: String!
-  design: String!
+  design: String
 }

 input UpdateEmailTemplateRequest {
@@ -500,4 +501,4 @@ type Query {
  _webhooks(params: PaginatedInput): Webhooks!
  _webhook_logs(params: ListWebhookLogRequest): WebhookLogs!
  _email_templates(params: PaginatedInput): EmailTemplates!
-}
+}
--- a/server/handlers/token.go
+++ b/server/handlers/token.go
@@ -154,6 +154,7 @@ func TokenHandler() gin.HandlerFunc {
 					"error":             "invalid_refresh_token",
 					"error_description": "The refresh token is invalid",
 				})
+				return
 			}

 			claims, err := token.ValidateRefreshToken(gc, refreshToken)
@@ -163,9 +164,10 @@ func TokenHandler() gin.HandlerFunc {
 					"error":             "unauthorized",
 					"error_description": err.Error(),
 				})
+				return
 			}
 			userID = claims["sub"].(string)
-			loginMethod := claims["login_method"]
+			claimLoginMethod := claims["login_method"]
 			rolesInterface := claims["roles"].([]interface{})
 			scopeInterface := claims["scope"].([]interface{})
 			for _, v := range rolesInterface {
@@ -176,9 +178,11 @@ func TokenHandler() gin.HandlerFunc {
 			}

 			sessionKey = userID
-			if loginMethod != nil && loginMethod != "" {
-				sessionKey = loginMethod.(string) + ":" + sessionKey
+			if claimLoginMethod != nil && claimLoginMethod != "" {
+				sessionKey = claimLoginMethod.(string) + ":" + sessionKey
+				loginMethod = claimLoginMethod.(string)
 			}
+
 			// remove older refresh token and rotate it for security
 			go memorystore.Provider.DeleteUserSession(sessionKey, claims["nonce"].(string))
 		}
@@ -211,6 +215,7 @@ func TokenHandler() gin.HandlerFunc {
 			})
 			return
 		}
+
 		memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeSessionToken+"_"+authToken.FingerPrint, authToken.FingerPrintHash)
 		memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeAccessToken+"_"+authToken.FingerPrint, authToken.AccessToken.Token)
 		cookie.SetSession(gc, authToken.FingerPrintHash)
--- a/server/resolvers/add_email_template.go
+++ b/server/resolvers/add_email_template.go
@@ -8,6 +8,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/db/models"
 	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
 	"github.com/authorizerdev/authorizer/server/validators"
@@ -40,15 +41,17 @@ func AddEmailTemplateResolver(ctx context.Context, params model.AddEmailTemplate
 		return nil, fmt.Errorf("empty template not allowed")
 	}

-	if strings.TrimSpace(params.Design) == "" {
-		return nil, fmt.Errorf("empty design not allowed")
+	var design string
+
+	if params.Design == nil || strings.TrimSpace(refs.StringValue(params.Design)) == "" {
+		design = ""
 	}

 	_, err = db.Provider.AddEmailTemplate(ctx, models.EmailTemplate{
 		EventName: params.EventName,
 		Template:  params.Template,
 		Subject:   params.Subject,
-		Design:    params.Design,
+		Design:    design,
 	})
 	if err != nil {
 		log.Debug("Failed to add email template: ", err)
--- a/server/resolvers/validate_jwt_token.go
+++ b/server/resolvers/validate_jwt_token.go
@@ -93,5 +93,6 @@ func ValidateJwtTokenResolver(ctx context.Context, params model.ValidateJWTToken
 	}
 	return &model.ValidateJWTTokenResponse{
 		IsValid: true,
+		Claims:  claims,
 	}, nil
 }
--- a/server/test/add_email_template_test.go
+++ b/server/test/add_email_template_test.go
@@ -51,16 +51,30 @@ func addEmailTemplateTest(t *testing.T, s TestSetup) {
 			assert.Nil(t, emailTemplate)
 		})

-		t.Run("should not add email template with empty design", func(t *testing.T) {
-			emailTemplate, err := resolvers.AddEmailTemplateResolver(ctx, model.AddEmailTemplateRequest{
-				EventName: s.TestInfo.TestEmailTemplateEventTypes[0],
-				Template:  "test",
-				Subject:   "test",
-				Design:    "   ",
+		var design string
+		design = ""
+
+		for _, eventType := range s.TestInfo.TestEmailTemplateEventTypes {
+			t.Run("should add email template with empty design for "+eventType, func(t *testing.T) {
+				emailTemplate, err := resolvers.AddEmailTemplateResolver(ctx, model.AddEmailTemplateRequest{
+					EventName: eventType,
+					Template:  "Test email",
+					Subject:   "Test email",
+					Design:    &design,
+				})
+				assert.NoError(t, err)
+				assert.NotNil(t, emailTemplate)
+				assert.NotEmpty(t, emailTemplate.Message)
+
+				et, err := db.Provider.GetEmailTemplateByEventName(ctx, eventType)
+				assert.NoError(t, err)
+				assert.Equal(t, et.EventName, eventType)
+				assert.Equal(t, "Test email", et.Subject)
+				assert.Equal(t, "Test design", et.Design)
 			})
-			assert.Error(t, err)
-			assert.Nil(t, emailTemplate)
-		})
+		}
+
+		design = "Test design"

 		for _, eventType := range s.TestInfo.TestEmailTemplateEventTypes {
 			t.Run("should add email template for "+eventType, func(t *testing.T) {
@@ -68,7 +82,7 @@ func addEmailTemplateTest(t *testing.T, s TestSetup) {
 					EventName: eventType,
 					Template:  "Test email",
 					Subject:   "Test email",
-					Design:    "Test design",
+					Design:    &design,
 				})
 				assert.NoError(t, err)
 				assert.NotNil(t, emailTemplate)
--- a/server/test/resolvers_test.go
+++ b/server/test/resolvers_test.go
@@ -62,7 +62,7 @@ func TestResolvers(t *testing.T) {

 		err := db.InitDB()
 		if err != nil {
-			t.Errorf("Error initializing database: %s", err.Error())
+			t.Logf("Error initializing database: %s", err.Error())
 		}

 		// clean the persisted config for test to use fresh config
@@ -71,14 +71,14 @@ func TestResolvers(t *testing.T) {
 			envData.EnvData = ""
 			_, err = db.Provider.UpdateEnv(ctx, envData)
 			if err != nil {
-				t.Errorf("Error updating env: %s", err.Error())
+				t.Logf("Error updating env: %s", err.Error())
 			}
 		} else if err != nil {
-			t.Errorf("Error getting env: %s", err.Error())
+			t.Logf("Error getting env: %s", err.Error())
 		}
 		err = env.PersistEnv()
 		if err != nil {
-			t.Errorf("Error persisting env: %s", err.Error())
+			t.Logf("Error persisting env: %s", err.Error())
 		}

 		memorystore.Provider.UpdateEnvVariable(constants.EnvKeyEnv, "test")
--- a/server/test/validate_jwt_token_test.go
+++ b/server/test/validate_jwt_token_test.go
@@ -93,5 +93,6 @@ func validateJwtTokenTest(t *testing.T, s TestSetup) {
 		})
 		assert.NoError(t, err)
 		assert.True(t, res.IsValid)
+		assert.Equal(t, user.Email, res.Claims["email"])
 	})
 }
--- a/server/token/auth_token.go
+++ b/server/token/auth_token.go
@@ -114,16 +114,17 @@ func CreateRefreshToken(user models.User, roles, scopes []string, hostname, nonc
 		return "", 0, err
 	}
 	customClaims := jwt.MapClaims{
-		"iss":          hostname,
-		"aud":          clientID,
-		"sub":          user.ID,
-		"exp":          expiresAt,
-		"iat":          time.Now().Unix(),
-		"token_type":   constants.TokenTypeRefreshToken,
-		"roles":        roles,
-		"scope":        scopes,
-		"nonce":        nonce,
-		"login_method": loginMethod,
+		"iss":           hostname,
+		"aud":           clientID,
+		"sub":           user.ID,
+		"exp":           expiresAt,
+		"iat":           time.Now().Unix(),
+		"token_type":    constants.TokenTypeRefreshToken,
+		"roles":         roles,
+		"scope":         scopes,
+		"nonce":         nonce,
+		"login_method":  loginMethod,
+		"allowed_roles": strings.Split(user.Roles, ","),
 	}

 	token, err := SignJWTToken(customClaims)
@@ -153,16 +154,17 @@ func CreateAccessToken(user models.User, roles, scopes []string, hostName, nonce
 		return "", 0, err
 	}
 	customClaims := jwt.MapClaims{
-		"iss":          hostName,
-		"aud":          clientID,
-		"nonce":        nonce,
-		"sub":          user.ID,
-		"exp":          expiresAt,
-		"iat":          time.Now().Unix(),
-		"token_type":   constants.TokenTypeAccessToken,
-		"scope":        scopes,
-		"roles":        roles,
-		"login_method": loginMethod,
+		"iss":           hostName,
+		"aud":           clientID,
+		"nonce":         nonce,
+		"sub":           user.ID,
+		"exp":           expiresAt,
+		"iat":           time.Now().Unix(),
+		"token_type":    constants.TokenTypeAccessToken,
+		"scope":         scopes,
+		"roles":         roles,
+		"login_method":  loginMethod,
+		"allowed_roles": strings.Split(user.Roles, ","),
 	}

 	token, err := SignJWTToken(customClaims)
@@ -256,7 +258,6 @@ func ValidateRefreshToken(gc *gin.Context, refreshToken string) (map[string]inte
 	if loginMethod != nil && loginMethod != "" {
 		sessionKey = loginMethod.(string) + ":" + userID
 	}
-
 	token, err := memorystore.Provider.GetUserSession(sessionKey, constants.TokenTypeRefreshToken+"_"+nonce)
 	if nonce == "" || err != nil {
 		return res, fmt.Errorf(`unauthorized`)
Author	SHA1	Message	Date
anik-ghosh-au7	ecefe12355	chore: format graphql schema	2022-11-15 22:39:04 +05:30
anik-ghosh-au7	5c8f9406f6	fix: email template resolver and for matting changes	2022-11-15 22:12:14 +05:30
anik-ghosh-au7	ae84213e34	fix: allow design variable empty value for email templates	2022-11-09 22:54:05 +05:30
anik-ghosh-au7	87bf1c3045	fix: allow design variable empty value for email templates	2022-11-09 22:48:12 +05:30
anik-ghosh-au7	b467e7002d	feat: add plain html email template editor	2022-11-09 22:17:41 +05:30
Lakhan Samani	4afd544c41	feat(server): add allowed_roles in access_token + refresh_token	2022-11-07 07:11:23 +05:30
Lakhan Samani	307c6f7d15	fix: refresh token login method claim	2022-11-04 01:40:18 +05:30
Lakhan Samani	bbc6394cf3	Merge pull request #286 from Pjort/main fixed validation of refresh token	2022-11-03 20:10:40 +05:30
Pjort Kat	63c8e2e55f	fixed validation of refresh token	2022-11-03 11:51:59 +01:00
Lakhan Samani	b224892a39	fix: minor space	2022-11-02 08:48:56 +05:30
Lakhan Samani	13edf1965c	Merge pull request #285 from authorizerdev/development feat(server): add jwt claims as part of validation endpoint	2022-11-01 10:15:08 +05:30
Lakhan Samani	1f220a5205	add jwt claims as part of validation endpoint	2022-11-01 10:12:01 +05:30