Merge pull request #382 from authorizerdev/feat-add-field-for-app-data

Add app_data

.env.test

@@ -7,5 +7,9 @@ SMTP_PORT=2525
 SMTP_USERNAME=test
 SMTP_PASSWORD=test
 SENDER_EMAIL="info@authorizer.dev"
+TWILIO_API_KEY=test
+TWILIO_API_SECRET=test
+TWILIO_ACCOUNT_SID=ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+TWILIO_SENDER=909921212112
 SENDER_NAME="Authorizer"
 AWS_REGION=ap-south-1

app/package-lock.json

@@ -9,7 +9,7 @@
 			"version": "1.0.0",
 			"license": "ISC",
 			"dependencies": {
-				"@authorizerdev/authorizer-react": "^1.1.11",
+				"@authorizerdev/authorizer-react": "^1.1.13",
 				"@types/react": "^17.0.15",
 				"@types/react-dom": "^17.0.9",
 				"esbuild": "^0.12.17",
@@ -27,9 +27,9 @@
 			}
 		},
 		"node_modules/@authorizerdev/authorizer-js": {
-			"version": "1.2.3",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-1.2.3.tgz",
-			"integrity": "sha512-rk/fMRIsqbp+fsy2y09etVjf7CY9/4mG6hf0RKgXgRRfxtAQa1jdkt/De23hBTNeEwAWu6hP/9BQZjcrln6KtA==",
+			"version": "1.2.6",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-1.2.6.tgz",
+			"integrity": "sha512-9+9phHUMF+AeDM0y+XQvIRDoerOXnQ1vfTfYN6KxWN1apdrkAd9nzS1zUsA2uJSnX3fFZOErn83GjbYYCYF1BA==",
 			"dependencies": {
 				"cross-fetch": "^3.1.5"
 			},
@@ -41,11 +41,11 @@
 			}
 		},
 		"node_modules/@authorizerdev/authorizer-react": {
-			"version": "1.1.11",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.1.11.tgz",
-			"integrity": "sha512-tSI/yjsoeK/RvCOMiHSf1QGOeSpaLYQZEM864LFLndKoJwk7UWCJ86qg1w6ge7B00PmZSNWqST/w5JTcQaVNpw==",
+			"version": "1.1.13",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.1.13.tgz",
+			"integrity": "sha512-LmpzyfR0+nEn+bjUrb/QU9b3kiVoYzMBIvcQ1nV4TNvrvVSqbLPKk+GmoIPkiBEtfy/QSM6XFLkiGNGD9BRP+g==",
 			"dependencies": {
-				"@authorizerdev/authorizer-js": "^1.2.3"
+				"@authorizerdev/authorizer-js": "^1.2.6"
 			},
 			"engines": {
 				"node": ">=10"
@@ -406,11 +406,11 @@
 			"integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU="
 		},
 		"node_modules/cross-fetch": {
-			"version": "3.1.5",
-			"resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.5.tgz",
-			"integrity": "sha512-lvb1SBsI0Z7GDwmuid+mU3kWVBwTVUbe7S0H52yaaAdQOXq2YktTCZdlAcNKFzE6QtRz0snpw9bNiPeOIkkQvw==",
+			"version": "3.1.8",
+			"resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.8.tgz",
+			"integrity": "sha512-cvA+JwZoU0Xq+h6WkMvAUqPEYy92Obet6UdKLfW60qn99ftItKjB5T+BkyWOFWe2pUyfQ+IJHmpOTznqk1M6Kg==",
 			"dependencies": {
-				"node-fetch": "2.6.7"
+				"node-fetch": "^2.6.12"
 			}
 		},
 		"node_modules/css-color-keywords": {
@@ -567,9 +567,9 @@
 			"integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
 		},
 		"node_modules/node-fetch": {
-			"version": "2.6.7",
-			"resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz",
-			"integrity": "sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==",
+			"version": "2.6.12",
+			"resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.12.tgz",
+			"integrity": "sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g==",
 			"dependencies": {
 				"whatwg-url": "^5.0.0"
 			},
@@ -837,19 +837,19 @@
 	},
 	"dependencies": {
 		"@authorizerdev/authorizer-js": {
-			"version": "1.2.3",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-1.2.3.tgz",
-			"integrity": "sha512-rk/fMRIsqbp+fsy2y09etVjf7CY9/4mG6hf0RKgXgRRfxtAQa1jdkt/De23hBTNeEwAWu6hP/9BQZjcrln6KtA==",
+			"version": "1.2.6",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-1.2.6.tgz",
+			"integrity": "sha512-9+9phHUMF+AeDM0y+XQvIRDoerOXnQ1vfTfYN6KxWN1apdrkAd9nzS1zUsA2uJSnX3fFZOErn83GjbYYCYF1BA==",
 			"requires": {
 				"cross-fetch": "^3.1.5"
 			}
 		},
 		"@authorizerdev/authorizer-react": {
-			"version": "1.1.11",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.1.11.tgz",
-			"integrity": "sha512-tSI/yjsoeK/RvCOMiHSf1QGOeSpaLYQZEM864LFLndKoJwk7UWCJ86qg1w6ge7B00PmZSNWqST/w5JTcQaVNpw==",
+			"version": "1.1.13",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.1.13.tgz",
+			"integrity": "sha512-LmpzyfR0+nEn+bjUrb/QU9b3kiVoYzMBIvcQ1nV4TNvrvVSqbLPKk+GmoIPkiBEtfy/QSM6XFLkiGNGD9BRP+g==",
 			"requires": {
-				"@authorizerdev/authorizer-js": "^1.2.3"
+				"@authorizerdev/authorizer-js": "^1.2.6"
 			}
 		},
 		"@babel/code-frame": {
@@ -1144,11 +1144,11 @@
 			"integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU="
 		},
 		"cross-fetch": {
-			"version": "3.1.5",
-			"resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.5.tgz",
-			"integrity": "sha512-lvb1SBsI0Z7GDwmuid+mU3kWVBwTVUbe7S0H52yaaAdQOXq2YktTCZdlAcNKFzE6QtRz0snpw9bNiPeOIkkQvw==",
+			"version": "3.1.8",
+			"resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.8.tgz",
+			"integrity": "sha512-cvA+JwZoU0Xq+h6WkMvAUqPEYy92Obet6UdKLfW60qn99ftItKjB5T+BkyWOFWe2pUyfQ+IJHmpOTznqk1M6Kg==",
 			"requires": {
-				"node-fetch": "2.6.7"
+				"node-fetch": "^2.6.12"
 			}
 		},
 		"css-color-keywords": {
@@ -1270,9 +1270,9 @@
 			"integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
 		},
 		"node-fetch": {
-			"version": "2.6.7",
-			"resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz",
-			"integrity": "sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==",
+			"version": "2.6.12",
+			"resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.12.tgz",
+			"integrity": "sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g==",
 			"requires": {
 				"whatwg-url": "^5.0.0"
 			}

app/package.json

@@ -12,7 +12,7 @@
 	"author": "Lakhan Samani",
 	"license": "ISC",
 	"dependencies": {
-		"@authorizerdev/authorizer-react": "^1.1.11",
+		"@authorizerdev/authorizer-react": "^1.1.13",
 		"@types/react": "^17.0.15",
 		"@types/react-dom": "^17.0.9",
 		"esbuild": "^0.12.17",

app/yarn.lock

@@ -2,19 +2,19 @@
 # yarn lockfile v1
 
 
-"@authorizerdev/authorizer-js@^1.2.3":
-  "integrity" "sha512-rk/fMRIsqbp+fsy2y09etVjf7CY9/4mG6hf0RKgXgRRfxtAQa1jdkt/De23hBTNeEwAWu6hP/9BQZjcrln6KtA=="
-  "resolved" "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-1.2.3.tgz"
-  "version" "1.2.3"
+"@authorizerdev/authorizer-js@^1.2.6":
+  "integrity" "sha512-9+9phHUMF+AeDM0y+XQvIRDoerOXnQ1vfTfYN6KxWN1apdrkAd9nzS1zUsA2uJSnX3fFZOErn83GjbYYCYF1BA=="
+  "resolved" "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-1.2.6.tgz"
+  "version" "1.2.6"
   dependencies:
     "cross-fetch" "^3.1.5"
 
-"@authorizerdev/authorizer-react@^1.1.11":
-  "integrity" "sha512-tSI/yjsoeK/RvCOMiHSf1QGOeSpaLYQZEM864LFLndKoJwk7UWCJ86qg1w6ge7B00PmZSNWqST/w5JTcQaVNpw=="
-  "resolved" "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.1.11.tgz"
-  "version" "1.1.11"
+"@authorizerdev/authorizer-react@^1.1.13":
+  "integrity" "sha512-LmpzyfR0+nEn+bjUrb/QU9b3kiVoYzMBIvcQ1nV4TNvrvVSqbLPKk+GmoIPkiBEtfy/QSM6XFLkiGNGD9BRP+g=="
+  "resolved" "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.1.13.tgz"
+  "version" "1.1.13"
   dependencies:
-    "@authorizerdev/authorizer-js" "^1.2.3"
+    "@authorizerdev/authorizer-js" "^1.2.6"
 
 "@babel/code-frame@^7.16.7":
   "integrity" "sha512-iAXqUn8IIeBTNd72xsFlgaXHkMBMt6y4HJp1tIaK465CWLT/fG1aqB7ykr95gHHmlBdGbFeWWfyB4NJJ0nmeIg=="
@@ -278,11 +278,11 @@
   "version" "1.1.3"
 
 "cross-fetch@^3.1.5":
-  "integrity" "sha512-lvb1SBsI0Z7GDwmuid+mU3kWVBwTVUbe7S0H52yaaAdQOXq2YktTCZdlAcNKFzE6QtRz0snpw9bNiPeOIkkQvw=="
-  "resolved" "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.5.tgz"
-  "version" "3.1.5"
+  "integrity" "sha512-cvA+JwZoU0Xq+h6WkMvAUqPEYy92Obet6UdKLfW60qn99ftItKjB5T+BkyWOFWe2pUyfQ+IJHmpOTznqk1M6Kg=="
+  "resolved" "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.8.tgz"
+  "version" "3.1.8"
   dependencies:
-    "node-fetch" "2.6.7"
+    "node-fetch" "^2.6.12"
 
 "css-color-keywords@^1.0.0":
   "integrity" "sha1-/qJhbcZ2spYmhrOvjb2+GAskTgU="
@@ -389,10 +389,10 @@
   "resolved" "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz"
   "version" "2.1.2"
 
-"node-fetch@2.6.7":
-  "integrity" "sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ=="
-  "resolved" "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz"
-  "version" "2.6.7"
+"node-fetch@^2.6.12":
+  "integrity" "sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g=="
+  "resolved" "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.12.tgz"
+  "version" "2.6.12"
   dependencies:
     "whatwg-url" "^5.0.0"
 

dashboard/src/pages/Webhooks.tsx

@@ -118,7 +118,6 @@ const Webhooks = () => {
 	useEffect(() => {
 		fetchWebookData();
 	}, [paginationProps.page, paginationProps.limit]);
-	console.log({ webhookData });
 	return (
 		<Box m="5" py="5" px="10" bg="white" rounded="md">
 			<Flex margin="2% 0" justifyContent="space-between" alignItems="center">

dashboard/yarn.lock

@@ -1222,9 +1222,9 @@
   dependencies:
     "is-arrayish" "^0.2.1"
 
-"esbuild-linux-64@0.14.9":
-  "integrity" "sha512-WoEI+R6/PLZAxS7XagfQMFgRtLUi5cjqqU9VCfo3tnWmAXh/wt8QtUfCVVCcXVwZLS/RNvI19CtfjlrJU61nOg=="
-  "resolved" "https://registry.npmjs.org/esbuild-linux-64/-/esbuild-linux-64-0.14.9.tgz"
+"esbuild-darwin-arm64@0.14.9":
+  "integrity" "sha512-3ue+1T4FR5TaAu4/V1eFMG8Uwn0pgAwQZb/WwL1X78d5Cy8wOVQ67KNH1lsjU+y/9AcwMKZ9x0GGNxBB4a1Rbw=="
+  "resolved" "https://registry.npmjs.org/esbuild-darwin-arm64/-/esbuild-darwin-arm64-0.14.9.tgz"
   "version" "0.14.9"
 
 "esbuild@^0.14.9":

server/constants/auth_methods.go

@@ -7,6 +7,8 @@ const (
 	AuthRecipeMethodMobileBasicAuth = "mobile_basic_auth"
 	// AuthRecipeMethodMagicLinkLogin is the magic_link_login auth method
 	AuthRecipeMethodMagicLinkLogin = "magic_link_login"
+	// AuthRecipeMethodMobileOTP is the mobile_otp auth method
+	AuthRecipeMethodMobileOTP = "mobile_otp"
 	// AuthRecipeMethodGoogle is the google auth method
 	AuthRecipeMethodGoogle = "google"
 	// AuthRecipeMethodGithub is the github auth method

server/constants/cookie.go

@@ -5,4 +5,6 @@ const (
 	AppCookieName = "cookie"
 	// AdminCookieName is the name of the cookie that is used to store the admin token
 	AdminCookieName = "authorizer-admin"
+	// MfaCookieName is the name of the cookie that is used to store the mfa session
+	MfaCookieName = "mfa"
 )

server/constants/env.go

@@ -66,6 +66,8 @@ const (
 	EnvKeySenderName = "SENDER_NAME"
 	// EnvKeyIsEmailServiceEnabled key for env variable IS_EMAIL_SERVICE_ENABLED
 	EnvKeyIsEmailServiceEnabled = "IS_EMAIL_SERVICE_ENABLED"
+	// EnvKeyIsSMSServiceEnabled key for env variable IS_SMS_SERVICE_ENABLED
+	EnvKeyIsSMSServiceEnabled = "IS_SMS_SERVICE_ENABLED"
 	// EnvKeyAppCookieSecure key for env variable APP_COOKIE_SECURE
 	EnvKeyAppCookieSecure = "APP_COOKIE_SECURE"
 	// EnvKeyAdminCookieSecure key for env variable ADMIN_COOKIE_SECURE
@@ -158,6 +160,9 @@ const (
 	// EnvKeyDisableMultiFactorAuthentication is key for env variable DISABLE_MULTI_FACTOR_AUTHENTICATION
 	// this variable is used to completely disable multi factor authentication. It will have no effect on profile preference
 	EnvKeyDisableMultiFactorAuthentication = "DISABLE_MULTI_FACTOR_AUTHENTICATION"
+	// EnvKeyDisablePhoneVerification is key for env variable DISABLE_PHONE_VERIFICATION
+	// this variable is used to disable phone verification
+	EnvKeyDisablePhoneVerification = "DISABLE_PHONE_VERIFICATION"
 
 	// Slice variables
 	// EnvKeyRoles key for env variable ROLES
@@ -176,4 +181,14 @@ const (
 	// EnvKeyDefaultAuthorizeResponseMode key for env variable DEFAULT_AUTHORIZE_RESPONSE_MODE
 	// This env is used for setting default response mode in authorize handler
 	EnvKeyDefaultAuthorizeResponseMode = "DEFAULT_AUTHORIZE_RESPONSE_MODE"
+
+	// Twilio env variables
+	// EnvKeyTwilioAPIKey key for env variable TWILIO_API_KEY
+	EnvKeyTwilioAPIKey = "TWILIO_API_KEY"
+	// EnvKeyTwilioAPISecret key for env variable TWILIO_API_SECRET
+	EnvKeyTwilioAPISecret = "TWILIO_API_SECRET"
+	// EnvKeyTwilioAccountSID key for env variable TWILIO_ACCOUNT_SID
+	EnvKeyTwilioAccountSID = "TWILIO_ACCOUNT_SID"
+	// EnvKeyTwilioSender key for env variable TWILIO_SENDER
+	EnvKeyTwilioSender = "TWILIO_SENDER"
 )

server/cookie/mfa_session.go

@@ -0,0 +1,89 @@
+package cookie
+
+import (
+	"net/http"
+	"net/url"
+
+	log "github.com/sirupsen/logrus"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/parsers"
+	"github.com/gin-gonic/gin"
+)
+
+// SetMfaSession sets the mfa session cookie in the response
+func SetMfaSession(gc *gin.Context, sessionID string) {
+	appCookieSecure, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyAppCookieSecure)
+	if err != nil {
+		log.Debug("Error while getting app cookie secure from env variable: %v", err)
+		appCookieSecure = true
+	}
+
+	secure := appCookieSecure
+	httpOnly := appCookieSecure
+	hostname := parsers.GetHost(gc)
+	host, _ := parsers.GetHostParts(hostname)
+	domain := parsers.GetDomainName(hostname)
+	if domain != "localhost" {
+		domain = "." + domain
+	}
+
+	// Since app cookie can come from cross site it becomes important to set this in lax mode when insecure.
+	// Example person using custom UI on their app domain and making request to authorizer domain.
+	// For more information check:
+	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
+	// https://github.com/gin-gonic/gin/blob/master/context.go#L86
+	// TODO add ability to sameSite = none / strict from dashboard
+	if !appCookieSecure {
+		gc.SetSameSite(http.SameSiteLaxMode)
+	} else {
+		gc.SetSameSite(http.SameSiteNoneMode)
+	}
+	// TODO allow configuring from dashboard
+	age := 60
+
+	gc.SetCookie(constants.MfaCookieName+"_session", sessionID, age, "/", host, secure, httpOnly)
+	gc.SetCookie(constants.MfaCookieName+"_session_domain", sessionID, age, "/", domain, secure, httpOnly)
+}
+
+// DeleteMfaSession deletes the mfa session cookies to expire
+func DeleteMfaSession(gc *gin.Context) {
+	appCookieSecure, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyAppCookieSecure)
+	if err != nil {
+		log.Debug("Error while getting app cookie secure from env variable: %v", err)
+		appCookieSecure = true
+	}
+
+	secure := appCookieSecure
+	httpOnly := appCookieSecure
+	hostname := parsers.GetHost(gc)
+	host, _ := parsers.GetHostParts(hostname)
+	domain := parsers.GetDomainName(hostname)
+	if domain != "localhost" {
+		domain = "." + domain
+	}
+
+	gc.SetSameSite(http.SameSiteNoneMode)
+	gc.SetCookie(constants.MfaCookieName+"_session", "", -1, "/", host, secure, httpOnly)
+	gc.SetCookie(constants.MfaCookieName+"_session_domain", "", -1, "/", domain, secure, httpOnly)
+}
+
+// GetMfaSession gets the mfa session cookie from context
+func GetMfaSession(gc *gin.Context) (string, error) {
+	var cookie *http.Cookie
+	var err error
+	cookie, err = gc.Request.Cookie(constants.MfaCookieName + "_session")
+	if err != nil {
+		cookie, err = gc.Request.Cookie(constants.MfaCookieName + "_session_domain")
+		if err != nil {
+			return "", err
+		}
+	}
+
+	decodedValue, err := url.PathUnescape(cookie.Value)
+	if err != nil {
+		return "", err
+	}
+	return decodedValue, nil
+}

server/db/models/model.go

@@ -10,6 +10,7 @@ type CollectionList struct {
 	WebhookLog             string
 	EmailTemplate          string
 	OTP                    string
+	SMSVerificationRequest string
 }
 
 var (
@@ -25,5 +26,6 @@ var (
 		WebhookLog:             Prefix + "webhook_logs",
 		EmailTemplate:          Prefix + "email_templates",
 		OTP:                    Prefix + "otps",
+		SMSVerificationRequest: Prefix + "sms_verification_requests",
 	}
 )

server/db/models/otp.go

@@ -1,10 +1,18 @@
 package models
 
+const (
+	// FieldName email is the field name for email
+	FieldNameEmail = "email"
+	// FieldNamePhoneNumber is the field name for phone number
+	FieldNamePhoneNumber = "phone_number"
+)
+
 // OTP model for database
 type OTP struct {
 	Key         string `json:"_key,omitempty" bson:"_key,omitempty" cql:"_key,omitempty" dynamo:"key,omitempty"` // for arangodb
 	ID          string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id" cql:"id" dynamo:"id,hash"`
 	Email       string `gorm:"unique" json:"email" bson:"email" cql:"email" dynamo:"email" index:"email,hash"`
+	PhoneNumber string `gorm:"index:unique_index_phone_number,unique" json:"phone_number" bson:"phone_number" cql:"phone_number" dynamo:"phone_number"`
 	Otp         string `json:"otp" bson:"otp" cql:"otp" dynamo:"otp"`
 	ExpiresAt   int64  `json:"expires_at" bson:"expires_at" cql:"expires_at" dynamo:"expires_at"`
 	CreatedAt   int64  `json:"created_at" bson:"created_at" cql:"created_at" dynamo:"created_at"`

server/db/models/user.go

@@ -33,12 +33,14 @@ type User struct {
 	IsMultiFactorAuthEnabled *bool   `json:"is_multi_factor_auth_enabled" bson:"is_multi_factor_auth_enabled" cql:"is_multi_factor_auth_enabled" dynamo:"is_multi_factor_auth_enabled"`
 	UpdatedAt                int64   `json:"updated_at" bson:"updated_at" cql:"updated_at" dynamo:"updated_at"`
 	CreatedAt                int64   `json:"created_at" bson:"created_at" cql:"created_at" dynamo:"created_at"`
+	AppData                  *string `json:"app_data" bson:"app_data" cql:"app_data" dynamo:"app_data"`
 }
 
 func (user *User) AsAPIUser() *model.User {
 	isEmailVerified := user.EmailVerifiedAt != nil
 	isPhoneVerified := user.PhoneNumberVerifiedAt != nil
-
+	appDataMap := make(map[string]interface{})
+	json.Unmarshal([]byte(refs.StringValue(user.AppData)), &appDataMap)
 	// id := user.ID
 	// if strings.Contains(id, Collections.User+"/") {
 	// 	id = strings.TrimPrefix(id, Collections.User+"/")
@@ -63,6 +65,7 @@ func (user *User) AsAPIUser() *model.User {
 		IsMultiFactorAuthEnabled: user.IsMultiFactorAuthEnabled,
 		CreatedAt:                refs.NewInt64Ref(user.CreatedAt),
 		UpdatedAt:                refs.NewInt64Ref(user.UpdatedAt),
+		AppData:                  appDataMap,
 	}
 }
 

server/db/providers/arangodb/email_template.go

@@ -12,16 +12,14 @@ import (
 )
 
 // AddEmailTemplate to add EmailTemplate
-func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate *models.EmailTemplate) (*model.EmailTemplate, error) {
 	if emailTemplate.ID == "" {
 		emailTemplate.ID = uuid.New().String()
 		emailTemplate.Key = emailTemplate.ID
 	}
-
 	emailTemplate.Key = emailTemplate.ID
 	emailTemplate.CreatedAt = time.Now().Unix()
 	emailTemplate.UpdatedAt = time.Now().Unix()
-
 	emailTemplateCollection, _ := p.db.Collection(ctx, models.Collections.EmailTemplate)
 	_, err := emailTemplateCollection.CreateDocument(ctx, emailTemplate)
 	if err != nil {
@@ -31,74 +29,63 @@ func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.Em
 }
 
 // UpdateEmailTemplate to update EmailTemplate
-func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate *models.EmailTemplate) (*model.EmailTemplate, error) {
 	emailTemplate.UpdatedAt = time.Now().Unix()
-
 	emailTemplateCollection, _ := p.db.Collection(ctx, models.Collections.EmailTemplate)
 	meta, err := emailTemplateCollection.UpdateDocument(ctx, emailTemplate.Key, emailTemplate)
 	if err != nil {
 		return nil, err
 	}
-
 	emailTemplate.Key = meta.Key
 	emailTemplate.ID = meta.ID.String()
 	return emailTemplate.AsAPIEmailTemplate(), nil
 }
 
 // ListEmailTemplates to list EmailTemplate
-func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagination) (*model.EmailTemplates, error) {
+func (p *provider) ListEmailTemplate(ctx context.Context, pagination *model.Pagination) (*model.EmailTemplates, error) {
 	emailTemplates := []*model.EmailTemplate{}
-
 	query := fmt.Sprintf("FOR d in %s SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.EmailTemplate, pagination.Offset, pagination.Limit)
-
 	sctx := arangoDriver.WithQueryFullCount(ctx)
 	cursor, err := p.db.Query(sctx, query, nil)
 	if err != nil {
 		return nil, err
 	}
 	defer cursor.Close()
-
 	paginationClone := pagination
 	paginationClone.Total = cursor.Statistics().FullCount()
-
 	for {
-		var emailTemplate models.EmailTemplate
+		var emailTemplate *models.EmailTemplate
 		meta, err := cursor.ReadDocument(ctx, &emailTemplate)
-
 		if arangoDriver.IsNoMoreDocuments(err) {
 			break
 		} else if err != nil {
 			return nil, err
 		}
-
 		if meta.Key != "" {
 			emailTemplates = append(emailTemplates, emailTemplate.AsAPIEmailTemplate())
 		}
 	}
-
 	return &model.EmailTemplates{
-		Pagination:     &paginationClone,
+		Pagination:     paginationClone,
 		EmailTemplates: emailTemplates,
 	}, nil
 }
 
 // GetEmailTemplateByID to get EmailTemplate by id
 func (p *provider) GetEmailTemplateByID(ctx context.Context, emailTemplateID string) (*model.EmailTemplate, error) {
-	var emailTemplate models.EmailTemplate
+	var emailTemplate *models.EmailTemplate
 	query := fmt.Sprintf("FOR d in %s FILTER d._key == @email_template_id RETURN d", models.Collections.EmailTemplate)
 	bindVars := map[string]interface{}{
 		"email_template_id": emailTemplateID,
 	}
-
 	cursor, err := p.db.Query(ctx, query, bindVars)
 	if err != nil {
 		return nil, err
 	}
 	defer cursor.Close()
-
 	for {
 		if !cursor.HasMore() {
-			if emailTemplate.Key == "" {
+			if emailTemplate == nil {
 				return nil, fmt.Errorf("email template not found")
 			}
 			break
@@ -113,21 +100,19 @@ func (p *provider) GetEmailTemplateByID(ctx context.Context, emailTemplateID str
 
 // GetEmailTemplateByEventName to get EmailTemplate by event_name
 func (p *provider) GetEmailTemplateByEventName(ctx context.Context, eventName string) (*model.EmailTemplate, error) {
-	var emailTemplate models.EmailTemplate
+	var emailTemplate *models.EmailTemplate
 	query := fmt.Sprintf("FOR d in %s FILTER d.event_name == @event_name RETURN d", models.Collections.EmailTemplate)
 	bindVars := map[string]interface{}{
 		"event_name": eventName,
 	}
-
 	cursor, err := p.db.Query(ctx, query, bindVars)
 	if err != nil {
 		return nil, err
 	}
 	defer cursor.Close()
-
 	for {
 		if !cursor.HasMore() {
-			if emailTemplate.Key == "" {
+			if emailTemplate == nil {
 				return nil, fmt.Errorf("email template not found")
 			}
 			break

server/db/providers/arangodb/env.go

@@ -12,7 +12,7 @@ import (
 )
 
 // AddEnv to save environment information in database
-func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, error) {
+func (p *provider) AddEnv(ctx context.Context, env *models.Env) (*models.Env, error) {
 	if env.ID == "" {
 		env.ID = uuid.New().String()
 		env.Key = env.ID
@@ -31,7 +31,7 @@ func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, erro
 }
 
 // UpdateEnv to update environment information in database
-func (p *provider) UpdateEnv(ctx context.Context, env models.Env) (models.Env, error) {
+func (p *provider) UpdateEnv(ctx context.Context, env *models.Env) (*models.Env, error) {
 	env.UpdatedAt = time.Now().Unix()
 	collection, _ := p.db.Collection(ctx, models.Collections.Env)
 	meta, err := collection.UpdateDocument(ctx, env.Key, env)
@@ -45,19 +45,17 @@ func (p *provider) UpdateEnv(ctx context.Context, env models.Env) (models.Env, e
 }
 
 // GetEnv to get environment information from database
-func (p *provider) GetEnv(ctx context.Context) (models.Env, error) {
-	var env models.Env
+func (p *provider) GetEnv(ctx context.Context) (*models.Env, error) {
+	var env *models.Env
 	query := fmt.Sprintf("FOR d in %s RETURN d", models.Collections.Env)
-
 	cursor, err := p.db.Query(ctx, query, nil)
 	if err != nil {
 		return env, err
 	}
 	defer cursor.Close()
-
 	for {
 		if !cursor.HasMore() {
-			if env.Key == "" {
+			if env == nil {
 				return env, fmt.Errorf("config not found")
 			}
 			break

server/db/providers/arangodb/otp.go

@@ -2,6 +2,7 @@ package arangodb
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"time"
 
@@ -12,7 +13,20 @@ import (
 
 // UpsertOTP to add or update otp
 func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models.OTP, error) {
-	otp, _ := p.GetOTPByEmail(ctx, otpParam.Email)
+	// check if email or phone number is present
+	if otpParam.Email == "" && otpParam.PhoneNumber == "" {
+		return nil, errors.New("email or phone_number is required")
+	}
+	uniqueField := models.FieldNameEmail
+	if otpParam.Email == "" && otpParam.PhoneNumber != "" {
+		uniqueField = models.FieldNamePhoneNumber
+	}
+	var otp *models.OTP
+	if uniqueField == models.FieldNameEmail {
+		otp, _ = p.GetOTPByEmail(ctx, otpParam.Email)
+	} else {
+		otp, _ = p.GetOTPByPhoneNumber(ctx, otpParam.PhoneNumber)
+	}
 	shouldCreate := false
 	if otp == nil {
 		id := uuid.NewString()
@@ -21,6 +35,7 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
 			Key:         id,
 			Otp:         otpParam.Otp,
 			Email:       otpParam.Email,
+			PhoneNumber: otpParam.PhoneNumber,
 			ExpiresAt:   otpParam.ExpiresAt,
 			CreatedAt:   time.Now().Unix(),
 		}
@@ -29,10 +44,8 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
 		otp.Otp = otpParam.Otp
 		otp.ExpiresAt = otpParam.ExpiresAt
 	}
-
 	otp.UpdatedAt = time.Now().Unix()
 	otpCollection, _ := p.db.Collection(ctx, models.Collections.OTP)
-
 	var meta driver.DocumentMeta
 	var err error
 	if shouldCreate {
@@ -40,11 +53,9 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
 	} else {
 		meta, err = otpCollection.UpdateDocument(ctx, otp.Key, otp)
 	}
-
 	if err != nil {
 		return nil, err
 	}
-
 	otp.Key = meta.Key
 	otp.ID = meta.ID.String()
 	return otp, nil
@@ -52,22 +63,20 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
 
 // GetOTPByEmail to get otp for a given email address
 func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*models.OTP, error) {
-	var otp models.OTP
+	var otp *models.OTP
 	query := fmt.Sprintf("FOR d in %s FILTER d.email == @email RETURN d", models.Collections.OTP)
 	bindVars := map[string]interface{}{
 		"email": emailAddress,
 	}
-
 	cursor, err := p.db.Query(ctx, query, bindVars)
 	if err != nil {
 		return nil, err
 	}
 	defer cursor.Close()
-
 	for {
 		if !cursor.HasMore() {
-			if otp.Key == "" {
-				return nil, fmt.Errorf("email template not found")
+			if otp == nil {
+				return nil, fmt.Errorf("otp with given email not found")
 			}
 			break
 		}
@@ -76,8 +85,34 @@ func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*mod
 			return nil, err
 		}
 	}
+	return otp, nil
+}
 
-	return &otp, nil
+// GetOTPByPhoneNumber to get otp for a given phone number
+func (p *provider) GetOTPByPhoneNumber(ctx context.Context, phoneNumber string) (*models.OTP, error) {
+	var otp *models.OTP
+	query := fmt.Sprintf("FOR d in %s FILTER d.phone_number == @phone_number RETURN d", models.Collections.OTP)
+	bindVars := map[string]interface{}{
+		"phone_number": phoneNumber,
+	}
+	cursor, err := p.db.Query(ctx, query, bindVars)
+	if err != nil {
+		return nil, err
+	}
+	defer cursor.Close()
+	for {
+		if !cursor.HasMore() {
+			if otp == nil {
+				return nil, fmt.Errorf("otp with given phone_number not found")
+			}
+			break
+		}
+		_, err := cursor.ReadDocument(ctx, &otp)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return otp, nil
 }
 
 // DeleteOTP to delete otp
@@ -87,6 +122,5 @@ func (p *provider) DeleteOTP(ctx context.Context, otp *models.OTP) error {
 	if err != nil {
 		return err
 	}
-
 	return nil
 }

server/db/providers/arangodb/provider.go

@@ -61,7 +61,6 @@ func NewProvider() (*provider, error) {
 	if err != nil {
 		return nil, err
 	}
-
 	var arangodb arangoDriver.Database
 	dbName := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseName
 	arangodb_exists, err := arangoClient.DatabaseExists(ctx, dbName)
@@ -79,7 +78,6 @@ func NewProvider() (*provider, error) {
 			return nil, err
 		}
 	}
-
 	userCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.User)
 	if err != nil {
 		return nil, err
@@ -113,7 +111,6 @@ func NewProvider() (*provider, error) {
 			return nil, err
 		}
 	}
-
 	verificationRequestCollection, err := arangodb.Collection(ctx, models.Collections.VerificationRequest)
 	if err != nil {
 		return nil, err
@@ -136,7 +133,6 @@ func NewProvider() (*provider, error) {
 			return nil, err
 		}
 	}
-
 	sessionCollection, err := arangodb.Collection(ctx, models.Collections.Session)
 	if err != nil {
 		return nil, err
@@ -144,7 +140,6 @@ func NewProvider() (*provider, error) {
 	sessionCollection.EnsureHashIndex(ctx, []string{"user_id"}, &arangoDriver.EnsureHashIndexOptions{
 		Sparse: true,
 	})
-
 	envCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.Env)
 	if err != nil {
 		return nil, err
@@ -155,7 +150,6 @@ func NewProvider() (*provider, error) {
 			return nil, err
 		}
 	}
-
 	webhookCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.Webhook)
 	if err != nil {
 		return nil, err
@@ -166,7 +160,6 @@ func NewProvider() (*provider, error) {
 			return nil, err
 		}
 	}
-
 	webhookCollection, err := arangodb.Collection(ctx, models.Collections.Webhook)
 	if err != nil {
 		return nil, err
@@ -186,7 +179,6 @@ func NewProvider() (*provider, error) {
 			return nil, err
 		}
 	}
-
 	webhookLogCollection, err := arangodb.Collection(ctx, models.Collections.WebhookLog)
 	if err != nil {
 		return nil, err
@@ -194,7 +186,6 @@ func NewProvider() (*provider, error) {
 	webhookLogCollection.EnsureHashIndex(ctx, []string{"webhook_id"}, &arangoDriver.EnsureHashIndexOptions{
 		Sparse: true,
 	})
-
 	emailTemplateCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.EmailTemplate)
 	if err != nil {
 		return nil, err
@@ -205,7 +196,6 @@ func NewProvider() (*provider, error) {
 			return nil, err
 		}
 	}
-
 	emailTemplateCollection, err := arangodb.Collection(ctx, models.Collections.EmailTemplate)
 	if err != nil {
 		return nil, err
@@ -214,7 +204,6 @@ func NewProvider() (*provider, error) {
 		Unique: true,
 		Sparse: true,
 	})
-
 	otpCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.OTP)
 	if err != nil {
 		return nil, err
@@ -225,16 +214,14 @@ func NewProvider() (*provider, error) {
 			return nil, err
 		}
 	}
-
 	otpCollection, err := arangodb.Collection(ctx, models.Collections.OTP)
 	if err != nil {
 		return nil, err
 	}
-	otpCollection.EnsureHashIndex(ctx, []string{"email"}, &arangoDriver.EnsureHashIndexOptions{
+	otpCollection.EnsureHashIndex(ctx, []string{models.FieldNameEmail, models.FieldNamePhoneNumber}, &arangoDriver.EnsureHashIndexOptions{
 		Unique: true,
 		Sparse: true,
 	})
-
 	return &provider{
 		db: arangodb,
 	}, err

server/db/providers/arangodb/session.go

@@ -9,12 +9,11 @@ import (
 )
 
 // AddSession to save session information in database
-func (p *provider) AddSession(ctx context.Context, session models.Session) error {
+func (p *provider) AddSession(ctx context.Context, session *models.Session) error {
 	if session.ID == "" {
 		session.ID = uuid.New().String()
 		session.Key = session.ID
 	}
-
 	session.CreatedAt = time.Now().Unix()
 	session.UpdatedAt = time.Now().Unix()
 	sessionCollection, _ := p.db.Collection(ctx, models.Collections.Session)
@@ -24,3 +23,8 @@ func (p *provider) AddSession(ctx context.Context, session models.Session) error
 	}
 	return nil
 }
+
+// DeleteSession to delete session information from database
+func (p *provider) DeleteSession(ctx context.Context, userId string) error {
+	return nil
+}

server/db/providers/arangodb/user.go

@@ -18,7 +18,7 @@ import (
 )
 
 // AddUser to save user information in database
-func (p *provider) AddUser(ctx context.Context, user models.User) (models.User, error) {
+func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User, error) {
 	if user.ID == "" {
 		user.ID = uuid.New().String()
 		user.Key = user.ID
@@ -52,7 +52,7 @@ func (p *provider) AddUser(ctx context.Context, user models.User) (models.User,
 }
 
 // UpdateUser to update user information in database
-func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.User, error) {
+func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.User, error) {
 	user.UpdatedAt = time.Now().Unix()
 
 	collection, _ := p.db.Collection(ctx, models.Collections.User)
@@ -67,13 +67,12 @@ func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.Use
 }
 
 // DeleteUser to delete user information from database
-func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
+func (p *provider) DeleteUser(ctx context.Context, user *models.User) error {
 	collection, _ := p.db.Collection(ctx, models.Collections.User)
 	_, err := collection.RemoveDocument(ctx, user.Key)
 	if err != nil {
 		return err
 	}
-
 	query := fmt.Sprintf(`FOR d IN %s FILTER d.user_id == @user_id REMOVE { _key: d._key } IN %s`, models.Collections.Session, models.Collections.Session)
 	bindVars := map[string]interface{}{
 		"user_id": user.Key,
@@ -83,65 +82,55 @@ func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
 		return err
 	}
 	defer cursor.Close()
-
 	return nil
 }
 
 // ListUsers to get list of users from database
-func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (*model.Users, error) {
+func (p *provider) ListUsers(ctx context.Context, pagination *model.Pagination) (*model.Users, error) {
 	var users []*model.User
 	sctx := arangoDriver.WithQueryFullCount(ctx)
 
 	query := fmt.Sprintf("FOR d in %s SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.User, pagination.Offset, pagination.Limit)
-
 	cursor, err := p.db.Query(sctx, query, nil)
 	if err != nil {
 		return nil, err
 	}
 	defer cursor.Close()
-
 	paginationClone := pagination
 	paginationClone.Total = cursor.Statistics().FullCount()
-
 	for {
-		var user models.User
+		var user *models.User
 		meta, err := cursor.ReadDocument(ctx, &user)
-
 		if arangoDriver.IsNoMoreDocuments(err) {
 			break
 		} else if err != nil {
 			return nil, err
 		}
-
 		if meta.Key != "" {
 			users = append(users, user.AsAPIUser())
 		}
 	}
-
 	return &model.Users{
-		Pagination: &paginationClone,
+		Pagination: paginationClone,
 		Users:      users,
 	}, nil
 }
 
 // GetUserByEmail to get user information from database using email address
-func (p *provider) GetUserByEmail(ctx context.Context, email string) (models.User, error) {
-	var user models.User
-
+func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.User, error) {
+	var user *models.User
 	query := fmt.Sprintf("FOR d in %s FILTER d.email == @email RETURN d", models.Collections.User)
 	bindVars := map[string]interface{}{
 		"email": email,
 	}
-
 	cursor, err := p.db.Query(ctx, query, bindVars)
 	if err != nil {
 		return user, err
 	}
 	defer cursor.Close()
-
 	for {
 		if !cursor.HasMore() {
-			if user.Key == "" {
+			if user == nil {
 				return user, fmt.Errorf("user not found")
 			}
 			break
@@ -151,28 +140,24 @@ func (p *provider) GetUserByEmail(ctx context.Context, email string) (models.Use
 			return user, err
 		}
 	}
-
 	return user, nil
 }
 
 // GetUserByID to get user information from database using user ID
-func (p *provider) GetUserByID(ctx context.Context, id string) (models.User, error) {
-	var user models.User
-
+func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, error) {
+	var user *models.User
 	query := fmt.Sprintf("FOR d in %s FILTER d._id == @id LIMIT 1 RETURN d", models.Collections.User)
 	bindVars := map[string]interface{}{
 		"id": id,
 	}
-
 	cursor, err := p.db.Query(ctx, query, bindVars)
 	if err != nil {
 		return user, err
 	}
 	defer cursor.Close()
-
 	for {
 		if !cursor.HasMore() {
-			if user.Key == "" {
+			if user == nil {
 				return user, fmt.Errorf("user not found")
 			}
 			break
@@ -182,7 +167,6 @@ func (p *provider) GetUserByID(ctx context.Context, id string) (models.User, err
 			return user, err
 		}
 	}
-
 	return user, nil
 }
 
@@ -191,12 +175,10 @@ func (p *provider) GetUserByID(ctx context.Context, id string) (models.User, err
 func (p *provider) UpdateUsers(ctx context.Context, data map[string]interface{}, ids []string) error {
 	// set updated_at time for all users
 	data["updated_at"] = time.Now().Unix()
-
 	userInfoBytes, err := json.Marshal(data)
 	if err != nil {
 		return err
 	}
-
 	query := ""
 	if len(ids) > 0 {
 		keysArray := ""
@@ -209,33 +191,28 @@ func (p *provider) UpdateUsers(ctx context.Context, data map[string]interface{},
 	} else {
 		query = fmt.Sprintf("FOR u IN %s UPDATE u._key with %s IN %s", models.Collections.User, string(userInfoBytes), models.Collections.User)
 	}
-
 	_, err = p.db.Query(ctx, query, nil)
 	if err != nil {
 		return err
 	}
-
 	return nil
 }
 
 // GetUserByPhoneNumber to get user information from database using phone number
 func (p *provider) GetUserByPhoneNumber(ctx context.Context, phoneNumber string) (*models.User, error) {
-	var user models.User
-
+	var user *models.User
 	query := fmt.Sprintf("FOR d in %s FILTER d.phone_number == @phone_number RETURN d", models.Collections.User)
 	bindVars := map[string]interface{}{
 		"phone_number": phoneNumber,
 	}
-
 	cursor, err := p.db.Query(ctx, query, bindVars)
 	if err != nil {
 		return nil, err
 	}
 	defer cursor.Close()
-
 	for {
 		if !cursor.HasMore() {
-			if user.Key == "" {
+			if user == nil {
 				return nil, fmt.Errorf("user not found")
 			}
 			break
@@ -245,6 +222,5 @@ func (p *provider) GetUserByPhoneNumber(ctx context.Context, phoneNumber string)
 			return nil, err
 		}
 	}
-
-	return &user, nil
+	return user, nil
 }

server/db/providers/arangodb/verification_requests.go

@@ -12,12 +12,11 @@ import (
 )
 
 // AddVerification to save verification request in database
-func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
+func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest *models.VerificationRequest) (*models.VerificationRequest, error) {
 	if verificationRequest.ID == "" {
 		verificationRequest.ID = uuid.New().String()
 		verificationRequest.Key = verificationRequest.ID
 	}
-
 	verificationRequest.CreatedAt = time.Now().Unix()
 	verificationRequest.UpdatedAt = time.Now().Unix()
 	verificationRequestRequestCollection, _ := p.db.Collection(ctx, models.Collections.VerificationRequest)
@@ -27,27 +26,24 @@ func (p *provider) AddVerificationRequest(ctx context.Context, verificationReque
 	}
 	verificationRequest.Key = meta.Key
 	verificationRequest.ID = meta.ID.String()
-
 	return verificationRequest, nil
 }
 
 // GetVerificationRequestByToken to get verification request from database using token
-func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (models.VerificationRequest, error) {
-	var verificationRequest models.VerificationRequest
+func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (*models.VerificationRequest, error) {
+	var verificationRequest *models.VerificationRequest
 	query := fmt.Sprintf("FOR d in %s FILTER d.token == @token LIMIT 1 RETURN d", models.Collections.VerificationRequest)
 	bindVars := map[string]interface{}{
 		"token": token,
 	}
-
 	cursor, err := p.db.Query(ctx, query, bindVars)
 	if err != nil {
 		return verificationRequest, err
 	}
 	defer cursor.Close()
-
 	for {
 		if !cursor.HasMore() {
-			if verificationRequest.Key == "" {
+			if verificationRequest == nil {
 				return verificationRequest, fmt.Errorf("verification request not found")
 			}
 			break
@@ -57,29 +53,25 @@ func (p *provider) GetVerificationRequestByToken(ctx context.Context, token stri
 			return verificationRequest, err
 		}
 	}
-
 	return verificationRequest, nil
 }
 
 // GetVerificationRequestByEmail to get verification request by email from database
-func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (models.VerificationRequest, error) {
-	var verificationRequest models.VerificationRequest
-
+func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (*models.VerificationRequest, error) {
+	var verificationRequest *models.VerificationRequest
 	query := fmt.Sprintf("FOR d in %s FILTER d.email == @email FILTER d.identifier == @identifier LIMIT 1 RETURN d", models.Collections.VerificationRequest)
 	bindVars := map[string]interface{}{
 		"email":      email,
 		"identifier": identifier,
 	}
-
 	cursor, err := p.db.Query(ctx, query, bindVars)
 	if err != nil {
 		return verificationRequest, err
 	}
 	defer cursor.Close()
-
 	for {
 		if !cursor.HasMore() {
-			if verificationRequest.Key == "" {
+			if verificationRequest == nil {
 				return verificationRequest, fmt.Errorf("verification request not found")
 			}
 			break
@@ -89,27 +81,23 @@ func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email stri
 			return verificationRequest, err
 		}
 	}
-
 	return verificationRequest, nil
 }
 
 // ListVerificationRequests to get list of verification requests from database
-func (p *provider) ListVerificationRequests(ctx context.Context, pagination model.Pagination) (*model.VerificationRequests, error) {
+func (p *provider) ListVerificationRequests(ctx context.Context, pagination *model.Pagination) (*model.VerificationRequests, error) {
 	var verificationRequests []*model.VerificationRequest
 	sctx := arangoDriver.WithQueryFullCount(ctx)
 	query := fmt.Sprintf("FOR d in %s SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.VerificationRequest, pagination.Offset, pagination.Limit)
-
 	cursor, err := p.db.Query(sctx, query, nil)
 	if err != nil {
 		return nil, err
 	}
 	defer cursor.Close()
-
 	paginationClone := pagination
 	paginationClone.Total = cursor.Statistics().FullCount()
-
 	for {
-		var verificationRequest models.VerificationRequest
+		var verificationRequest *models.VerificationRequest
 		meta, err := cursor.ReadDocument(ctx, &verificationRequest)
 
 		if arangoDriver.IsNoMoreDocuments(err) {
@@ -123,15 +111,14 @@ func (p *provider) ListVerificationRequests(ctx context.Context, pagination mode
 		}
 
 	}
-
 	return &model.VerificationRequests{
 		VerificationRequests: verificationRequests,
-		Pagination:           &paginationClone,
+		Pagination:           paginationClone,
 	}, nil
 }
 
 // DeleteVerificationRequest to delete verification request from database
-func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) error {
+func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest *models.VerificationRequest) error {
 	collection, _ := p.db.Collection(ctx, models.Collections.VerificationRequest)
 	_, err := collection.RemoveDocument(ctx, verificationRequest.Key)
 	if err != nil {

server/db/providers/arangodb/webhook.go

@@ -14,7 +14,7 @@ import (
 )
 
 // AddWebhook to add webhook
-func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+func (p *provider) AddWebhook(ctx context.Context, webhook *models.Webhook) (*model.Webhook, error) {
 	if webhook.ID == "" {
 		webhook.ID = uuid.New().String()
 		webhook.Key = webhook.ID
@@ -33,7 +33,7 @@ func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*mod
 }
 
 // UpdateWebhook to update webhook
-func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+func (p *provider) UpdateWebhook(ctx context.Context, webhook *models.Webhook) (*model.Webhook, error) {
 	webhook.UpdatedAt = time.Now().Unix()
 	// Event is changed
 	if !strings.Contains(webhook.EventName, "-") {
@@ -50,11 +50,9 @@ func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*
 }
 
 // ListWebhooks to list webhook
-func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination) (*model.Webhooks, error) {
+func (p *provider) ListWebhook(ctx context.Context, pagination *model.Pagination) (*model.Webhooks, error) {
 	webhooks := []*model.Webhook{}
-
 	query := fmt.Sprintf("FOR d in %s SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.Webhook, pagination.Offset, pagination.Limit)
-
 	sctx := arangoDriver.WithQueryFullCount(ctx)
 	cursor, err := p.db.Query(sctx, query, nil)
 	if err != nil {
@@ -64,9 +62,8 @@ func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination)
 	paginationClone := pagination
 	paginationClone.Total = cursor.Statistics().FullCount()
 	for {
-		var webhook models.Webhook
+		var webhook *models.Webhook
 		meta, err := cursor.ReadDocument(ctx, &webhook)
-
 		if arangoDriver.IsNoMoreDocuments(err) {
 			break
 		} else if err != nil {
@@ -79,14 +76,14 @@ func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination)
 	}
 
 	return &model.Webhooks{
-		Pagination: &paginationClone,
+		Pagination: paginationClone,
 		Webhooks:   webhooks,
 	}, nil
 }
 
 // GetWebhookByID to get webhook by id
 func (p *provider) GetWebhookByID(ctx context.Context, webhookID string) (*model.Webhook, error) {
-	var webhook models.Webhook
+	var webhook *models.Webhook
 	query := fmt.Sprintf("FOR d in %s FILTER d._key == @webhook_id RETURN d", models.Collections.Webhook)
 	bindVars := map[string]interface{}{
 		"webhook_id": webhookID,
@@ -98,7 +95,7 @@ func (p *provider) GetWebhookByID(ctx context.Context, webhookID string) (*model
 	defer cursor.Close()
 	for {
 		if !cursor.HasMore() {
-			if webhook.Key == "" {
+			if webhook == nil {
 				return nil, fmt.Errorf("webhook not found")
 			}
 			break
@@ -124,7 +121,7 @@ func (p *provider) GetWebhookByEventName(ctx context.Context, eventName string)
 	defer cursor.Close()
 	webhooks := []*model.Webhook{}
 	for {
-		var webhook models.Webhook
+		var webhook *models.Webhook
 		if _, err := cursor.ReadDocument(ctx, &webhook); driver.IsNoMoreDocuments(err) {
 			// We're done
 			break

server/db/providers/arangodb/webhook_log.go

@@ -12,12 +12,11 @@ import (
 )
 
 // AddWebhookLog to add webhook log
-func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookLog) (*model.WebhookLog, error) {
+func (p *provider) AddWebhookLog(ctx context.Context, webhookLog *models.WebhookLog) (*model.WebhookLog, error) {
 	if webhookLog.ID == "" {
 		webhookLog.ID = uuid.New().String()
 		webhookLog.Key = webhookLog.ID
 	}
-
 	webhookLog.Key = webhookLog.ID
 	webhookLog.CreatedAt = time.Now().Unix()
 	webhookLog.UpdatedAt = time.Now().Unix()
@@ -30,46 +29,38 @@ func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookL
 }
 
 // ListWebhookLogs to list webhook logs
-func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Pagination, webhookID string) (*model.WebhookLogs, error) {
+func (p *provider) ListWebhookLogs(ctx context.Context, pagination *model.Pagination, webhookID string) (*model.WebhookLogs, error) {
 	webhookLogs := []*model.WebhookLog{}
 	bindVariables := map[string]interface{}{}
-
 	query := fmt.Sprintf("FOR d in %s SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.WebhookLog, pagination.Offset, pagination.Limit)
-
 	if webhookID != "" {
 		query = fmt.Sprintf("FOR d in %s FILTER d.webhook_id == @webhook_id SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.WebhookLog, pagination.Offset, pagination.Limit)
 		bindVariables = map[string]interface{}{
 			"webhook_id": webhookID,
 		}
 	}
-
 	sctx := arangoDriver.WithQueryFullCount(ctx)
 	cursor, err := p.db.Query(sctx, query, bindVariables)
 	if err != nil {
 		return nil, err
 	}
 	defer cursor.Close()
-
 	paginationClone := pagination
 	paginationClone.Total = cursor.Statistics().FullCount()
-
 	for {
-		var webhookLog models.WebhookLog
+		var webhookLog *models.WebhookLog
 		meta, err := cursor.ReadDocument(ctx, &webhookLog)
-
 		if arangoDriver.IsNoMoreDocuments(err) {
 			break
 		} else if err != nil {
 			return nil, err
 		}
-
 		if meta.Key != "" {
 			webhookLogs = append(webhookLogs, webhookLog.AsAPIWebhookLog())
 		}
 	}
-
 	return &model.WebhookLogs{
-		Pagination:  &paginationClone,
+		Pagination:  paginationClone,
 		WebhookLogs: webhookLogs,
 	}, nil
 }

server/db/providers/cassandradb/email_template.go

@@ -15,33 +15,28 @@ import (
 )
 
 // AddEmailTemplate to add EmailTemplate
-func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate *models.EmailTemplate) (*model.EmailTemplate, error) {
 	if emailTemplate.ID == "" {
 		emailTemplate.ID = uuid.New().String()
 	}
-
 	emailTemplate.Key = emailTemplate.ID
 	emailTemplate.CreatedAt = time.Now().Unix()
 	emailTemplate.UpdatedAt = time.Now().Unix()
-
 	existingEmailTemplate, _ := p.GetEmailTemplateByEventName(ctx, emailTemplate.EventName)
 	if existingEmailTemplate != nil {
 		return nil, fmt.Errorf("Email template with %s event_name already exists", emailTemplate.EventName)
 	}
-
 	insertQuery := fmt.Sprintf("INSERT INTO %s (id, event_name, subject, design, template,  created_at, updated_at) VALUES ('%s', '%s', '%s','%s','%s', %d, %d)", KeySpace+"."+models.Collections.EmailTemplate, emailTemplate.ID, emailTemplate.EventName, emailTemplate.Subject, emailTemplate.Design, emailTemplate.Template, emailTemplate.CreatedAt, emailTemplate.UpdatedAt)
 	err := p.db.Query(insertQuery).Exec()
 	if err != nil {
 		return nil, err
 	}
-
 	return emailTemplate.AsAPIEmailTemplate(), nil
 }
 
 // UpdateEmailTemplate to update EmailTemplate
-func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate *models.EmailTemplate) (*model.EmailTemplate, error) {
 	emailTemplate.UpdatedAt = time.Now().Unix()
-
 	bytes, err := json.Marshal(emailTemplate)
 	if err != nil {
 		return nil, err
@@ -54,22 +49,18 @@ func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate models
 	if err != nil {
 		return nil, err
 	}
-
 	updateFields := ""
 	for key, value := range emailTemplateMap {
 		if key == "_id" {
 			continue
 		}
-
 		if key == "_key" {
 			continue
 		}
-
 		if value == nil {
 			updateFields += fmt.Sprintf("%s = null,", key)
 			continue
 		}
-
 		valueType := reflect.TypeOf(value)
 		if valueType.Name() == "string" {
 			updateFields += fmt.Sprintf("%s = '%s', ", key, value.(string))
@@ -90,7 +81,7 @@ func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate models
 }
 
 // ListEmailTemplates to list EmailTemplate
-func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagination) (*model.EmailTemplates, error) {
+func (p *provider) ListEmailTemplate(ctx context.Context, pagination *model.Pagination) (*model.EmailTemplates, error) {
 	emailTemplates := []*model.EmailTemplate{}
 	paginationClone := pagination
 
@@ -120,7 +111,7 @@ func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagin
 	}
 
 	return &model.EmailTemplates{
-		Pagination:     &paginationClone,
+		Pagination:     paginationClone,
 		EmailTemplates: emailTemplates,
 	}, nil
 }

server/db/providers/cassandradb/env.go

@@ -11,11 +11,10 @@ import (
 )
 
 // AddEnv to save environment information in database
-func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, error) {
+func (p *provider) AddEnv(ctx context.Context, env *models.Env) (*models.Env, error) {
 	if env.ID == "" {
 		env.ID = uuid.New().String()
 	}
-
 	env.CreatedAt = time.Now().Unix()
 	env.UpdatedAt = time.Now().Unix()
 	insertEnvQuery := fmt.Sprintf("INSERT INTO %s (id, env, hash, created_at, updated_at) VALUES ('%s', '%s', '%s', %d, %d)", KeySpace+"."+models.Collections.Env, env.ID, env.EnvData, env.Hash, env.CreatedAt, env.UpdatedAt)
@@ -28,9 +27,8 @@ func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, erro
 }
 
 // UpdateEnv to update environment information in database
-func (p *provider) UpdateEnv(ctx context.Context, env models.Env) (models.Env, error) {
+func (p *provider) UpdateEnv(ctx context.Context, env *models.Env) (*models.Env, error) {
 	env.UpdatedAt = time.Now().Unix()
-
 	updateEnvQuery := fmt.Sprintf("UPDATE %s SET env = '%s', updated_at = %d WHERE id = '%s'", KeySpace+"."+models.Collections.Env, env.EnvData, env.UpdatedAt, env.ID)
 	err := p.db.Query(updateEnvQuery).Exec()
 	if err != nil {
@@ -40,14 +38,12 @@ func (p *provider) UpdateEnv(ctx context.Context, env models.Env) (models.Env, e
 }
 
 // GetEnv to get environment information from database
-func (p *provider) GetEnv(ctx context.Context) (models.Env, error) {
+func (p *provider) GetEnv(ctx context.Context) (*models.Env, error) {
 	var env models.Env
-
 	query := fmt.Sprintf("SELECT id, env, hash, created_at, updated_at FROM %s LIMIT 1", KeySpace+"."+models.Collections.Env)
 	err := p.db.Query(query).Consistency(gocql.One).Scan(&env.ID, &env.EnvData, &env.Hash, &env.CreatedAt, &env.UpdatedAt)
 	if err != nil {
-		return env, err
+		return nil, err
 	}
-
-	return env, nil
+	return &env, nil
 }

server/db/providers/cassandradb/otp.go

@@ -2,6 +2,7 @@ package cassandradb
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"time"
 
@@ -12,7 +13,20 @@ import (
 
 // UpsertOTP to add or update otp
 func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models.OTP, error) {
-	otp, _ := p.GetOTPByEmail(ctx, otpParam.Email)
+	// check if email or phone number is present
+	if otpParam.Email == "" && otpParam.PhoneNumber == "" {
+		return nil, errors.New("email or phone_number is required")
+	}
+	uniqueField := models.FieldNameEmail
+	if otpParam.Email == "" && otpParam.PhoneNumber != "" {
+		uniqueField = models.FieldNamePhoneNumber
+	}
+	var otp *models.OTP
+	if uniqueField == models.FieldNameEmail {
+		otp, _ = p.GetOTPByEmail(ctx, otpParam.Email)
+	} else {
+		otp, _ = p.GetOTPByPhoneNumber(ctx, otpParam.PhoneNumber)
+	}
 	shouldCreate := false
 	if otp == nil {
 		shouldCreate = true
@@ -20,6 +34,7 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
 			ID:          uuid.NewString(),
 			Otp:         otpParam.Otp,
 			Email:       otpParam.Email,
+			PhoneNumber: otpParam.PhoneNumber,
 			ExpiresAt:   otpParam.ExpiresAt,
 			CreatedAt:   time.Now().Unix(),
 			UpdatedAt:   time.Now().Unix(),
@@ -32,7 +47,7 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
 	otp.UpdatedAt = time.Now().Unix()
 	query := ""
 	if shouldCreate {
-		query = fmt.Sprintf(`INSERT INTO %s (id, email, otp, expires_at, created_at, updated_at) VALUES ('%s', '%s', '%s', %d, %d, %d)`, KeySpace+"."+models.Collections.OTP, otp.ID, otp.Email, otp.Otp, otp.ExpiresAt, otp.CreatedAt, otp.UpdatedAt)
+		query = fmt.Sprintf(`INSERT INTO %s (id, email, phone_number, otp, expires_at, created_at, updated_at) VALUES ('%s', '%s', '%s', '%s', %d, %d, %d)`, KeySpace+"."+models.Collections.OTP, otp.ID, otp.Email, otp.PhoneNumber, otp.Otp, otp.ExpiresAt, otp.CreatedAt, otp.UpdatedAt)
 	} else {
 		query = fmt.Sprintf(`UPDATE %s SET otp = '%s', expires_at = %d, updated_at = %d WHERE id = '%s'`, KeySpace+"."+models.Collections.OTP, otp.Otp, otp.ExpiresAt, otp.UpdatedAt, otp.ID)
 	}
@@ -48,8 +63,19 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
 // GetOTPByEmail to get otp for a given email address
 func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*models.OTP, error) {
 	var otp models.OTP
-	query := fmt.Sprintf(`SELECT id, email, otp, expires_at, created_at, updated_at FROM %s WHERE email = '%s' LIMIT 1 ALLOW FILTERING`, KeySpace+"."+models.Collections.OTP, emailAddress)
-	err := p.db.Query(query).Consistency(gocql.One).Scan(&otp.ID, &otp.Email, &otp.Otp, &otp.ExpiresAt, &otp.CreatedAt, &otp.UpdatedAt)
+	query := fmt.Sprintf(`SELECT id, email, phone_number, otp, expires_at, created_at, updated_at FROM %s WHERE email = '%s' LIMIT 1 ALLOW FILTERING`, KeySpace+"."+models.Collections.OTP, emailAddress)
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&otp.ID, &otp.Email, &otp.PhoneNumber, &otp.Otp, &otp.ExpiresAt, &otp.CreatedAt, &otp.UpdatedAt)
+	if err != nil {
+		return nil, err
+	}
+	return &otp, nil
+}
+
+// GetOTPByPhoneNumber to get otp for a given phone number
+func (p *provider) GetOTPByPhoneNumber(ctx context.Context, phoneNumber string) (*models.OTP, error) {
+	var otp models.OTP
+	query := fmt.Sprintf(`SELECT id, email, phone_number, otp, expires_at, created_at, updated_at FROM %s WHERE phone_number = '%s' LIMIT 1 ALLOW FILTERING`, KeySpace+"."+models.Collections.OTP, phoneNumber)
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&otp.ID, &otp.Email, &otp.PhoneNumber, &otp.Otp, &otp.ExpiresAt, &otp.CreatedAt, &otp.UpdatedAt)
 	if err != nil {
 		return nil, err
 	}

server/db/providers/cassandradb/provider.go

@@ -254,7 +254,19 @@ func NewProvider() (*provider, error) {
 	if err != nil {
 		return nil, err
 	}
-
+	// Add phone_number column to otp table
+	otpAlterQuery := fmt.Sprintf(`ALTER TABLE %s.%s ADD (phone_number text);`, KeySpace, models.Collections.OTP)
+	err = session.Query(otpAlterQuery).Exec()
+	if err != nil {
+		log.Debug("Failed to alter table as column exists: ", err)
+		// continue
+	}
+	// Add phone number index
+	otpIndexQueryPhoneNumber := fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_otp_phone_number ON %s.%s (phone_number)", KeySpace, models.Collections.OTP)
+	err = session.Query(otpIndexQueryPhoneNumber).Exec()
+	if err != nil {
+		return nil, err
+	}
 	return &provider{
 		db: session,
 	}, err

server/db/providers/cassandradb/session.go

@@ -10,14 +10,12 @@ import (
 )
 
 // AddSession to save session information in database
-func (p *provider) AddSession(ctx context.Context, session models.Session) error {
+func (p *provider) AddSession(ctx context.Context, session *models.Session) error {
 	if session.ID == "" {
 		session.ID = uuid.New().String()
 	}
-
 	session.CreatedAt = time.Now().Unix()
 	session.UpdatedAt = time.Now().Unix()
-
 	insertSessionQuery := fmt.Sprintf("INSERT INTO %s (id, user_id, user_agent, ip, created_at, updated_at) VALUES ('%s', '%s', '%s', '%s', %d, %d)", KeySpace+"."+models.Collections.Session, session.ID, session.UserID, session.UserAgent, session.IP, session.CreatedAt, session.UpdatedAt)
 	err := p.db.Query(insertSessionQuery).Exec()
 	if err != nil {
@@ -25,3 +23,8 @@ func (p *provider) AddSession(ctx context.Context, session models.Session) error
 	}
 	return nil
 }
+
+// DeleteSession to delete session information from database
+func (p *provider) DeleteSession(ctx context.Context, userId string) error {
+	return nil
+}

server/db/providers/cassandradb/user.go

@@ -18,7 +18,7 @@ import (
 )
 
 // AddUser to save user information in database
-func (p *provider) AddUser(ctx context.Context, user models.User) (models.User, error) {
+func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User, error) {
 	if user.ID == "" {
 		user.ID = uuid.New().String()
 	}
@@ -77,7 +77,6 @@ func (p *provider) AddUser(ctx context.Context, user models.User) (models.User,
 	values = values[:len(values)-1] + ")"
 
 	query := fmt.Sprintf("INSERT INTO %s %s VALUES %s IF NOT EXISTS", KeySpace+"."+models.Collections.User, fields, values)
-
 	err = p.db.Query(query).Exec()
 	if err != nil {
 		return user, err
@@ -87,7 +86,7 @@ func (p *provider) AddUser(ctx context.Context, user models.User) (models.User,
 }
 
 // UpdateUser to update user information in database
-func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.User, error) {
+func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.User, error) {
 	user.UpdatedAt = time.Now().Unix()
 
 	bytes, err := json.Marshal(user)
@@ -138,13 +137,12 @@ func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.Use
 }
 
 // DeleteUser to delete user information from database
-func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
+func (p *provider) DeleteUser(ctx context.Context, user *models.User) error {
 	query := fmt.Sprintf("DELETE FROM %s WHERE id = '%s'", KeySpace+"."+models.Collections.User, user.ID)
 	err := p.db.Query(query).Exec()
 	if err != nil {
 		return err
 	}
-
 	getSessionsQuery := fmt.Sprintf("SELECT id FROM %s WHERE user_id = '%s' ALLOW FILTERING", KeySpace+"."+models.Collections.Session, user.ID)
 	scanner := p.db.Query(getSessionsQuery).Iter().Scanner()
 	sessionIDs := ""
@@ -167,7 +165,7 @@ func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
 }
 
 // ListUsers to get list of users from database
-func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (*model.Users, error) {
+func (p *provider) ListUsers(ctx context.Context, pagination *model.Pagination) (*model.Users, error) {
 	responseUsers := []*model.User{}
 	paginationClone := pagination
 	totalCountQuery := fmt.Sprintf(`SELECT COUNT(*) FROM %s`, KeySpace+"."+models.Collections.User)
@@ -180,7 +178,6 @@ func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (
 	// so we fetch till limit + offset
 	// and return the results from offset to limit
 	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, created_at, updated_at FROM %s LIMIT %d", KeySpace+"."+models.Collections.User, pagination.Limit+pagination.Offset)
-
 	scanner := p.db.Query(query).Iter().Scanner()
 	counter := int64(0)
 	for scanner.Next() {
@@ -195,31 +192,31 @@ func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (
 		counter++
 	}
 	return &model.Users{
+		Pagination: paginationClone,
 		Users:      responseUsers,
-		Pagination: &paginationClone,
 	}, nil
 }
 
 // GetUserByEmail to get user information from database using email address
-func (p *provider) GetUserByEmail(ctx context.Context, email string) (models.User, error) {
+func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.User, error) {
 	var user models.User
 	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, created_at, updated_at FROM %s WHERE email = '%s' LIMIT 1 ALLOW FILTERING", KeySpace+"."+models.Collections.User, email)
 	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.IsMultiFactorAuthEnabled, &user.CreatedAt, &user.UpdatedAt)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
-	return user, nil
+	return &user, nil
 }
 
 // GetUserByID to get user information from database using user ID
-func (p *provider) GetUserByID(ctx context.Context, id string) (models.User, error) {
+func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, error) {
 	var user models.User
 	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, created_at, updated_at FROM %s WHERE id = '%s' LIMIT 1", KeySpace+"."+models.Collections.User, id)
 	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.IsMultiFactorAuthEnabled, &user.CreatedAt, &user.UpdatedAt)
 	if err != nil {
-		return user, err
+		return nil, err
 	}
-	return user, nil
+	return &user, nil
 }
 
 // UpdateUsers to update multiple users, with parameters of user IDs slice
@@ -252,9 +249,8 @@ func (p *provider) UpdateUsers(ctx context.Context, data map[string]interface{},
 	}
 	updateFields = strings.Trim(updateFields, " ")
 	updateFields = strings.TrimSuffix(updateFields, ",")
-
 	query := ""
-	if ids != nil && len(ids) > 0 {
+	if len(ids) > 0 {
 		idsString := ""
 		for _, id := range ids {
 			idsString += fmt.Sprintf("'%s', ", id)

server/db/providers/cassandradb/verification_requests.go

@@ -12,7 +12,7 @@ import (
 )
 
 // AddVerification to save verification request in database
-func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
+func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest *models.VerificationRequest) (*models.VerificationRequest, error) {
 	if verificationRequest.ID == "" {
 		verificationRequest.ID = uuid.New().String()
 	}
@@ -29,41 +29,39 @@ func (p *provider) AddVerificationRequest(ctx context.Context, verificationReque
 }
 
 // GetVerificationRequestByToken to get verification request from database using token
-func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (models.VerificationRequest, error) {
+func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (*models.VerificationRequest, error) {
 	var verificationRequest models.VerificationRequest
 	query := fmt.Sprintf(`SELECT id, jwt_token, identifier, expires_at, email, nonce, redirect_uri, created_at, updated_at FROM %s WHERE jwt_token = '%s' LIMIT 1`, KeySpace+"."+models.Collections.VerificationRequest, token)
 
 	err := p.db.Query(query).Consistency(gocql.One).Scan(&verificationRequest.ID, &verificationRequest.Token, &verificationRequest.Identifier, &verificationRequest.ExpiresAt, &verificationRequest.Email, &verificationRequest.Nonce, &verificationRequest.RedirectURI, &verificationRequest.CreatedAt, &verificationRequest.UpdatedAt)
 	if err != nil {
-		return verificationRequest, err
+		return nil, err
 	}
-	return verificationRequest, nil
+	return &verificationRequest, nil
 }
 
 // GetVerificationRequestByEmail to get verification request by email from database
-func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (models.VerificationRequest, error) {
+func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (*models.VerificationRequest, error) {
 	var verificationRequest models.VerificationRequest
 	query := fmt.Sprintf(`SELECT id, jwt_token, identifier, expires_at, email, nonce, redirect_uri, created_at, updated_at FROM %s WHERE email = '%s' AND identifier = '%s' LIMIT 1 ALLOW FILTERING`, KeySpace+"."+models.Collections.VerificationRequest, email, identifier)
 
 	err := p.db.Query(query).Consistency(gocql.One).Scan(&verificationRequest.ID, &verificationRequest.Token, &verificationRequest.Identifier, &verificationRequest.ExpiresAt, &verificationRequest.Email, &verificationRequest.Nonce, &verificationRequest.RedirectURI, &verificationRequest.CreatedAt, &verificationRequest.UpdatedAt)
 	if err != nil {
-		return verificationRequest, err
+		return nil, err
 	}
 
-	return verificationRequest, nil
+	return &verificationRequest, nil
 }
 
 // ListVerificationRequests to get list of verification requests from database
-func (p *provider) ListVerificationRequests(ctx context.Context, pagination model.Pagination) (*model.VerificationRequests, error) {
+func (p *provider) ListVerificationRequests(ctx context.Context, pagination *model.Pagination) (*model.VerificationRequests, error) {
 	var verificationRequests []*model.VerificationRequest
-
 	paginationClone := pagination
 	totalCountQuery := fmt.Sprintf(`SELECT COUNT(*) FROM %s`, KeySpace+"."+models.Collections.VerificationRequest)
 	err := p.db.Query(totalCountQuery).Consistency(gocql.One).Scan(&paginationClone.Total)
 	if err != nil {
 		return nil, err
 	}
-
 	// there is no offset in cassandra
 	// so we fetch till limit + offset
 	// and return the results from offset to limit
@@ -76,6 +74,7 @@ func (p *provider) ListVerificationRequests(ctx context.Context, pagination mode
 			var verificationRequest models.VerificationRequest
 			err := scanner.Scan(&verificationRequest.ID, &verificationRequest.Token, &verificationRequest.Identifier, &verificationRequest.ExpiresAt, &verificationRequest.Email, &verificationRequest.Nonce, &verificationRequest.RedirectURI, &verificationRequest.CreatedAt, &verificationRequest.UpdatedAt)
 			if err != nil {
+				fmt.Println("=> getting error here...", err)
 				return nil, err
 			}
 			verificationRequests = append(verificationRequests, verificationRequest.AsAPIVerificationRequest())
@@ -85,12 +84,12 @@ func (p *provider) ListVerificationRequests(ctx context.Context, pagination mode
 
 	return &model.VerificationRequests{
 		VerificationRequests: verificationRequests,
-		Pagination:           &paginationClone,
+		Pagination:           paginationClone,
 	}, nil
 }
 
 // DeleteVerificationRequest to delete verification request from database
-func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) error {
+func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest *models.VerificationRequest) error {
 	query := fmt.Sprintf("DELETE FROM %s WHERE id = '%s'", KeySpace+"."+models.Collections.VerificationRequest, verificationRequest.ID)
 	err := p.db.Query(query).Exec()
 	if err != nil {

server/db/providers/cassandradb/webhook.go

@@ -15,7 +15,7 @@ import (
 )
 
 // AddWebhook to add webhook
-func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+func (p *provider) AddWebhook(ctx context.Context, webhook *models.Webhook) (*model.Webhook, error) {
 	if webhook.ID == "" {
 		webhook.ID = uuid.New().String()
 	}
@@ -33,7 +33,7 @@ func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*mod
 }
 
 // UpdateWebhook to update webhook
-func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+func (p *provider) UpdateWebhook(ctx context.Context, webhook *models.Webhook) (*model.Webhook, error) {
 	webhook.UpdatedAt = time.Now().Unix()
 	// Event is changed
 	if !strings.Contains(webhook.EventName, "-") {
@@ -81,7 +81,7 @@ func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*
 }
 
 // ListWebhooks to list webhook
-func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination) (*model.Webhooks, error) {
+func (p *provider) ListWebhook(ctx context.Context, pagination *model.Pagination) (*model.Webhooks, error) {
 	webhooks := []*model.Webhook{}
 	paginationClone := pagination
 	totalCountQuery := fmt.Sprintf(`SELECT COUNT(*) FROM %s`, KeySpace+"."+models.Collections.Webhook)
@@ -108,7 +108,7 @@ func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination)
 	}
 
 	return &model.Webhooks{
-		Pagination: &paginationClone,
+		Pagination: paginationClone,
 		Webhooks:   webhooks,
 	}, nil
 }

server/db/providers/cassandradb/webhook_log.go

@@ -12,7 +12,7 @@ import (
 )
 
 // AddWebhookLog to add webhook log
-func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookLog) (*model.WebhookLog, error) {
+func (p *provider) AddWebhookLog(ctx context.Context, webhookLog *models.WebhookLog) (*model.WebhookLog, error) {
 	if webhookLog.ID == "" {
 		webhookLog.ID = uuid.New().String()
 	}
@@ -30,7 +30,7 @@ func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookL
 }
 
 // ListWebhookLogs to list webhook logs
-func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Pagination, webhookID string) (*model.WebhookLogs, error) {
+func (p *provider) ListWebhookLogs(ctx context.Context, pagination *model.Pagination, webhookID string) (*model.WebhookLogs, error) {
 	webhookLogs := []*model.WebhookLog{}
 	paginationClone := pagination
 	totalCountQuery := fmt.Sprintf(`SELECT COUNT(*) FROM %s`, KeySpace+"."+models.Collections.WebhookLog)
@@ -38,7 +38,6 @@ func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Paginat
 	// so we fetch till limit + offset
 	// and return the results from offset to limit
 	query := fmt.Sprintf("SELECT id, http_status, response, request, webhook_id, created_at, updated_at FROM %s LIMIT %d", KeySpace+"."+models.Collections.WebhookLog, pagination.Limit+pagination.Offset)
-
 	if webhookID != "" {
 		totalCountQuery = fmt.Sprintf(`SELECT COUNT(*) FROM %s WHERE webhook_id='%s' ALLOW FILTERING`, KeySpace+"."+models.Collections.WebhookLog, webhookID)
 		query = fmt.Sprintf("SELECT id, http_status, response, request, webhook_id, created_at, updated_at FROM %s WHERE webhook_id = '%s' LIMIT %d ALLOW FILTERING", KeySpace+"."+models.Collections.WebhookLog, webhookID, pagination.Limit+pagination.Offset)
@@ -64,7 +63,7 @@ func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Paginat
 	}
 
 	return &model.WebhookLogs{
-		Pagination:  &paginationClone,
+		Pagination:  paginationClone,
 		WebhookLogs: webhookLogs,
 	}, nil
 }

server/db/providers/couchbase/email_template.go

@@ -15,7 +15,7 @@ import (
 )
 
 // AddEmailTemplate to add EmailTemplate
-func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate *models.EmailTemplate) (*model.EmailTemplate, error) {
 
 	if emailTemplate.ID == "" {
 		emailTemplate.ID = uuid.New().String()
@@ -37,7 +37,7 @@ func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.Em
 }
 
 // UpdateEmailTemplate to update EmailTemplate
-func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate *models.EmailTemplate) (*model.EmailTemplate, error) {
 	bytes, err := json.Marshal(emailTemplate)
 	if err != nil {
 		return nil, err
@@ -67,7 +67,7 @@ func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate models
 }
 
 // ListEmailTemplates to list EmailTemplate
-func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagination) (*model.EmailTemplates, error) {
+func (p *provider) ListEmailTemplate(ctx context.Context, pagination *model.Pagination) (*model.EmailTemplates, error) {
 	emailTemplates := []*model.EmailTemplate{}
 	paginationClone := pagination
 	total, err := p.GetTotalDocs(ctx, models.Collections.EmailTemplate)
@@ -88,7 +88,7 @@ func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagin
 	}
 
 	for queryResult.Next() {
-		emailTemplate := models.EmailTemplate{}
+		var emailTemplate *models.EmailTemplate
 		err := queryResult.Row(&emailTemplate)
 		if err != nil {
 			log.Fatal(err)
@@ -102,54 +102,46 @@ func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagin
 	}
 
 	return &model.EmailTemplates{
-		Pagination:     &paginationClone,
+		Pagination:     paginationClone,
 		EmailTemplates: emailTemplates,
 	}, nil
 }
 
 // GetEmailTemplateByID to get EmailTemplate by id
 func (p *provider) GetEmailTemplateByID(ctx context.Context, emailTemplateID string) (*model.EmailTemplate, error) {
-	emailTemplate := models.EmailTemplate{}
-
+	var emailTemplate *models.EmailTemplate
 	query := fmt.Sprintf(`SELECT  _id, event_name, subject, design, template, created_at, updated_at  FROM %s.%s WHERE _id = $1 LIMIT 1`, p.scopeName, models.Collections.EmailTemplate)
 	q, err := p.db.Query(query, &gocb.QueryOptions{
 		Context:              ctx,
 		ScanConsistency:      gocb.QueryScanConsistencyRequestPlus,
 		PositionalParameters: []interface{}{emailTemplateID},
 	})
-
 	if err != nil {
 		return nil, err
 	}
 	err = q.One(&emailTemplate)
-
 	if err != nil {
 		return nil, err
 	}
-
 	return emailTemplate.AsAPIEmailTemplate(), nil
 }
 
 // GetEmailTemplateByEventName to get EmailTemplate by event_name
 func (p *provider) GetEmailTemplateByEventName(ctx context.Context, eventName string) (*model.EmailTemplate, error) {
-	emailTemplate := models.EmailTemplate{}
-
+	var emailTemplate models.EmailTemplate
 	query := fmt.Sprintf("SELECT  _id, event_name, subject, design, template, created_at, updated_at  FROM %s.%s WHERE event_name=$1 LIMIT 1", p.scopeName, models.Collections.EmailTemplate)
 	q, err := p.db.Query(query, &gocb.QueryOptions{
 		Context:              ctx,
 		ScanConsistency:      gocb.QueryScanConsistencyRequestPlus,
 		PositionalParameters: []interface{}{eventName},
 	})
-
 	if err != nil {
 		return nil, err
 	}
 	err = q.One(&emailTemplate)
-
 	if err != nil {
 		return nil, err
 	}
-
 	return emailTemplate.AsAPIEmailTemplate(), nil
 }
 

server/db/providers/couchbase/env.go

@@ -11,7 +11,7 @@ import (
 )
 
 // AddEnv to save environment information in database
-func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, error) {
+func (p *provider) AddEnv(ctx context.Context, env *models.Env) (*models.Env, error) {
 	if env.ID == "" {
 		env.ID = uuid.New().String()
 	}
@@ -19,7 +19,6 @@ func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, erro
 	env.UpdatedAt = time.Now().Unix()
 	env.Key = env.ID
 	env.EncryptionKey = env.Hash
-
 	insertOpt := gocb.InsertOptions{
 		Context: ctx,
 	}
@@ -31,7 +30,7 @@ func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, erro
 }
 
 // UpdateEnv to update environment information in database
-func (p *provider) UpdateEnv(ctx context.Context, env models.Env) (models.Env, error) {
+func (p *provider) UpdateEnv(ctx context.Context, env *models.Env) (*models.Env, error) {
 	env.UpdatedAt = time.Now().Unix()
 	env.EncryptionKey = env.Hash
 
@@ -40,17 +39,15 @@ func (p *provider) UpdateEnv(ctx context.Context, env models.Env) (models.Env, e
 		Context:              ctx,
 		PositionalParameters: []interface{}{env.EnvData, env.UpdatedAt, env.UpdatedAt, env.ID},
 	})
-
 	if err != nil {
 		return env, err
 	}
-
 	return env, nil
 }
 
 // GetEnv to get environment information from database
-func (p *provider) GetEnv(ctx context.Context) (models.Env, error) {
-	var env models.Env
+func (p *provider) GetEnv(ctx context.Context) (*models.Env, error) {
+	var env *models.Env
 
 	query := fmt.Sprintf("SELECT _id, env, encryption_key, created_at, updated_at FROM %s.%s LIMIT 1", p.scopeName, models.Collections.Env)
 	q, err := p.db.Query(query, &gocb.QueryOptions{
@@ -61,7 +58,6 @@ func (p *provider) GetEnv(ctx context.Context) (models.Env, error) {
 		return env, err
 	}
 	err = q.One(&env)
-
 	if err != nil {
 		return env, err
 	}

server/db/providers/couchbase/otp.go

@@ -2,6 +2,7 @@ package couchbase
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"time"
 
@@ -12,8 +13,20 @@ import (
 
 // UpsertOTP to add or update otp
 func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models.OTP, error) {
-	otp, _ := p.GetOTPByEmail(ctx, otpParam.Email)
-
+	// check if email or phone number is present
+	if otpParam.Email == "" && otpParam.PhoneNumber == "" {
+		return nil, errors.New("email or phone_number is required")
+	}
+	uniqueField := models.FieldNameEmail
+	if otpParam.Email == "" && otpParam.PhoneNumber != "" {
+		uniqueField = models.FieldNamePhoneNumber
+	}
+	var otp *models.OTP
+	if uniqueField == models.FieldNameEmail {
+		otp, _ = p.GetOTPByEmail(ctx, otpParam.Email)
+	} else {
+		otp, _ = p.GetOTPByPhoneNumber(ctx, otpParam.PhoneNumber)
+	}
 	shouldCreate := false
 	if otp == nil {
 		shouldCreate = true
@@ -21,6 +34,7 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
 			ID:          uuid.NewString(),
 			Otp:         otpParam.Otp,
 			Email:       otpParam.Email,
+			PhoneNumber: otpParam.PhoneNumber,
 			ExpiresAt:   otpParam.ExpiresAt,
 			CreatedAt:   time.Now().Unix(),
 			UpdatedAt:   time.Now().Unix(),
@@ -29,7 +43,6 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
 		otp.Otp = otpParam.Otp
 		otp.ExpiresAt = otpParam.ExpiresAt
 	}
-
 	otp.UpdatedAt = time.Now().Unix()
 	if shouldCreate {
 		insertOpt := gocb.InsertOptions{
@@ -54,7 +67,7 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
 // GetOTPByEmail to get otp for a given email address
 func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*models.OTP, error) {
 	otp := models.OTP{}
-	query := fmt.Sprintf(`SELECT _id, email, otp, expires_at, created_at, updated_at FROM %s.%s WHERE email = $1 LIMIT 1`, p.scopeName, models.Collections.OTP)
+	query := fmt.Sprintf(`SELECT _id, email, phone_number, otp, expires_at, created_at, updated_at FROM %s.%s WHERE email = $1 LIMIT 1`, p.scopeName, models.Collections.OTP)
 	q, err := p.db.Query(query, &gocb.QueryOptions{
 		ScanConsistency:      gocb.QueryScanConsistencyRequestPlus,
 		PositionalParameters: []interface{}{emailAddress},
@@ -63,11 +76,27 @@ func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*mod
 		return nil, err
 	}
 	err = q.One(&otp)
-
 	if err != nil {
 		return nil, err
 	}
+	return &otp, nil
+}
 
+// GetOTPByPhoneNumber to get otp for a given phone number
+func (p *provider) GetOTPByPhoneNumber(ctx context.Context, phoneNumber string) (*models.OTP, error) {
+	otp := models.OTP{}
+	query := fmt.Sprintf(`SELECT _id, email, phone_number, otp, expires_at, created_at, updated_at FROM %s.%s WHERE phone_number = $1 LIMIT 1`, p.scopeName, models.Collections.OTP)
+	q, err := p.db.Query(query, &gocb.QueryOptions{
+		ScanConsistency:      gocb.QueryScanConsistencyRequestPlus,
+		PositionalParameters: []interface{}{phoneNumber},
+	})
+	if err != nil {
+		return nil, err
+	}
+	err = q.One(&otp)
+	if err != nil {
+		return nil, err
+	}
 	return &otp, nil
 }
 

server/db/providers/couchbase/provider.go

@@ -166,5 +166,9 @@ func GetIndex(scopeName string) map[string][]string {
 	otpIndex1 := fmt.Sprintf("CREATE INDEX OTPEmailIndex ON %s.%s(email)", scopeName, models.Collections.OTP)
 	indices[models.Collections.OTP] = []string{otpIndex1}
 
+	// OTP index
+	otpIndex2 := fmt.Sprintf("CREATE INDEX OTPPhoneNumberIndex ON %s.%s(phone_number)", scopeName, models.Collections.OTP)
+	indices[models.Collections.OTP] = []string{otpIndex2}
+
 	return indices
 }

server/db/providers/couchbase/session.go

@@ -10,11 +10,10 @@ import (
 )
 
 // AddSession to save session information in database
-func (p *provider) AddSession(ctx context.Context, session models.Session) error {
+func (p *provider) AddSession(ctx context.Context, session *models.Session) error {
 	if session.ID == "" {
 		session.ID = uuid.New().String()
 	}
-
 	session.CreatedAt = time.Now().Unix()
 	session.UpdatedAt = time.Now().Unix()
 	insertOpt := gocb.InsertOptions{
@@ -24,7 +23,6 @@ func (p *provider) AddSession(ctx context.Context, session models.Session) error
 	if err != nil {
 		return err
 	}
-
 	return nil
 }
 

server/db/providers/couchbase/shared.go

@@ -11,24 +11,19 @@ import (
 
 func GetSetFields(webhookMap map[string]interface{}) (string, map[string]interface{}) {
 	params := make(map[string]interface{}, 1)
-
 	updateFields := ""
-
 	for key, value := range webhookMap {
 		if key == "_id" {
 			continue
 		}
-
 		if key == "_key" {
 			continue
 		}
-
 		if value == nil {
 			updateFields += fmt.Sprintf("%s=$%s,", key, key)
 			params[key] = "null"
 			continue
 		}
-
 		valueType := reflect.TypeOf(value)
 		if valueType.Name() == "string" {
 			updateFields += fmt.Sprintf("%s = $%s, ", key, key)
@@ -46,14 +41,11 @@ func GetSetFields(webhookMap map[string]interface{}) (string, map[string]interfa
 
 func (p *provider) GetTotalDocs(ctx context.Context, collection string) (int64, error) {
 	totalDocs := TotalDocs{}
-
 	countQuery := fmt.Sprintf("SELECT COUNT(*) as Total FROM %s.%s", p.scopeName, collection)
 	queryRes, err := p.db.Query(countQuery, &gocb.QueryOptions{
 		Context: ctx,
 	})
-
 	queryRes.One(&totalDocs)
-
 	if err != nil {
 		return totalDocs.Total, err
 	}

server/db/providers/couchbase/user.go

@@ -15,7 +15,7 @@ import (
 )
 
 // AddUser to save user information in database
-func (p *provider) AddUser(ctx context.Context, user models.User) (models.User, error) {
+func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User, error) {
 	if user.ID == "" {
 		user.ID = uuid.New().String()
 	}
@@ -41,7 +41,7 @@ func (p *provider) AddUser(ctx context.Context, user models.User) (models.User,
 }
 
 // UpdateUser to update user information in database
-func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.User, error) {
+func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.User, error) {
 	user.UpdatedAt = time.Now().Unix()
 	unsertOpt := gocb.UpsertOptions{
 		Context: ctx,
@@ -54,7 +54,7 @@ func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.Use
 }
 
 // DeleteUser to delete user information from database
-func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
+func (p *provider) DeleteUser(ctx context.Context, user *models.User) error {
 	removeOpt := gocb.RemoveOptions{
 		Context: ctx,
 	}
@@ -66,12 +66,10 @@ func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
 }
 
 // ListUsers to get list of users from database
-func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (*model.Users, error) {
+func (p *provider) ListUsers(ctx context.Context, pagination *model.Pagination) (*model.Users, error) {
 	users := []*model.User{}
 	paginationClone := pagination
-
 	userQuery := fmt.Sprintf("SELECT _id, email, email_verified_at, `password`, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, created_at, updated_at FROM %s.%s ORDER BY id OFFSET $1 LIMIT $2", p.scopeName, models.Collections.User)
-
 	queryResult, err := p.db.Query(userQuery, &gocb.QueryOptions{
 		ScanConsistency:      gocb.QueryScanConsistencyRequestPlus,
 		Context:              ctx,
@@ -97,21 +95,20 @@ func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (
 		return nil, err
 	}
 	return &model.Users{
-		Pagination: &paginationClone,
+		Pagination: paginationClone,
 		Users:      users,
 	}, nil
 }
 
 // GetUserByEmail to get user information from database using email address
-func (p *provider) GetUserByEmail(ctx context.Context, email string) (models.User, error) {
-	user := models.User{}
+func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.User, error) {
+	var user *models.User
 	query := fmt.Sprintf("SELECT _id, email, email_verified_at, `password`, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, created_at, updated_at FROM %s.%s WHERE email = $1 LIMIT 1", p.scopeName, models.Collections.User)
 	q, err := p.db.Query(query, &gocb.QueryOptions{
 		ScanConsistency:      gocb.QueryScanConsistencyRequestPlus,
 		Context:              ctx,
 		PositionalParameters: []interface{}{email},
 	})
-
 	if err != nil {
 		return user, err
 	}
@@ -119,13 +116,12 @@ func (p *provider) GetUserByEmail(ctx context.Context, email string) (models.Use
 	if err != nil {
 		return user, err
 	}
-
 	return user, nil
 }
 
 // GetUserByID to get user information from database using user ID
-func (p *provider) GetUserByID(ctx context.Context, id string) (models.User, error) {
-	user := models.User{}
+func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, error) {
+	var user *models.User
 	query := fmt.Sprintf("SELECT _id, email, email_verified_at, `password`, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, created_at, updated_at FROM %s.%s WHERE _id = $1 LIMIT 1", p.scopeName, models.Collections.User)
 	q, err := p.db.Query(query, &gocb.QueryOptions{
 		ScanConsistency:      gocb.QueryScanConsistencyRequestPlus,
@@ -139,7 +135,6 @@ func (p *provider) GetUserByID(ctx context.Context, id string) (models.User, err
 	if err != nil {
 		return user, err
 	}
-
 	return user, nil
 }
 
@@ -174,7 +169,6 @@ func (p *provider) UpdateUsers(ctx context.Context, data map[string]interface{},
 			return err
 		}
 	}
-
 	return nil
 }
 
@@ -194,6 +188,5 @@ func (p *provider) GetUserByPhoneNumber(ctx context.Context, phoneNumber string)
 	if err != nil {
 		return user, err
 	}
-
 	return user, nil
 }

server/db/providers/couchbase/verification_requests.go

@@ -13,11 +13,10 @@ import (
 )
 
 // AddVerification to save verification request in database
-func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
+func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest *models.VerificationRequest) (*models.VerificationRequest, error) {
 	if verificationRequest.ID == "" {
 		verificationRequest.ID = uuid.New().String()
 	}
-
 	verificationRequest.Key = verificationRequest.ID
 	verificationRequest.CreatedAt = time.Now().Unix()
 	verificationRequest.UpdatedAt = time.Now().Unix()
@@ -28,13 +27,12 @@ func (p *provider) AddVerificationRequest(ctx context.Context, verificationReque
 	if err != nil {
 		return verificationRequest, err
 	}
-
 	return verificationRequest, nil
 }
 
 // GetVerificationRequestByToken to get verification request from database using token
-func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (models.VerificationRequest, error) {
-	verificationRequest := models.VerificationRequest{}
+func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (*models.VerificationRequest, error) {
+	var verificationRequest *models.VerificationRequest
 	params := make(map[string]interface{}, 1)
 	params["token"] = token
 	query := fmt.Sprintf("SELECT _id, token, identifier, expires_at, email, nonce, redirect_uri, created_at, updated_at FROM %s.%s WHERE token=$1 LIMIT 1", p.scopeName, models.Collections.VerificationRequest)
@@ -57,7 +55,7 @@ func (p *provider) GetVerificationRequestByToken(ctx context.Context, token stri
 }
 
 // GetVerificationRequestByEmail to get verification request by email from database
-func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (models.VerificationRequest, error) {
+func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (*models.VerificationRequest, error) {
 
 	query := fmt.Sprintf("SELECT _id, identifier, token, expires_at, email, nonce, redirect_uri, created_at, updated_at FROM %s.%s WHERE email=$1 AND identifier=$2 LIMIT 1", p.scopeName, models.Collections.VerificationRequest)
 	queryResult, err := p.db.Query(query, &gocb.QueryOptions{
@@ -65,14 +63,11 @@ func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email stri
 		PositionalParameters: []interface{}{email, identifier},
 		ScanConsistency:      gocb.QueryScanConsistencyRequestPlus,
 	})
-	verificationRequest := models.VerificationRequest{}
-
 	if err != nil {
-		return verificationRequest, err
+		return nil, err
 	}
-
+	var verificationRequest *models.VerificationRequest
 	err = queryResult.One(&verificationRequest)
-
 	if err != nil {
 		return verificationRequest, err
 	}
@@ -80,7 +75,7 @@ func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email stri
 }
 
 // ListVerificationRequests to get list of verification requests from database
-func (p *provider) ListVerificationRequests(ctx context.Context, pagination model.Pagination) (*model.VerificationRequests, error) {
+func (p *provider) ListVerificationRequests(ctx context.Context, pagination *model.Pagination) (*model.VerificationRequests, error) {
 	var verificationRequests []*model.VerificationRequest
 	paginationClone := pagination
 	total, err := p.GetTotalDocs(ctx, models.Collections.VerificationRequest)
@@ -111,12 +106,12 @@ func (p *provider) ListVerificationRequests(ctx context.Context, pagination mode
 	}
 	return &model.VerificationRequests{
 		VerificationRequests: verificationRequests,
-		Pagination:           &paginationClone,
+		Pagination:           paginationClone,
 	}, nil
 }
 
 // DeleteVerificationRequest to delete verification request from database
-func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) error {
+func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest *models.VerificationRequest) error {
 	removeOpt := gocb.RemoveOptions{
 		Context: ctx,
 	}

server/db/providers/couchbase/webhook.go

@@ -15,7 +15,7 @@ import (
 )
 
 // AddWebhook to add webhook
-func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+func (p *provider) AddWebhook(ctx context.Context, webhook *models.Webhook) (*model.Webhook, error) {
 	if webhook.ID == "" {
 		webhook.ID = uuid.New().String()
 	}
@@ -35,7 +35,7 @@ func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*mod
 }
 
 // UpdateWebhook to update webhook
-func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+func (p *provider) UpdateWebhook(ctx context.Context, webhook *models.Webhook) (*model.Webhook, error) {
 	webhook.UpdatedAt = time.Now().Unix()
 	// Event is changed
 	if !strings.Contains(webhook.EventName, "-") {
@@ -68,7 +68,7 @@ func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*
 }
 
 // ListWebhooks to list webhook
-func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination) (*model.Webhooks, error) {
+func (p *provider) ListWebhook(ctx context.Context, pagination *model.Pagination) (*model.Webhooks, error) {
 	webhooks := []*model.Webhook{}
 	paginationClone := pagination
 	params := make(map[string]interface{}, 1)
@@ -100,14 +100,14 @@ func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination)
 		return nil, err
 	}
 	return &model.Webhooks{
-		Pagination: &paginationClone,
+		Pagination: paginationClone,
 		Webhooks:   webhooks,
 	}, nil
 }
 
 // GetWebhookByID to get webhook by id
 func (p *provider) GetWebhookByID(ctx context.Context, webhookID string) (*model.Webhook, error) {
-	var webhook models.Webhook
+	var webhook *models.Webhook
 	params := make(map[string]interface{}, 1)
 	params["_id"] = webhookID
 	query := fmt.Sprintf(`SELECT _id, event_description, event_name, endpoint, headers, enabled, created_at, updated_at FROM %s.%s WHERE _id=$_id LIMIT 1`, p.scopeName, models.Collections.Webhook)
@@ -141,7 +141,7 @@ func (p *provider) GetWebhookByEventName(ctx context.Context, eventName string)
 	}
 	webhooks := []*model.Webhook{}
 	for queryResult.Next() {
-		var webhook models.Webhook
+		var webhook *models.Webhook
 		err := queryResult.Row(&webhook)
 		if err != nil {
 			log.Fatal(err)
@@ -162,11 +162,9 @@ func (p *provider) DeleteWebhook(ctx context.Context, webhook *model.Webhook) er
 		Context: ctx,
 	}
 	_, err := p.db.Collection(models.Collections.Webhook).Remove(webhook.ID, &removeOpt)
-
 	if err != nil {
 		return err
 	}
-
 	query := fmt.Sprintf(`DELETE FROM %s.%s WHERE webhook_id=$webhook_id`, p.scopeName, models.Collections.WebhookLog)
 	_, err = p.db.Query(query, &gocb.QueryOptions{
 		Context:         ctx,
@@ -176,6 +174,5 @@ func (p *provider) DeleteWebhook(ctx context.Context, webhook *model.Webhook) er
 	if err != nil {
 		return err
 	}
-
 	return nil
 }

server/db/providers/couchbase/webhook_log.go

@@ -13,15 +13,13 @@ import (
 )
 
 // AddWebhookLog to add webhook log
-func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookLog) (*model.WebhookLog, error) {
+func (p *provider) AddWebhookLog(ctx context.Context, webhookLog *models.WebhookLog) (*model.WebhookLog, error) {
 	if webhookLog.ID == "" {
 		webhookLog.ID = uuid.New().String()
 	}
-
 	webhookLog.Key = webhookLog.ID
 	webhookLog.CreatedAt = time.Now().Unix()
 	webhookLog.UpdatedAt = time.Now().Unix()
-
 	insertOpt := gocb.InsertOptions{
 		Context: ctx,
 	}
@@ -29,19 +27,16 @@ func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookL
 	if err != nil {
 		return webhookLog.AsAPIWebhookLog(), err
 	}
-
 	return webhookLog.AsAPIWebhookLog(), nil
 }
 
 // ListWebhookLogs to list webhook logs
-func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Pagination, webhookID string) (*model.WebhookLogs, error) {
+func (p *provider) ListWebhookLogs(ctx context.Context, pagination *model.Pagination, webhookID string) (*model.WebhookLogs, error) {
 	var query string
 	var err error
-
 	webhookLogs := []*model.WebhookLog{}
 	params := make(map[string]interface{}, 1)
 	paginationClone := pagination
-
 	params["webhookID"] = webhookID
 	params["offset"] = paginationClone.Offset
 	params["limit"] = paginationClone.Limit
@@ -55,13 +50,11 @@ func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Paginat
 	} else {
 		query = fmt.Sprintf("SELECT _id, http_status, response, request, webhook_id, created_at, updated_at FROM %s.%s OFFSET $offset LIMIT $limit", p.scopeName, models.Collections.WebhookLog)
 	}
-
 	queryResult, err := p.db.Query(query, &gocb.QueryOptions{
 		Context:         ctx,
 		ScanConsistency: gocb.QueryScanConsistencyRequestPlus,
 		NamedParameters: params,
 	})
-
 	if err != nil {
 		return nil, err
 	}
@@ -73,13 +66,12 @@ func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Paginat
 		}
 		webhookLogs = append(webhookLogs, webhookLog.AsAPIWebhookLog())
 	}
-
 	if err := queryResult.Err(); err != nil {
 		return nil, err
 
 	}
 	return &model.WebhookLogs{
-		Pagination:  &paginationClone,
+		Pagination:  paginationClone,
 		WebhookLogs: webhookLogs,
 	}, nil
 }

server/db/providers/dynamodb/email_template.go

@@ -12,7 +12,7 @@ import (
 )
 
 // AddEmailTemplate to add EmailTemplate
-func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate *models.EmailTemplate) (*model.EmailTemplate, error) {
 	collection := p.db.Table(models.Collections.EmailTemplate)
 	if emailTemplate.ID == "" {
 		emailTemplate.ID = uuid.New().String()
@@ -31,7 +31,7 @@ func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.Em
 }
 
 // UpdateEmailTemplate to update EmailTemplate
-func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate *models.EmailTemplate) (*model.EmailTemplate, error) {
 	collection := p.db.Table(models.Collections.EmailTemplate)
 	emailTemplate.UpdatedAt = time.Now().Unix()
 	err := UpdateByHashKey(collection, "id", emailTemplate.ID, emailTemplate)
@@ -42,23 +42,19 @@ func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate models
 }
 
 // ListEmailTemplates to list EmailTemplate
-func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagination) (*model.EmailTemplates, error) {
-
-	var emailTemplate models.EmailTemplate
+func (p *provider) ListEmailTemplate(ctx context.Context, pagination *model.Pagination) (*model.EmailTemplates, error) {
+	var emailTemplate *models.EmailTemplate
 	var iter dynamo.PagingIter
 	var lastEval dynamo.PagingKey
 	var iteration int64 = 0
-
 	collection := p.db.Table(models.Collections.EmailTemplate)
 	emailTemplates := []*model.EmailTemplate{}
 	paginationClone := pagination
 	scanner := collection.Scan()
 	count, err := scanner.Count()
-
 	if err != nil {
 		return nil, err
 	}
-
 	for (paginationClone.Offset + paginationClone.Limit) > iteration {
 		iter = scanner.StartFrom(lastEval).Limit(paginationClone.Limit).Iter()
 		for iter.NextWithContext(ctx, &emailTemplate) {
@@ -69,11 +65,9 @@ func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagin
 		lastEval = iter.LastEvaluatedKey()
 		iteration += paginationClone.Limit
 	}
-
 	paginationClone.Total = count
-
 	return &model.EmailTemplates{
-		Pagination:     &paginationClone,
+		Pagination:     paginationClone,
 		EmailTemplates: emailTemplates,
 	}, nil
 }
@@ -81,7 +75,7 @@ func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagin
 // GetEmailTemplateByID to get EmailTemplate by id
 func (p *provider) GetEmailTemplateByID(ctx context.Context, emailTemplateID string) (*model.EmailTemplate, error) {
 	collection := p.db.Table(models.Collections.EmailTemplate)
-	var emailTemplate models.EmailTemplate
+	var emailTemplate *models.EmailTemplate
 	err := collection.Get("id", emailTemplateID).OneWithContext(ctx, &emailTemplate)
 	if err != nil {
 		return nil, err
@@ -92,9 +86,8 @@ func (p *provider) GetEmailTemplateByID(ctx context.Context, emailTemplateID str
 // GetEmailTemplateByEventName to get EmailTemplate by event_name
 func (p *provider) GetEmailTemplateByEventName(ctx context.Context, eventName string) (*model.EmailTemplate, error) {
 	collection := p.db.Table(models.Collections.EmailTemplate)
-	var emailTemplates []models.EmailTemplate
-	var emailTemplate models.EmailTemplate
-
+	var emailTemplates []*models.EmailTemplate
+	var emailTemplate *models.EmailTemplate
 	err := collection.Scan().Index("event_name").Filter("'event_name' = ?", eventName).Limit(1).AllWithContext(ctx, &emailTemplates)
 	if err != nil {
 		return nil, err
@@ -112,7 +105,6 @@ func (p *provider) GetEmailTemplateByEventName(ctx context.Context, eventName st
 func (p *provider) DeleteEmailTemplate(ctx context.Context, emailTemplate *model.EmailTemplate) error {
 	collection := p.db.Table(models.Collections.EmailTemplate)
 	err := collection.Delete("id", emailTemplate.ID).RunWithContext(ctx)
-
 	if err != nil {
 		return err
 	}

server/db/providers/dynamodb/env.go

@@ -11,34 +11,26 @@ import (
 )
 
 // AddEnv to save environment information in database
-func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, error) {
+func (p *provider) AddEnv(ctx context.Context, env *models.Env) (*models.Env, error) {
 	collection := p.db.Table(models.Collections.Env)
-
 	if env.ID == "" {
 		env.ID = uuid.New().String()
 	}
-
 	env.Key = env.ID
-
 	env.CreatedAt = time.Now().Unix()
 	env.UpdatedAt = time.Now().Unix()
-
 	err := collection.Put(env).RunWithContext(ctx)
-
 	if err != nil {
 		return env, err
 	}
-
 	return env, nil
 }
 
 // UpdateEnv to update environment information in database
-func (p *provider) UpdateEnv(ctx context.Context, env models.Env) (models.Env, error) {
+func (p *provider) UpdateEnv(ctx context.Context, env *models.Env) (*models.Env, error) {
 	collection := p.db.Table(models.Collections.Env)
 	env.UpdatedAt = time.Now().Unix()
-
 	err := UpdateByHashKey(collection, "id", env.ID, env)
-
 	if err != nil {
 		return env, err
 	}
@@ -46,26 +38,21 @@ func (p *provider) UpdateEnv(ctx context.Context, env models.Env) (models.Env, e
 }
 
 // GetEnv to get environment information from database
-func (p *provider) GetEnv(ctx context.Context) (models.Env, error) {
-	var env models.Env
-
+func (p *provider) GetEnv(ctx context.Context) (*models.Env, error) {
+	var env *models.Env
 	collection := p.db.Table(models.Collections.Env)
 	// As there is no Findone supported.
 	iter := collection.Scan().Limit(1).Iter()
-
 	for iter.NextWithContext(ctx, &env) {
-		if env.ID == "" {
+		if env == nil {
 			return env, errors.New("no documets found")
 		} else {
 			return env, nil
 		}
 	}
-
 	err := iter.Err()
-
 	if err != nil {
 		return env, fmt.Errorf("config not found")
 	}
-
 	return env, nil
 }

server/db/providers/dynamodb/otp.go

@@ -11,7 +11,20 @@ import (
 
 // UpsertOTP to add or update otp
 func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models.OTP, error) {
-	otp, _ := p.GetOTPByEmail(ctx, otpParam.Email)
+	// check if email or phone number is present
+	if otpParam.Email == "" && otpParam.PhoneNumber == "" {
+		return nil, errors.New("email or phone_number is required")
+	}
+	uniqueField := models.FieldNameEmail
+	if otpParam.Email == "" && otpParam.PhoneNumber != "" {
+		uniqueField = models.FieldNamePhoneNumber
+	}
+	var otp *models.OTP
+	if uniqueField == models.FieldNameEmail {
+		otp, _ = p.GetOTPByEmail(ctx, otpParam.Email)
+	} else {
+		otp, _ = p.GetOTPByPhoneNumber(ctx, otpParam.PhoneNumber)
+	}
 	shouldCreate := false
 	if otp == nil {
 		id := uuid.NewString()
@@ -20,6 +33,7 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
 			Key:         id,
 			Otp:         otpParam.Otp,
 			Email:       otpParam.Email,
+			PhoneNumber: otpParam.PhoneNumber,
 			ExpiresAt:   otpParam.ExpiresAt,
 			CreatedAt:   time.Now().Unix(),
 		}
@@ -28,10 +42,8 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
 		otp.Otp = otpParam.Otp
 		otp.ExpiresAt = otpParam.ExpiresAt
 	}
-
 	collection := p.db.Table(models.Collections.OTP)
 	otp.UpdatedAt = time.Now().Unix()
-
 	var err error
 	if shouldCreate {
 		err = collection.Put(otp).RunWithContext(ctx)
@@ -41,7 +53,6 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
 	if err != nil {
 		return nil, err
 	}
-
 	return otp, nil
 }
 
@@ -49,32 +60,42 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
 func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*models.OTP, error) {
 	var otps []models.OTP
 	var otp models.OTP
-
 	collection := p.db.Table(models.Collections.OTP)
-
 	err := collection.Scan().Index("email").Filter("'email' = ?", emailAddress).Limit(1).AllWithContext(ctx, &otps)
-
 	if err != nil {
 		return nil, err
 	}
 	if len(otps) > 0 {
 		otp = otps[0]
 		return &otp, nil
-	} else {
-		return nil, errors.New("no docuemnt found")
 	}
+	return nil, errors.New("no docuemnt found")
+}
+
+// GetOTPByPhoneNumber to get otp for a given phone number
+func (p *provider) GetOTPByPhoneNumber(ctx context.Context, phoneNumber string) (*models.OTP, error) {
+	var otps []models.OTP
+	var otp models.OTP
+	collection := p.db.Table(models.Collections.OTP)
+	err := collection.Scan().Filter("'phone_number' = ?", phoneNumber).Limit(1).AllWithContext(ctx, &otps)
+	if err != nil {
+		return nil, err
+	}
+	if len(otps) > 0 {
+		otp = otps[0]
+		return &otp, nil
+	}
+	return nil, errors.New("no docuemnt found")
 }
 
 // DeleteOTP to delete otp
 func (p *provider) DeleteOTP(ctx context.Context, otp *models.OTP) error {
 	collection := p.db.Table(models.Collections.OTP)
-
 	if otp.ID != "" {
 		err := collection.Delete("id", otp.ID).RunWithContext(ctx)
 		if err != nil {
 			return err
 		}
 	}
-
 	return nil
 }

server/db/providers/dynamodb/provider.go

@@ -31,21 +31,19 @@ func NewProvider() (*provider, error) {
 	if awsRegion != "" {
 		config.Region = aws.String(awsRegion)
 	}
-
 	// custom awsAccessKeyID, awsSecretAccessKey took first priority, if not then fetch config from aws credentials
 	if awsAccessKeyID != "" && awsSecretAccessKey != "" {
 		config.Credentials = credentials.NewStaticCredentials(awsAccessKeyID, awsSecretAccessKey, "")
 	} else if dbURL != "" {
+		log.Debug("Tring to use database url for dynamodb")
 		// static config in case of testing or local-setup
 		config.Credentials = credentials.NewStaticCredentials("key", "key", "")
 		config.Endpoint = aws.String(dbURL)
 	} else {
 		log.Debugf("%s or %s or %s not found. Trying to load default credentials from aws config", constants.EnvAwsRegion, constants.EnvAwsAccessKeyID, constants.EnvAwsSecretAccessKey)
 	}
-
 	session := session.Must(session.NewSession(&config))
 	db := dynamo.New(session)
-
 	db.CreateTable(models.Collections.User, models.User{}).Wait()
 	db.CreateTable(models.Collections.Session, models.Session{}).Wait()
 	db.CreateTable(models.Collections.EmailTemplate, models.EmailTemplate{}).Wait()
@@ -54,7 +52,6 @@ func NewProvider() (*provider, error) {
 	db.CreateTable(models.Collections.VerificationRequest, models.VerificationRequest{}).Wait()
 	db.CreateTable(models.Collections.Webhook, models.Webhook{}).Wait()
 	db.CreateTable(models.Collections.WebhookLog, models.WebhookLog{}).Wait()
-
 	return &provider{
 		db: db,
 	}, nil

server/db/providers/dynamodb/session.go

@@ -9,13 +9,11 @@ import (
 )
 
 // AddSession to save session information in database
-func (p *provider) AddSession(ctx context.Context, session models.Session) error {
+func (p *provider) AddSession(ctx context.Context, session *models.Session) error {
 	collection := p.db.Table(models.Collections.Session)
-
 	if session.ID == "" {
 		session.ID = uuid.New().String()
 	}
-
 	session.CreatedAt = time.Now().Unix()
 	session.UpdatedAt = time.Now().Unix()
 	err := collection.Put(session).RunWithContext(ctx)

server/db/providers/dynamodb/shared.go

@@ -9,16 +9,13 @@ import (
 func UpdateByHashKey(table dynamo.Table, hashKey string, hashValue string, item interface{}) error {
 	existingValue, err := dynamo.MarshalItem(item)
 	var i interface{}
-
 	if err != nil {
 		return err
 	}
-
 	nullableValue, err := dynamodbattribute.MarshalMap(item)
 	if err != nil {
 		return err
 	}
-
 	u := table.Update(hashKey, hashValue)
 	for k, v := range existingValue {
 		if k == hashKey {
@@ -26,7 +23,6 @@ func UpdateByHashKey(table dynamo.Table, hashKey string, hashValue string, item
 		}
 		u = u.Set(k, v)
 	}
-
 	for k, v := range nullableValue {
 		if k == hashKey {
 			continue
@@ -36,11 +32,9 @@ func UpdateByHashKey(table dynamo.Table, hashKey string, hashValue string, item
 			u = u.SetNullable(k, v)
 		}
 	}
-
 	err = u.Run()
 	if err != nil {
 		return err
 	}
-
 	return nil
 }

server/db/providers/dynamodb/user.go

@@ -18,13 +18,11 @@ import (
 )
 
 // AddUser to save user information in database
-func (p *provider) AddUser(ctx context.Context, user models.User) (models.User, error) {
+func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User, error) {
 	collection := p.db.Table(models.Collections.User)
-
 	if user.ID == "" {
 		user.ID = uuid.New().String()
 	}
-
 	if user.Roles == "" {
 		defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
 		if err != nil {
@@ -32,18 +30,14 @@ func (p *provider) AddUser(ctx context.Context, user models.User) (models.User,
 		}
 		user.Roles = defaultRoles
 	}
-
 	if user.PhoneNumber != nil && strings.TrimSpace(refs.StringValue(user.PhoneNumber)) != "" {
 		if u, _ := p.GetUserByPhoneNumber(ctx, refs.StringValue(user.PhoneNumber)); u != nil {
 			return user, fmt.Errorf("user with given phone number already exists")
 		}
 	}
-
 	user.CreatedAt = time.Now().Unix()
 	user.UpdatedAt = time.Now().Unix()
-
 	err := collection.Put(user).RunWithContext(ctx)
-
 	if err != nil {
 		return user, err
 	}
@@ -51,18 +45,14 @@ func (p *provider) AddUser(ctx context.Context, user models.User) (models.User,
 }
 
 // UpdateUser to update user information in database
-func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.User, error) {
+func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.User, error) {
 	collection := p.db.Table(models.Collections.User)
-
 	if user.ID != "" {
-
 		user.UpdatedAt = time.Now().Unix()
-
 		err := UpdateByHashKey(collection, "id", user.ID, user)
 		if err != nil {
 			return user, err
 		}
-
 		if err != nil {
 			return user, err
 		}
@@ -72,18 +62,15 @@ func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.Use
 }
 
 // DeleteUser to delete user information from database
-func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
+func (p *provider) DeleteUser(ctx context.Context, user *models.User) error {
 	collection := p.db.Table(models.Collections.User)
 	sessionCollection := p.db.Table(models.Collections.Session)
-
 	if user.ID != "" {
 		err := collection.Delete("id", user.ID).Run()
 		if err != nil {
 			return err
 		}
-
 		_, err = sessionCollection.Batch("id").Write().Delete(dynamo.Keys{"user_id", user.ID}).RunWithContext(ctx)
-
 		if err != nil {
 			return err
 		}
@@ -92,23 +79,19 @@ func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
 }
 
 // ListUsers to get list of users from database
-func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (*model.Users, error) {
-	var user models.User
+func (p *provider) ListUsers(ctx context.Context, pagination *model.Pagination) (*model.Users, error) {
+	var user *models.User
 	var lastEval dynamo.PagingKey
 	var iter dynamo.PagingIter
 	var iteration int64 = 0
-
 	collection := p.db.Table(models.Collections.User)
 	users := []*model.User{}
-
 	paginationClone := pagination
 	scanner := collection.Scan()
 	count, err := scanner.Count()
-
 	if err != nil {
 		return nil, err
 	}
-
 	for (paginationClone.Offset + paginationClone.Limit) > iteration {
 		iter = scanner.StartFrom(lastEval).Limit(paginationClone.Limit).Iter()
 		for iter.NextWithContext(ctx, &user) {
@@ -119,48 +102,39 @@ func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (
 		lastEval = iter.LastEvaluatedKey()
 		iteration += paginationClone.Limit
 	}
-
 	err = iter.Err()
-
 	if err != nil {
 		return nil, err
 	}
-
 	paginationClone.Total = count
-
 	return &model.Users{
-		Pagination: &paginationClone,
+		Pagination: paginationClone,
 		Users:      users,
 	}, nil
 }
 
 // GetUserByEmail to get user information from database using email address
-func (p *provider) GetUserByEmail(ctx context.Context, email string) (models.User, error) {
-	var users []models.User
-	var user models.User
-
+func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.User, error) {
+	var users []*models.User
+	var user *models.User
 	collection := p.db.Table(models.Collections.User)
 	err := collection.Scan().Index("email").Filter("'email' = ?", email).AllWithContext(ctx, &users)
-
 	if err != nil {
 		return user, nil
 	}
-
 	if len(users) > 0 {
 		user = users[0]
 		return user, nil
 	} else {
 		return user, errors.New("no record found")
 	}
-
 }
 
 // GetUserByID to get user information from database using user ID
-func (p *provider) GetUserByID(ctx context.Context, id string) (models.User, error) {
+func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, error) {
 	collection := p.db.Table(models.Collections.User)
-	var user models.User
+	var user *models.User
 	err := collection.Get("id", id).OneWithContext(ctx, &user)
-
 	if err != nil {
 		if user.Email == "" {
 			return user, errors.New("no documets found")
@@ -186,7 +160,6 @@ func (p *provider) UpdateUsers(ctx context.Context, data map[string]interface{},
 	} else {
 		// as there is no facility to update all doc - https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/SQLtoNoSQL.UpdateData.html
 		userCollection.Scan().All(&allUsers)
-
 		for _, user := range allUsers {
 			err = UpdateByHashKey(userCollection, "id", user.ID, data)
 			if err == nil {
@@ -194,7 +167,6 @@ func (p *provider) UpdateUsers(ctx context.Context, data map[string]interface{},
 			}
 		}
 	}
-
 	if err != nil {
 		return err
 	} else {
@@ -205,19 +177,16 @@ func (p *provider) UpdateUsers(ctx context.Context, data map[string]interface{},
 
 // GetUserByPhoneNumber to get user information from database using phone number
 func (p *provider) GetUserByPhoneNumber(ctx context.Context, phoneNumber string) (*models.User, error) {
-	var users []models.User
-	var user models.User
-
+	var users []*models.User
+	var user *models.User
 	collection := p.db.Table(models.Collections.User)
 	err := collection.Scan().Filter("'phone_number' = ?", phoneNumber).AllWithContext(ctx, &users)
-
 	if err != nil {
 		return nil, err
 	}
-
 	if len(users) > 0 {
 		user = users[0]
-		return &user, nil
+		return user, nil
 	} else {
 		return nil, errors.New("no record found")
 	}

server/db/providers/dynamodb/verification_requests.go

@@ -11,9 +11,8 @@ import (
 )
 
 // AddVerification to save verification request in database
-func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
+func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest *models.VerificationRequest) (*models.VerificationRequest, error) {
 	collection := p.db.Table(models.Collections.VerificationRequest)
-
 	if verificationRequest.ID == "" {
 		verificationRequest.ID = uuid.New().String()
 		verificationRequest.CreatedAt = time.Now().Unix()
@@ -23,20 +22,17 @@ func (p *provider) AddVerificationRequest(ctx context.Context, verificationReque
 			return verificationRequest, err
 		}
 	}
-
 	return verificationRequest, nil
 }
 
 // GetVerificationRequestByToken to get verification request from database using token
-func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (models.VerificationRequest, error) {
+func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (*models.VerificationRequest, error) {
 	collection := p.db.Table(models.Collections.VerificationRequest)
-	var verificationRequest models.VerificationRequest
-
+	var verificationRequest *models.VerificationRequest
 	iter := collection.Scan().Filter("'token' = ?", token).Iter()
 	for iter.NextWithContext(ctx, &verificationRequest) {
 		return verificationRequest, nil
 	}
-
 	err := iter.Err()
 	if err != nil {
 		return verificationRequest, err
@@ -45,14 +41,13 @@ func (p *provider) GetVerificationRequestByToken(ctx context.Context, token stri
 }
 
 // GetVerificationRequestByEmail to get verification request by email from database
-func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (models.VerificationRequest, error) {
-	var verificationRequest models.VerificationRequest
+func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (*models.VerificationRequest, error) {
+	var verificationRequest *models.VerificationRequest
 	collection := p.db.Table(models.Collections.VerificationRequest)
 	iter := collection.Scan().Filter("'email' = ?", email).Filter("'identifier' = ?", identifier).Iter()
 	for iter.NextWithContext(ctx, &verificationRequest) {
 		return verificationRequest, nil
 	}
-
 	err := iter.Err()
 	if err != nil {
 		return verificationRequest, err
@@ -61,23 +56,19 @@ func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email stri
 }
 
 // ListVerificationRequests to get list of verification requests from database
-func (p *provider) ListVerificationRequests(ctx context.Context, pagination model.Pagination) (*model.VerificationRequests, error) {
+func (p *provider) ListVerificationRequests(ctx context.Context, pagination *model.Pagination) (*model.VerificationRequests, error) {
 	verificationRequests := []*model.VerificationRequest{}
-	var verificationRequest models.VerificationRequest
+	var verificationRequest *models.VerificationRequest
 	var lastEval dynamo.PagingKey
 	var iter dynamo.PagingIter
 	var iteration int64 = 0
-
 	collection := p.db.Table(models.Collections.VerificationRequest)
 	paginationClone := pagination
-
 	scanner := collection.Scan()
 	count, err := scanner.Count()
-
 	if err != nil {
 		return nil, err
 	}
-
 	for (paginationClone.Offset + paginationClone.Limit) > iteration {
 		iter = scanner.StartFrom(lastEval).Limit(paginationClone.Limit).Iter()
 		for iter.NextWithContext(ctx, &verificationRequest) {
@@ -92,20 +83,17 @@ func (p *provider) ListVerificationRequests(ctx context.Context, pagination mode
 		lastEval = iter.LastEvaluatedKey()
 		iteration += paginationClone.Limit
 	}
-
 	paginationClone.Total = count
-
 	return &model.VerificationRequests{
 		VerificationRequests: verificationRequests,
-		Pagination:           &paginationClone,
+		Pagination:           paginationClone,
 	}, nil
 }
 
 // DeleteVerificationRequest to delete verification request from database
-func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) error {
+func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest *models.VerificationRequest) error {
 	collection := p.db.Table(models.Collections.VerificationRequest)
-
-	if verificationRequest.ID != "" {
+	if verificationRequest != nil {
 		err := collection.Delete("id", verificationRequest.ID).RunWithContext(ctx)
 
 		if err != nil {

server/db/providers/dynamodb/webhook.go

@@ -15,7 +15,7 @@ import (
 )
 
 // AddWebhook to add webhook
-func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+func (p *provider) AddWebhook(ctx context.Context, webhook *models.Webhook) (*model.Webhook, error) {
 	collection := p.db.Table(models.Collections.Webhook)
 	if webhook.ID == "" {
 		webhook.ID = uuid.New().String()
@@ -33,7 +33,7 @@ func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*mod
 }
 
 // UpdateWebhook to update webhook
-func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+func (p *provider) UpdateWebhook(ctx context.Context, webhook *models.Webhook) (*model.Webhook, error) {
 	webhook.UpdatedAt = time.Now().Unix()
 	// Event is changed
 	if !strings.Contains(webhook.EventName, "-") {
@@ -48,9 +48,9 @@ func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*
 }
 
 // ListWebhooks to list webhook
-func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination) (*model.Webhooks, error) {
+func (p *provider) ListWebhook(ctx context.Context, pagination *model.Pagination) (*model.Webhooks, error) {
 	webhooks := []*model.Webhook{}
-	var webhook models.Webhook
+	var webhook *models.Webhook
 	var lastEval dynamo.PagingKey
 	var iter dynamo.PagingIter
 	var iteration int64 = 0
@@ -77,7 +77,7 @@ func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination)
 	}
 	paginationClone.Total = count
 	return &model.Webhooks{
-		Pagination: &paginationClone,
+		Pagination: paginationClone,
 		Webhooks:   webhooks,
 	}, nil
 }
@@ -85,7 +85,7 @@ func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination)
 // GetWebhookByID to get webhook by id
 func (p *provider) GetWebhookByID(ctx context.Context, webhookID string) (*model.Webhook, error) {
 	collection := p.db.Table(models.Collections.Webhook)
-	var webhook models.Webhook
+	var webhook *models.Webhook
 	err := collection.Get("id", webhookID).OneWithContext(ctx, &webhook)
 	if err != nil {
 		return nil, err
@@ -114,14 +114,14 @@ func (p *provider) GetWebhookByEventName(ctx context.Context, eventName string)
 // DeleteWebhook to delete webhook
 func (p *provider) DeleteWebhook(ctx context.Context, webhook *model.Webhook) error {
 	// Also delete webhook logs for given webhook id
-	if webhook.ID != "" {
+	if webhook != nil {
 		webhookCollection := p.db.Table(models.Collections.Webhook)
-		pagination := model.Pagination{}
 		webhookLogCollection := p.db.Table(models.Collections.WebhookLog)
 		err := webhookCollection.Delete("id", webhook.ID).RunWithContext(ctx)
 		if err != nil {
 			return err
 		}
+		pagination := &model.Pagination{}
 		webhookLogs, errIs := p.ListWebhookLogs(ctx, pagination, webhook.ID)
 		for _, webhookLog := range webhookLogs.WebhookLogs {
 			err = webhookLogCollection.Delete("id", webhookLog.ID).RunWithContext(ctx)

server/db/providers/dynamodb/webhook_log.go

@@ -11,18 +11,15 @@ import (
 )
 
 // AddWebhookLog to add webhook log
-func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookLog) (*model.WebhookLog, error) {
+func (p *provider) AddWebhookLog(ctx context.Context, webhookLog *models.WebhookLog) (*model.WebhookLog, error) {
 	collection := p.db.Table(models.Collections.WebhookLog)
-
 	if webhookLog.ID == "" {
 		webhookLog.ID = uuid.New().String()
 	}
-
 	webhookLog.Key = webhookLog.ID
 	webhookLog.CreatedAt = time.Now().Unix()
 	webhookLog.UpdatedAt = time.Now().Unix()
 	err := collection.Put(webhookLog).RunWithContext(ctx)
-
 	if err != nil {
 		return nil, err
 	}
@@ -30,9 +27,9 @@ func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookL
 }
 
 // ListWebhookLogs to list webhook logs
-func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Pagination, webhookID string) (*model.WebhookLogs, error) {
+func (p *provider) ListWebhookLogs(ctx context.Context, pagination *model.Pagination, webhookID string) (*model.WebhookLogs, error) {
 	webhookLogs := []*model.WebhookLog{}
-	var webhookLog models.WebhookLog
+	var webhookLog *models.WebhookLog
 	var lastEval dynamo.PagingKey
 	var iter dynamo.PagingIter
 	var iteration int64 = 0
@@ -42,7 +39,6 @@ func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Paginat
 	collection := p.db.Table(models.Collections.WebhookLog)
 	paginationClone := pagination
 	scanner := collection.Scan()
-
 	if webhookID != "" {
 		iter = scanner.Index("webhook_id").Filter("'webhook_id' = ?", webhookID).Iter()
 		for iter.NextWithContext(ctx, &webhookLog) {
@@ -68,11 +64,10 @@ func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Paginat
 			iteration += paginationClone.Limit
 		}
 	}
-
 	paginationClone.Total = count
 	// paginationClone.Cursor = iter.LastEvaluatedKey()
 	return &model.WebhookLogs{
-		Pagination:  &paginationClone,
+		Pagination:  paginationClone,
 		WebhookLogs: webhookLogs,
 	}, nil
 }

server/db/providers/mongodb/email_template.go

@@ -12,15 +12,13 @@ import (
 )
 
 // AddEmailTemplate to add EmailTemplate
-func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate *models.EmailTemplate) (*model.EmailTemplate, error) {
 	if emailTemplate.ID == "" {
 		emailTemplate.ID = uuid.New().String()
 	}
-
 	emailTemplate.Key = emailTemplate.ID
 	emailTemplate.CreatedAt = time.Now().Unix()
 	emailTemplate.UpdatedAt = time.Now().Unix()
-
 	emailTemplateCollection := p.db.Collection(models.Collections.EmailTemplate, options.Collection())
 	_, err := emailTemplateCollection.InsertOne(ctx, emailTemplate)
 	if err != nil {
@@ -30,60 +28,52 @@ func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.Em
 }
 
 // UpdateEmailTemplate to update EmailTemplate
-func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate *models.EmailTemplate) (*model.EmailTemplate, error) {
 	emailTemplate.UpdatedAt = time.Now().Unix()
-
 	emailTemplateCollection := p.db.Collection(models.Collections.EmailTemplate, options.Collection())
 	_, err := emailTemplateCollection.UpdateOne(ctx, bson.M{"_id": bson.M{"$eq": emailTemplate.ID}}, bson.M{"$set": emailTemplate}, options.MergeUpdateOptions())
 	if err != nil {
 		return nil, err
 	}
-
 	return emailTemplate.AsAPIEmailTemplate(), nil
 }
 
 // ListEmailTemplates to list EmailTemplate
-func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagination) (*model.EmailTemplates, error) {
+func (p *provider) ListEmailTemplate(ctx context.Context, pagination *model.Pagination) (*model.EmailTemplates, error) {
 	var emailTemplates []*model.EmailTemplate
 	opts := options.Find()
 	opts.SetLimit(pagination.Limit)
 	opts.SetSkip(pagination.Offset)
 	opts.SetSort(bson.M{"created_at": -1})
-
 	paginationClone := pagination
-
 	emailTemplateCollection := p.db.Collection(models.Collections.EmailTemplate, options.Collection())
 	count, err := emailTemplateCollection.CountDocuments(ctx, bson.M{}, options.Count())
 	if err != nil {
 		return nil, err
 	}
-
 	paginationClone.Total = count
-
 	cursor, err := emailTemplateCollection.Find(ctx, bson.M{}, opts)
 	if err != nil {
 		return nil, err
 	}
 	defer cursor.Close(ctx)
-
 	for cursor.Next(ctx) {
-		var emailTemplate models.EmailTemplate
+		var emailTemplate *models.EmailTemplate
 		err := cursor.Decode(&emailTemplate)
 		if err != nil {
 			return nil, err
 		}
 		emailTemplates = append(emailTemplates, emailTemplate.AsAPIEmailTemplate())
 	}
-
 	return &model.EmailTemplates{
-		Pagination:     &paginationClone,
+		Pagination:     paginationClone,
 		EmailTemplates: emailTemplates,
 	}, nil
 }
 
 // GetEmailTemplateByID to get EmailTemplate by id
 func (p *provider) GetEmailTemplateByID(ctx context.Context, emailTemplateID string) (*model.EmailTemplate, error) {
-	var emailTemplate models.EmailTemplate
+	var emailTemplate *models.EmailTemplate
 	emailTemplateCollection := p.db.Collection(models.Collections.EmailTemplate, options.Collection())
 	err := emailTemplateCollection.FindOne(ctx, bson.M{"_id": emailTemplateID}).Decode(&emailTemplate)
 	if err != nil {
@@ -94,7 +84,7 @@ func (p *provider) GetEmailTemplateByID(ctx context.Context, emailTemplateID str
 
 // GetEmailTemplateByEventName to get EmailTemplate by event_name
 func (p *provider) GetEmailTemplateByEventName(ctx context.Context, eventName string) (*model.EmailTemplate, error) {
-	var emailTemplate models.EmailTemplate
+	var emailTemplate *models.EmailTemplate
 	emailTemplateCollection := p.db.Collection(models.Collections.EmailTemplate, options.Collection())
 	err := emailTemplateCollection.FindOne(ctx, bson.M{"event_name": eventName}).Decode(&emailTemplate)
 	if err != nil {
@@ -110,6 +100,5 @@ func (p *provider) DeleteEmailTemplate(ctx context.Context, emailTemplate *model
 	if err != nil {
 		return err
 	}
-
 	return nil
 }

server/db/providers/mongodb/env.go

@@ -12,11 +12,10 @@ import (
 )
 
 // AddEnv to save environment information in database
-func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, error) {
+func (p *provider) AddEnv(ctx context.Context, env *models.Env) (*models.Env, error) {
 	if env.ID == "" {
 		env.ID = uuid.New().String()
 	}
-
 	env.CreatedAt = time.Now().Unix()
 	env.UpdatedAt = time.Now().Unix()
 	env.Key = env.ID
@@ -29,7 +28,7 @@ func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, erro
 }
 
 // UpdateEnv to update environment information in database
-func (p *provider) UpdateEnv(ctx context.Context, env models.Env) (models.Env, error) {
+func (p *provider) UpdateEnv(ctx context.Context, env *models.Env) (*models.Env, error) {
 	env.UpdatedAt = time.Now().Unix()
 	configCollection := p.db.Collection(models.Collections.Env, options.Collection())
 	_, err := configCollection.UpdateOne(ctx, bson.M{"_id": bson.M{"$eq": env.ID}}, bson.M{"$set": env}, options.MergeUpdateOptions())
@@ -40,25 +39,22 @@ func (p *provider) UpdateEnv(ctx context.Context, env models.Env) (models.Env, e
 }
 
 // GetEnv to get environment information from database
-func (p *provider) GetEnv(ctx context.Context) (models.Env, error) {
-	var env models.Env
+func (p *provider) GetEnv(ctx context.Context) (*models.Env, error) {
+	var env *models.Env
 	configCollection := p.db.Collection(models.Collections.Env, options.Collection())
 	cursor, err := configCollection.Find(ctx, bson.M{}, options.Find())
 	if err != nil {
 		return env, err
 	}
 	defer cursor.Close(ctx)
-
 	for cursor.Next(nil) {
 		err := cursor.Decode(&env)
 		if err != nil {
 			return env, err
 		}
 	}
-
-	if env.ID == "" {
+	if env == nil {
 		return env, fmt.Errorf("config not found")
 	}
-
 	return env, nil
 }

server/db/providers/mongodb/otp.go

@@ -2,6 +2,7 @@ package mongodb
 
 import (
 	"context"
+	"errors"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -12,7 +13,20 @@ import (
 
 // UpsertOTP to add or update otp
 func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models.OTP, error) {
-	otp, _ := p.GetOTPByEmail(ctx, otpParam.Email)
+	// check if email or phone number is present
+	if otpParam.Email == "" && otpParam.PhoneNumber == "" {
+		return nil, errors.New("email or phone_number is required")
+	}
+	uniqueField := models.FieldNameEmail
+	if otpParam.Email == "" && otpParam.PhoneNumber != "" {
+		uniqueField = models.FieldNamePhoneNumber
+	}
+	var otp *models.OTP
+	if uniqueField == models.FieldNameEmail {
+		otp, _ = p.GetOTPByEmail(ctx, otpParam.Email)
+	} else {
+		otp, _ = p.GetOTPByPhoneNumber(ctx, otpParam.PhoneNumber)
+	}
 	shouldCreate := false
 	if otp == nil {
 		id := uuid.NewString()
@@ -21,6 +35,7 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
 			Key:         id,
 			Otp:         otpParam.Otp,
 			Email:       otpParam.Email,
+			PhoneNumber: otpParam.PhoneNumber,
 			ExpiresAt:   otpParam.ExpiresAt,
 			CreatedAt:   time.Now().Unix(),
 		}
@@ -41,20 +56,28 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
 	if err != nil {
 		return nil, err
 	}
-
 	return otp, nil
 }
 
 // GetOTPByEmail to get otp for a given email address
 func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*models.OTP, error) {
 	var otp models.OTP
-
 	otpCollection := p.db.Collection(models.Collections.OTP, options.Collection())
 	err := otpCollection.FindOne(ctx, bson.M{"email": emailAddress}).Decode(&otp)
 	if err != nil {
 		return nil, err
 	}
+	return &otp, nil
+}
 
+// GetOTPByPhoneNumber to get otp for a given phone number
+func (p *provider) GetOTPByPhoneNumber(ctx context.Context, phoneNumber string) (*models.OTP, error) {
+	var otp models.OTP
+	otpCollection := p.db.Collection(models.Collections.OTP, options.Collection())
+	err := otpCollection.FindOne(ctx, bson.M{"phone_number": phoneNumber}).Decode(&otp)
+	if err != nil {
+		return nil, err
+	}
 	return &otp, nil
 }
 

server/db/providers/mongodb/provider.go

@@ -118,6 +118,12 @@ func NewProvider() (*provider, error) {
 			Options: options.Index().SetUnique(true).SetSparse(true),
 		},
 	}, options.CreateIndexes())
+	otpCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{
+		{
+			Keys:    bson.M{"phone_number": 1},
+			Options: options.Index().SetUnique(true).SetSparse(true),
+		},
+	}, options.CreateIndexes())
 
 	return &provider{
 		db: mongodb,

server/db/providers/mongodb/session.go

@@ -10,7 +10,7 @@ import (
 )
 
 // AddSession to save session information in database
-func (p *provider) AddSession(ctx context.Context, session models.Session) error {
+func (p *provider) AddSession(ctx context.Context, session *models.Session) error {
 	if session.ID == "" {
 		session.ID = uuid.New().String()
 	}
@@ -25,3 +25,8 @@ func (p *provider) AddSession(ctx context.Context, session models.Session) error
 	}
 	return nil
 }
+
+// DeleteSession to delete session information from database
+func (p *provider) DeleteSession(ctx context.Context, userId string) error {
+	return nil
+}

server/db/providers/mongodb/user.go

@@ -16,11 +16,10 @@ import (
 )
 
 // AddUser to save user information in database
-func (p *provider) AddUser(ctx context.Context, user models.User) (models.User, error) {
+func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User, error) {
 	if user.ID == "" {
 		user.ID = uuid.New().String()
 	}
-
 	if user.Roles == "" {
 		defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
 		if err != nil {
@@ -36,12 +35,11 @@ func (p *provider) AddUser(ctx context.Context, user models.User) (models.User,
 	if err != nil {
 		return user, err
 	}
-
 	return user, nil
 }
 
 // UpdateUser to update user information in database
-func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.User, error) {
+func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.User, error) {
 	user.UpdatedAt = time.Now().Unix()
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
 	_, err := userCollection.UpdateOne(ctx, bson.M{"_id": bson.M{"$eq": user.ID}}, bson.M{"$set": user}, options.MergeUpdateOptions())
@@ -52,83 +50,72 @@ func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.Use
 }
 
 // DeleteUser to delete user information from database
-func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
+func (p *provider) DeleteUser(ctx context.Context, user *models.User) error {
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
 	_, err := userCollection.DeleteOne(ctx, bson.M{"_id": user.ID}, options.Delete())
 	if err != nil {
 		return err
 	}
-
 	sessionCollection := p.db.Collection(models.Collections.Session, options.Collection())
 	_, err = sessionCollection.DeleteMany(ctx, bson.M{"user_id": user.ID}, options.Delete())
 	if err != nil {
 		return err
 	}
-
 	return nil
 }
 
 // ListUsers to get list of users from database
-func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (*model.Users, error) {
+func (p *provider) ListUsers(ctx context.Context, pagination *model.Pagination) (*model.Users, error) {
 	var users []*model.User
 	opts := options.Find()
 	opts.SetLimit(pagination.Limit)
 	opts.SetSkip(pagination.Offset)
 	opts.SetSort(bson.M{"created_at": -1})
-
 	paginationClone := pagination
-
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
 	count, err := userCollection.CountDocuments(ctx, bson.M{}, options.Count())
 	if err != nil {
 		return nil, err
 	}
-
 	paginationClone.Total = count
-
 	cursor, err := userCollection.Find(ctx, bson.M{}, opts)
 	if err != nil {
 		return nil, err
 	}
 	defer cursor.Close(ctx)
-
 	for cursor.Next(ctx) {
-		var user models.User
+		var user *models.User
 		err := cursor.Decode(&user)
 		if err != nil {
 			return nil, err
 		}
 		users = append(users, user.AsAPIUser())
 	}
-
 	return &model.Users{
-		Pagination: &paginationClone,
+		Pagination: paginationClone,
 		Users:      users,
 	}, nil
 }
 
 // GetUserByEmail to get user information from database using email address
-func (p *provider) GetUserByEmail(ctx context.Context, email string) (models.User, error) {
-	var user models.User
+func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.User, error) {
+	var user *models.User
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
 	err := userCollection.FindOne(ctx, bson.M{"email": email}).Decode(&user)
 	if err != nil {
 		return user, err
 	}
-
 	return user, nil
 }
 
 // GetUserByID to get user information from database using user ID
-func (p *provider) GetUserByID(ctx context.Context, id string) (models.User, error) {
-	var user models.User
-
+func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, error) {
+	var user *models.User
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
 	err := userCollection.FindOne(ctx, bson.M{"_id": id}).Decode(&user)
 	if err != nil {
 		return user, err
 	}
-
 	return user, nil
 }
 
@@ -137,17 +124,14 @@ func (p *provider) GetUserByID(ctx context.Context, id string) (models.User, err
 func (p *provider) UpdateUsers(ctx context.Context, data map[string]interface{}, ids []string) error {
 	// set updated_at time for all users
 	data["updated_at"] = time.Now().Unix()
-
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
-
 	var res *mongo.UpdateResult
 	var err error
-	if ids != nil && len(ids) > 0 {
+	if len(ids) > 0 {
 		res, err = userCollection.UpdateMany(ctx, bson.M{"_id": bson.M{"$in": ids}}, bson.M{"$set": data})
 	} else {
 		res, err = userCollection.UpdateMany(ctx, bson.M{}, bson.M{"$set": data})
 	}
-
 	if err != nil {
 		return err
 	} else {
@@ -158,13 +142,11 @@ func (p *provider) UpdateUsers(ctx context.Context, data map[string]interface{},
 
 // GetUserByPhoneNumber to get user information from database using phone number
 func (p *provider) GetUserByPhoneNumber(ctx context.Context, phoneNumber string) (*models.User, error) {
-	var user models.User
-
+	var user *models.User
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
 	err := userCollection.FindOne(ctx, bson.M{"phone_number": phoneNumber}).Decode(&user)
 	if err != nil {
 		return nil, err
 	}
-
-	return &user, nil
+	return user, nil
 }

server/db/providers/mongodb/verification_requests.go

@@ -12,7 +12,7 @@ import (
 )
 
 // AddVerification to save verification request in database
-func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
+func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest *models.VerificationRequest) (*models.VerificationRequest, error) {
 	if verificationRequest.ID == "" {
 		verificationRequest.ID = uuid.New().String()
 
@@ -30,8 +30,8 @@ func (p *provider) AddVerificationRequest(ctx context.Context, verificationReque
 }
 
 // GetVerificationRequestByToken to get verification request from database using token
-func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (models.VerificationRequest, error) {
-	var verificationRequest models.VerificationRequest
+func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (*models.VerificationRequest, error) {
+	var verificationRequest *models.VerificationRequest
 
 	verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection())
 	err := verificationRequestCollection.FindOne(ctx, bson.M{"token": token}).Decode(&verificationRequest)
@@ -43,8 +43,8 @@ func (p *provider) GetVerificationRequestByToken(ctx context.Context, token stri
 }
 
 // GetVerificationRequestByEmail to get verification request by email from database
-func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (models.VerificationRequest, error) {
-	var verificationRequest models.VerificationRequest
+func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (*models.VerificationRequest, error) {
+	var verificationRequest *models.VerificationRequest
 
 	verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection())
 	err := verificationRequestCollection.FindOne(ctx, bson.M{"email": email, "identifier": identifier}).Decode(&verificationRequest)
@@ -56,7 +56,7 @@ func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email stri
 }
 
 // ListVerificationRequests to get list of verification requests from database
-func (p *provider) ListVerificationRequests(ctx context.Context, pagination model.Pagination) (*model.VerificationRequests, error) {
+func (p *provider) ListVerificationRequests(ctx context.Context, pagination *model.Pagination) (*model.VerificationRequests, error) {
 	var verificationRequests []*model.VerificationRequest
 
 	opts := options.Find()
@@ -77,7 +77,7 @@ func (p *provider) ListVerificationRequests(ctx context.Context, pagination mode
 	defer cursor.Close(ctx)
 
 	for cursor.Next(ctx) {
-		var verificationRequest models.VerificationRequest
+		var verificationRequest *models.VerificationRequest
 		err := cursor.Decode(&verificationRequest)
 		if err != nil {
 			return nil, err
@@ -87,12 +87,12 @@ func (p *provider) ListVerificationRequests(ctx context.Context, pagination mode
 
 	return &model.VerificationRequests{
 		VerificationRequests: verificationRequests,
-		Pagination:           &paginationClone,
+		Pagination:           paginationClone,
 	}, nil
 }
 
 // DeleteVerificationRequest to delete verification request from database
-func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) error {
+func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest *models.VerificationRequest) error {
 	verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection())
 	_, err := verificationRequestCollection.DeleteOne(ctx, bson.M{"_id": verificationRequest.ID}, options.Delete())
 	if err != nil {

server/db/providers/mongodb/webhook.go

@@ -14,7 +14,7 @@ import (
 )
 
 // AddWebhook to add webhook
-func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+func (p *provider) AddWebhook(ctx context.Context, webhook *models.Webhook) (*model.Webhook, error) {
 	if webhook.ID == "" {
 		webhook.ID = uuid.New().String()
 	}
@@ -32,7 +32,7 @@ func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*mod
 }
 
 // UpdateWebhook to update webhook
-func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+func (p *provider) UpdateWebhook(ctx context.Context, webhook *models.Webhook) (*model.Webhook, error) {
 	webhook.UpdatedAt = time.Now().Unix()
 	// Event is changed
 	if !strings.Contains(webhook.EventName, "-") {
@@ -47,7 +47,7 @@ func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*
 }
 
 // ListWebhooks to list webhook
-func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination) (*model.Webhooks, error) {
+func (p *provider) ListWebhook(ctx context.Context, pagination *model.Pagination) (*model.Webhooks, error) {
 	webhooks := []*model.Webhook{}
 	opts := options.Find()
 	opts.SetLimit(pagination.Limit)
@@ -66,7 +66,7 @@ func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination)
 	}
 	defer cursor.Close(ctx)
 	for cursor.Next(ctx) {
-		var webhook models.Webhook
+		var webhook *models.Webhook
 		err := cursor.Decode(&webhook)
 		if err != nil {
 			return nil, err
@@ -74,14 +74,14 @@ func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination)
 		webhooks = append(webhooks, webhook.AsAPIWebhook())
 	}
 	return &model.Webhooks{
-		Pagination: &paginationClone,
+		Pagination: paginationClone,
 		Webhooks:   webhooks,
 	}, nil
 }
 
 // GetWebhookByID to get webhook by id
 func (p *provider) GetWebhookByID(ctx context.Context, webhookID string) (*model.Webhook, error) {
-	var webhook models.Webhook
+	var webhook *models.Webhook
 	webhookCollection := p.db.Collection(models.Collections.Webhook, options.Collection())
 	err := webhookCollection.FindOne(ctx, bson.M{"_id": webhookID}).Decode(&webhook)
 	if err != nil {
@@ -104,7 +104,7 @@ func (p *provider) GetWebhookByEventName(ctx context.Context, eventName string)
 	}
 	defer cursor.Close(ctx)
 	for cursor.Next(ctx) {
-		var webhook models.Webhook
+		var webhook *models.Webhook
 		err := cursor.Decode(&webhook)
 		if err != nil {
 			return nil, err

server/db/providers/mongodb/webhook_log.go

@@ -12,7 +12,7 @@ import (
 )
 
 // AddWebhookLog to add webhook log
-func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookLog) (*model.WebhookLog, error) {
+func (p *provider) AddWebhookLog(ctx context.Context, webhookLog *models.WebhookLog) (*model.WebhookLog, error) {
 	if webhookLog.ID == "" {
 		webhookLog.ID = uuid.New().String()
 	}
@@ -30,7 +30,7 @@ func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookL
 }
 
 // ListWebhookLogs to list webhook logs
-func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Pagination, webhookID string) (*model.WebhookLogs, error) {
+func (p *provider) ListWebhookLogs(ctx context.Context, pagination *model.Pagination, webhookID string) (*model.WebhookLogs, error) {
 	webhookLogs := []*model.WebhookLog{}
 	opts := options.Find()
 	opts.SetLimit(pagination.Limit)
@@ -59,7 +59,7 @@ func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Paginat
 	defer cursor.Close(ctx)
 
 	for cursor.Next(ctx) {
-		var webhookLog models.WebhookLog
+		var webhookLog *models.WebhookLog
 		err := cursor.Decode(&webhookLog)
 		if err != nil {
 			return nil, err
@@ -68,7 +68,7 @@ func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Paginat
 	}
 
 	return &model.WebhookLogs{
-		Pagination:  &paginationClone,
+		Pagination:  paginationClone,
 		WebhookLogs: webhookLogs,
 	}, nil
 }

server/db/providers/provider_template/email_template.go

@@ -10,7 +10,7 @@ import (
 )
 
 // AddEmailTemplate to add EmailTemplate
-func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate *models.EmailTemplate) (*model.EmailTemplate, error) {
 	if emailTemplate.ID == "" {
 		emailTemplate.ID = uuid.New().String()
 	}
@@ -22,13 +22,13 @@ func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.Em
 }
 
 // UpdateEmailTemplate to update EmailTemplate
-func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate *models.EmailTemplate) (*model.EmailTemplate, error) {
 	emailTemplate.UpdatedAt = time.Now().Unix()
 	return emailTemplate.AsAPIEmailTemplate(), nil
 }
 
 // ListEmailTemplates to list EmailTemplate
-func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagination) (*model.EmailTemplates, error) {
+func (p *provider) ListEmailTemplate(ctx context.Context, pagination *model.Pagination) (*model.EmailTemplates, error) {
 	return nil, nil
 }
 

server/db/providers/provider_template/env.go

@@ -9,7 +9,7 @@ import (
 )
 
 // AddEnv to save environment information in database
-func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, error) {
+func (p *provider) AddEnv(ctx context.Context, env *models.Env) (*models.Env, error) {
 	if env.ID == "" {
 		env.ID = uuid.New().String()
 	}
@@ -20,14 +20,14 @@ func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, erro
 }
 
 // UpdateEnv to update environment information in database
-func (p *provider) UpdateEnv(ctx context.Context, env models.Env) (models.Env, error) {
+func (p *provider) UpdateEnv(ctx context.Context, env *models.Env) (*models.Env, error) {
 	env.UpdatedAt = time.Now().Unix()
 	return env, nil
 }
 
 // GetEnv to get environment information from database
-func (p *provider) GetEnv(ctx context.Context) (models.Env, error) {
-	var env models.Env
+func (p *provider) GetEnv(ctx context.Context) (*models.Env, error) {
+	var env *models.Env
 
 	return env, nil
 }

server/db/providers/provider_template/otp.go

@@ -16,6 +16,11 @@ func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*mod
 	return nil, nil
 }
 
+// GetOTPByPhoneNumber to get otp for a given phone number
+func (p *provider) GetOTPByPhoneNumber(ctx context.Context, phoneNumber string) (*models.OTP, error) {
+	return nil, nil
+}
+
 // DeleteOTP to delete otp
 func (p *provider) DeleteOTP(ctx context.Context, otp *models.OTP) error {
 	return nil

server/db/providers/provider_template/session.go

@@ -9,11 +9,10 @@ import (
 )
 
 // AddSession to save session information in database
-func (p *provider) AddSession(ctx context.Context, session models.Session) error {
+func (p *provider) AddSession(ctx context.Context, session *models.Session) error {
 	if session.ID == "" {
 		session.ID = uuid.New().String()
 	}
-
 	session.CreatedAt = time.Now().Unix()
 	session.UpdatedAt = time.Now().Unix()
 	return nil

server/db/providers/provider_template/user.go

@@ -12,11 +12,10 @@ import (
 )
 
 // AddUser to save user information in database
-func (p *provider) AddUser(ctx context.Context, user models.User) (models.User, error) {
+func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User, error) {
 	if user.ID == "" {
 		user.ID = uuid.New().String()
 	}
-
 	if user.Roles == "" {
 		defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
 		if err != nil {
@@ -24,40 +23,36 @@ func (p *provider) AddUser(ctx context.Context, user models.User) (models.User,
 		}
 		user.Roles = defaultRoles
 	}
-
 	user.CreatedAt = time.Now().Unix()
 	user.UpdatedAt = time.Now().Unix()
-
 	return user, nil
 }
 
 // UpdateUser to update user information in database
-func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.User, error) {
+func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.User, error) {
 	user.UpdatedAt = time.Now().Unix()
 	return user, nil
 }
 
 // DeleteUser to delete user information from database
-func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
+func (p *provider) DeleteUser(ctx context.Context, user *models.User) error {
 	return nil
 }
 
 // ListUsers to get list of users from database
-func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (*model.Users, error) {
+func (p *provider) ListUsers(ctx context.Context, pagination *model.Pagination) (*model.Users, error) {
 	return nil, nil
 }
 
 // GetUserByEmail to get user information from database using email address
-func (p *provider) GetUserByEmail(ctx context.Context, email string) (models.User, error) {
-	var user models.User
-
+func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.User, error) {
+	var user *models.User
 	return user, nil
 }
 
 // GetUserByID to get user information from database using user ID
-func (p *provider) GetUserByID(ctx context.Context, id string) (models.User, error) {
-	var user models.User
-
+func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, error) {
+	var user *models.User
 	return user, nil
 }
 
@@ -66,13 +61,11 @@ func (p *provider) GetUserByID(ctx context.Context, id string) (models.User, err
 func (p *provider) UpdateUsers(ctx context.Context, data map[string]interface{}, ids []string) error {
 	// set updated_at time for all users
 	data["updated_at"] = time.Now().Unix()
-
 	return nil
 }
 
 // GetUserByPhoneNumber to get user information from database using phone number
 func (p *provider) GetUserByPhoneNumber(ctx context.Context, phoneNumber string) (*models.User, error) {
 	var user *models.User
-
 	return user, nil
 }

server/db/providers/provider_template/verification_requests.go

@@ -10,7 +10,7 @@ import (
 )
 
 // AddVerification to save verification request in database
-func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
+func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest *models.VerificationRequest) (*models.VerificationRequest, error) {
 	if verificationRequest.ID == "" {
 		verificationRequest.ID = uuid.New().String()
 	}
@@ -22,25 +22,25 @@ func (p *provider) AddVerificationRequest(ctx context.Context, verificationReque
 }
 
 // GetVerificationRequestByToken to get verification request from database using token
-func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (models.VerificationRequest, error) {
-	var verificationRequest models.VerificationRequest
+func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (*models.VerificationRequest, error) {
+	var verificationRequest *models.VerificationRequest
 
 	return verificationRequest, nil
 }
 
 // GetVerificationRequestByEmail to get verification request by email from database
-func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (models.VerificationRequest, error) {
-	var verificationRequest models.VerificationRequest
+func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (*models.VerificationRequest, error) {
+	var verificationRequest *models.VerificationRequest
 
 	return verificationRequest, nil
 }
 
 // ListVerificationRequests to get list of verification requests from database
-func (p *provider) ListVerificationRequests(ctx context.Context, pagination model.Pagination) (*model.VerificationRequests, error) {
+func (p *provider) ListVerificationRequests(ctx context.Context, pagination *model.Pagination) (*model.VerificationRequests, error) {
 	return nil, nil
 }
 
 // DeleteVerificationRequest to delete verification request from database
-func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) error {
+func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest *models.VerificationRequest) error {
 	return nil
 }

server/db/providers/provider_template/webhook.go

@@ -12,7 +12,7 @@ import (
 )
 
 // AddWebhook to add webhook
-func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+func (p *provider) AddWebhook(ctx context.Context, webhook *models.Webhook) (*model.Webhook, error) {
 	if webhook.ID == "" {
 		webhook.ID = uuid.New().String()
 	}
@@ -25,7 +25,7 @@ func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*mod
 }
 
 // UpdateWebhook to update webhook
-func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+func (p *provider) UpdateWebhook(ctx context.Context, webhook *models.Webhook) (*model.Webhook, error) {
 	webhook.UpdatedAt = time.Now().Unix()
 	// Event is changed
 	if !strings.Contains(webhook.EventName, "-") {
@@ -35,7 +35,7 @@ func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*
 }
 
 // ListWebhooks to list webhook
-func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination) (*model.Webhooks, error) {
+func (p *provider) ListWebhook(ctx context.Context, pagination *model.Pagination) (*model.Webhooks, error) {
 	return nil, nil
 }
 

server/db/providers/provider_template/webhook_log.go

@@ -10,7 +10,7 @@ import (
 )
 
 // AddWebhookLog to add webhook log
-func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookLog) (*model.WebhookLog, error) {
+func (p *provider) AddWebhookLog(ctx context.Context, webhookLog *models.WebhookLog) (*model.WebhookLog, error) {
 	if webhookLog.ID == "" {
 		webhookLog.ID = uuid.New().String()
 	}
@@ -22,6 +22,6 @@ func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookL
 }
 
 // ListWebhookLogs to list webhook logs
-func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Pagination, webhookID string) (*model.WebhookLogs, error) {
+func (p *provider) ListWebhookLogs(ctx context.Context, pagination *model.Pagination, webhookID string) (*model.WebhookLogs, error) {
 	return nil, nil
 }

server/db/providers/providers.go

@@ -9,50 +9,52 @@ import (
 
 type Provider interface {
 	// AddUser to save user information in database
-	AddUser(ctx context.Context, user models.User) (models.User, error)
+	AddUser(ctx context.Context, user *models.User) (*models.User, error)
 	// UpdateUser to update user information in database
-	UpdateUser(ctx context.Context, user models.User) (models.User, error)
+	UpdateUser(ctx context.Context, user *models.User) (*models.User, error)
 	// DeleteUser to delete user information from database
-	DeleteUser(ctx context.Context, user models.User) error
+	DeleteUser(ctx context.Context, user *models.User) error
 	// ListUsers to get list of users from database
-	ListUsers(ctx context.Context, pagination model.Pagination) (*model.Users, error)
+	ListUsers(ctx context.Context, pagination *model.Pagination) (*model.Users, error)
 	// GetUserByEmail to get user information from database using email address
-	GetUserByEmail(ctx context.Context, email string) (models.User, error)
+	GetUserByEmail(ctx context.Context, email string) (*models.User, error)
 	// GetUserByPhoneNumber to get user information from database using phone number
 	GetUserByPhoneNumber(ctx context.Context, phoneNumber string) (*models.User, error)
 	// GetUserByID to get user information from database using user ID
-	GetUserByID(ctx context.Context, id string) (models.User, error)
+	GetUserByID(ctx context.Context, id string) (*models.User, error)
 	// UpdateUsers to update multiple users, with parameters of user IDs slice
 	// If ids set to nil / empty all the users will be updated
 	UpdateUsers(ctx context.Context, data map[string]interface{}, ids []string) error
 
 	// AddVerification to save verification request in database
-	AddVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) (models.VerificationRequest, error)
+	AddVerificationRequest(ctx context.Context, verificationRequest *models.VerificationRequest) (*models.VerificationRequest, error)
 	// GetVerificationRequestByToken to get verification request from database using token
-	GetVerificationRequestByToken(ctx context.Context, token string) (models.VerificationRequest, error)
+	GetVerificationRequestByToken(ctx context.Context, token string) (*models.VerificationRequest, error)
 	// GetVerificationRequestByEmail to get verification request by email from database
-	GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (models.VerificationRequest, error)
+	GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (*models.VerificationRequest, error)
 	// ListVerificationRequests to get list of verification requests from database
-	ListVerificationRequests(ctx context.Context, pagination model.Pagination) (*model.VerificationRequests, error)
+	ListVerificationRequests(ctx context.Context, pagination *model.Pagination) (*model.VerificationRequests, error)
 	// DeleteVerificationRequest to delete verification request from database
-	DeleteVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) error
+	DeleteVerificationRequest(ctx context.Context, verificationRequest *models.VerificationRequest) error
 
 	// AddSession to save session information in database
-	AddSession(ctx context.Context, session models.Session) error
+	AddSession(ctx context.Context, session *models.Session) error
+	// DeleteSession to delete session information from database
+	DeleteSession(ctx context.Context, userId string) error
 
 	// AddEnv to save environment information in database
-	AddEnv(ctx context.Context, env models.Env) (models.Env, error)
+	AddEnv(ctx context.Context, env *models.Env) (*models.Env, error)
 	// UpdateEnv to update environment information in database
-	UpdateEnv(ctx context.Context, env models.Env) (models.Env, error)
+	UpdateEnv(ctx context.Context, env *models.Env) (*models.Env, error)
 	// GetEnv to get environment information from database
-	GetEnv(ctx context.Context) (models.Env, error)
+	GetEnv(ctx context.Context) (*models.Env, error)
 
 	// AddWebhook to add webhook
-	AddWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error)
+	AddWebhook(ctx context.Context, webhook *models.Webhook) (*model.Webhook, error)
 	// UpdateWebhook to update webhook
-	UpdateWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error)
+	UpdateWebhook(ctx context.Context, webhook *models.Webhook) (*model.Webhook, error)
 	// ListWebhooks to list webhook
-	ListWebhook(ctx context.Context, pagination model.Pagination) (*model.Webhooks, error)
+	ListWebhook(ctx context.Context, pagination *model.Pagination) (*model.Webhooks, error)
 	// GetWebhookByID to get webhook by id
 	GetWebhookByID(ctx context.Context, webhookID string) (*model.Webhook, error)
 	// GetWebhookByEventName to get webhook by event_name
@@ -61,16 +63,16 @@ type Provider interface {
 	DeleteWebhook(ctx context.Context, webhook *model.Webhook) error
 
 	// AddWebhookLog to add webhook log
-	AddWebhookLog(ctx context.Context, webhookLog models.WebhookLog) (*model.WebhookLog, error)
+	AddWebhookLog(ctx context.Context, webhookLog *models.WebhookLog) (*model.WebhookLog, error)
 	// ListWebhookLogs to list webhook logs
-	ListWebhookLogs(ctx context.Context, pagination model.Pagination, webhookID string) (*model.WebhookLogs, error)
+	ListWebhookLogs(ctx context.Context, pagination *model.Pagination, webhookID string) (*model.WebhookLogs, error)
 
 	// AddEmailTemplate to add EmailTemplate
-	AddEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error)
+	AddEmailTemplate(ctx context.Context, emailTemplate *models.EmailTemplate) (*model.EmailTemplate, error)
 	// UpdateEmailTemplate to update EmailTemplate
-	UpdateEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error)
+	UpdateEmailTemplate(ctx context.Context, emailTemplate *models.EmailTemplate) (*model.EmailTemplate, error)
 	// ListEmailTemplates to list EmailTemplate
-	ListEmailTemplate(ctx context.Context, pagination model.Pagination) (*model.EmailTemplates, error)
+	ListEmailTemplate(ctx context.Context, pagination *model.Pagination) (*model.EmailTemplates, error)
 	// GetEmailTemplateByID to get EmailTemplate by id
 	GetEmailTemplateByID(ctx context.Context, emailTemplateID string) (*model.EmailTemplate, error)
 	// GetEmailTemplateByEventName to get EmailTemplate by event_name
@@ -82,6 +84,8 @@ type Provider interface {
 	UpsertOTP(ctx context.Context, otp *models.OTP) (*models.OTP, error)
 	// GetOTPByEmail to get otp for a given email address
 	GetOTPByEmail(ctx context.Context, emailAddress string) (*models.OTP, error)
+	// GetOTPByPhoneNumber to get otp for a given phone number
+	GetOTPByPhoneNumber(ctx context.Context, phoneNumber string) (*models.OTP, error)
 	// DeleteOTP to delete otp
 	DeleteOTP(ctx context.Context, otp *models.OTP) error
 }

server/db/providers/sql/email_template.go

@@ -10,7 +10,7 @@ import (
 )
 
 // AddEmailTemplate to add EmailTemplate
-func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate *models.EmailTemplate) (*model.EmailTemplate, error) {
 	if emailTemplate.ID == "" {
 		emailTemplate.ID = uuid.New().String()
 	}
@@ -27,7 +27,7 @@ func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.Em
 }
 
 // UpdateEmailTemplate to update EmailTemplate
-func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate *models.EmailTemplate) (*model.EmailTemplate, error) {
 	emailTemplate.UpdatedAt = time.Now().Unix()
 
 	res := p.db.Save(&emailTemplate)
@@ -38,9 +38,8 @@ func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate models
 }
 
 // ListEmailTemplates to list EmailTemplate
-func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagination) (*model.EmailTemplates, error) {
-	var emailTemplates []models.EmailTemplate
-
+func (p *provider) ListEmailTemplate(ctx context.Context, pagination *model.Pagination) (*model.EmailTemplates, error) {
+	var emailTemplates []*models.EmailTemplate
 	result := p.db.Limit(int(pagination.Limit)).Offset(int(pagination.Offset)).Order("created_at DESC").Find(&emailTemplates)
 	if result.Error != nil {
 		return nil, result.Error
@@ -60,14 +59,14 @@ func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagin
 		responseEmailTemplates = append(responseEmailTemplates, w.AsAPIEmailTemplate())
 	}
 	return &model.EmailTemplates{
-		Pagination:     &paginationClone,
+		Pagination:     paginationClone,
 		EmailTemplates: responseEmailTemplates,
 	}, nil
 }
 
 // GetEmailTemplateByID to get EmailTemplate by id
 func (p *provider) GetEmailTemplateByID(ctx context.Context, emailTemplateID string) (*model.EmailTemplate, error) {
-	var emailTemplate models.EmailTemplate
+	var emailTemplate *models.EmailTemplate
 
 	result := p.db.Where("id = ?", emailTemplateID).First(&emailTemplate)
 	if result.Error != nil {
@@ -78,7 +77,7 @@ func (p *provider) GetEmailTemplateByID(ctx context.Context, emailTemplateID str
 
 // GetEmailTemplateByEventName to get EmailTemplate by event_name
 func (p *provider) GetEmailTemplateByEventName(ctx context.Context, eventName string) (*model.EmailTemplate, error) {
-	var emailTemplate models.EmailTemplate
+	var emailTemplate *models.EmailTemplate
 
 	result := p.db.Where("event_name = ?", eventName).First(&emailTemplate)
 	if result.Error != nil {
@@ -95,6 +94,5 @@ func (p *provider) DeleteEmailTemplate(ctx context.Context, emailTemplate *model
 	if result.Error != nil {
 		return result.Error
 	}
-
 	return nil
 }

server/db/providers/sql/env.go

@@ -9,7 +9,7 @@ import (
 )
 
 // AddEnv to save environment information in database
-func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, error) {
+func (p *provider) AddEnv(ctx context.Context, env *models.Env) (*models.Env, error) {
 	if env.ID == "" {
 		env.ID = uuid.New().String()
 	}
@@ -26,10 +26,9 @@ func (p *provider) AddEnv(ctx context.Context, env models.Env) (models.Env, erro
 }
 
 // UpdateEnv to update environment information in database
-func (p *provider) UpdateEnv(ctx context.Context, env models.Env) (models.Env, error) {
+func (p *provider) UpdateEnv(ctx context.Context, env *models.Env) (*models.Env, error) {
 	env.UpdatedAt = time.Now().Unix()
 	result := p.db.Save(&env)
-
 	if result.Error != nil {
 		return env, result.Error
 	}
@@ -37,13 +36,11 @@ func (p *provider) UpdateEnv(ctx context.Context, env models.Env) (models.Env, e
 }
 
 // GetEnv to get environment information from database
-func (p *provider) GetEnv(ctx context.Context) (models.Env, error) {
-	var env models.Env
+func (p *provider) GetEnv(ctx context.Context) (*models.Env, error) {
+	var env *models.Env
 	result := p.db.First(&env)
-
 	if result.Error != nil {
 		return env, result.Error
 	}
-
 	return env, nil
 }

server/db/providers/sql/otp.go

@@ -2,6 +2,7 @@ package sql
 
 import (
 	"context"
+	"errors"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -14,13 +15,19 @@ func (p *provider) UpsertOTP(ctx context.Context, otp *models.OTP) (*models.OTP,
 	if otp.ID == "" {
 		otp.ID = uuid.New().String()
 	}
-
+	// check if email or phone number is present
+	if otp.Email == "" && otp.PhoneNumber == "" {
+		return nil, errors.New("email or phone_number is required")
+	}
+	uniqueField := models.FieldNameEmail
+	if otp.Email == "" && otp.PhoneNumber != "" {
+		uniqueField = models.FieldNamePhoneNumber
+	}
 	otp.Key = otp.ID
 	otp.CreatedAt = time.Now().Unix()
 	otp.UpdatedAt = time.Now().Unix()
-
 	res := p.db.Clauses(clause.OnConflict{
-		Columns:   []clause.Column{{Name: "email"}},
+		Columns:   []clause.Column{{Name: uniqueField}},
 		DoUpdates: clause.AssignmentColumns([]string{"otp", "expires_at", "updated_at"}),
 	}).Create(&otp)
 	if res.Error != nil {
@@ -33,7 +40,6 @@ func (p *provider) UpsertOTP(ctx context.Context, otp *models.OTP) (*models.OTP,
 // GetOTPByEmail to get otp for a given email address
 func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*models.OTP, error) {
 	var otp models.OTP
-
 	result := p.db.Where("email = ?", emailAddress).First(&otp)
 	if result.Error != nil {
 		return nil, result.Error
@@ -41,6 +47,16 @@ func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*mod
 	return &otp, nil
 }
 
+// GetOTPByPhoneNumber to get otp for a given phone number
+func (p *provider) GetOTPByPhoneNumber(ctx context.Context, phoneNumber string) (*models.OTP, error) {
+	var otp models.OTP
+	result := p.db.Where("phone_number = ?", phoneNumber).First(&otp)
+	if result.Error != nil {
+		return nil, result.Error
+	}
+	return &otp, nil
+}
+
 // DeleteOTP to delete otp
 func (p *provider) DeleteOTP(ctx context.Context, otp *models.OTP) error {
 	result := p.db.Delete(&models.OTP{

server/db/providers/sql/provider.go

@@ -77,7 +77,7 @@ func NewProvider() (*provider, error) {
 		logrus.Debug("Failed to drop phone number constraint:", err)
 	}
 
-	err = sqlDB.AutoMigrate(&models.User{}, &models.VerificationRequest{}, &models.Session{}, &models.Env{}, &models.Webhook{}, models.WebhookLog{}, models.EmailTemplate{}, &models.OTP{})
+	err = sqlDB.AutoMigrate(&models.User{}, &models.VerificationRequest{}, &models.Session{}, &models.Env{}, &models.Webhook{}, &models.WebhookLog{}, &models.EmailTemplate{}, &models.OTP{})
 	if err != nil {
 		return nil, err
 	}

server/db/providers/sql/session.go

@@ -10,7 +10,7 @@ import (
 )
 
 // AddSession to save session information in database
-func (p *provider) AddSession(ctx context.Context, session models.Session) error {
+func (p *provider) AddSession(ctx context.Context, session *models.Session) error {
 	if session.ID == "" {
 		session.ID = uuid.New().String()
 	}
@@ -27,3 +27,8 @@ func (p *provider) AddSession(ctx context.Context, session models.Session) error
 	}
 	return nil
 }
+
+// DeleteSession to delete session information from database
+func (p *provider) DeleteSession(ctx context.Context, userId string) error {
+	return nil
+}

server/db/providers/sql/user.go

@@ -17,7 +17,7 @@ import (
 )
 
 // AddUser to save user information in database
-func (p *provider) AddUser(ctx context.Context, user models.User) (models.User, error) {
+func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User, error) {
 	if user.ID == "" {
 		user.ID = uuid.New().String()
 	}
@@ -53,7 +53,7 @@ func (p *provider) AddUser(ctx context.Context, user models.User) (models.User,
 }
 
 // UpdateUser to update user information in database
-func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.User, error) {
+func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.User, error) {
 	user.UpdatedAt = time.Now().Unix()
 
 	result := p.db.Save(&user)
@@ -66,7 +66,7 @@ func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.Use
 }
 
 // DeleteUser to delete user information from database
-func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
+func (p *provider) DeleteUser(ctx context.Context, user *models.User) error {
 	result := p.db.Where("user_id = ?", user.ID).Delete(&models.Session{})
 	if result.Error != nil {
 		return result.Error
@@ -81,7 +81,7 @@ func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
 }
 
 // ListUsers to get list of users from database
-func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (*model.Users, error) {
+func (p *provider) ListUsers(ctx context.Context, pagination *model.Pagination) (*model.Users, error) {
 	var users []models.User
 	result := p.db.Limit(int(pagination.Limit)).Offset(int(pagination.Offset)).Order("created_at DESC").Find(&users)
 	if result.Error != nil {
@@ -103,31 +103,28 @@ func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (
 	paginationClone.Total = total
 
 	return &model.Users{
-		Pagination: &paginationClone,
+		Pagination: paginationClone,
 		Users:      responseUsers,
 	}, nil
 }
 
 // GetUserByEmail to get user information from database using email address
-func (p *provider) GetUserByEmail(ctx context.Context, email string) (models.User, error) {
-	var user models.User
+func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.User, error) {
+	var user *models.User
 	result := p.db.Where("email = ?", email).First(&user)
 	if result.Error != nil {
 		return user, result.Error
 	}
-
 	return user, nil
 }
 
 // GetUserByID to get user information from database using user ID
-func (p *provider) GetUserByID(ctx context.Context, id string) (models.User, error) {
-	var user models.User
-
+func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, error) {
+	var user *models.User
 	result := p.db.Where("id = ?", id).First(&user)
 	if result.Error != nil {
 		return user, result.Error
 	}
-
 	return user, nil
 }
 
@@ -136,14 +133,12 @@ func (p *provider) GetUserByID(ctx context.Context, id string) (models.User, err
 func (p *provider) UpdateUsers(ctx context.Context, data map[string]interface{}, ids []string) error {
 	// set updated_at time for all users
 	data["updated_at"] = time.Now().Unix()
-
 	var res *gorm.DB
-	if ids != nil && len(ids) > 0 {
+	if len(ids) > 0 {
 		res = p.db.Model(&models.User{}).Where("id in ?", ids).Updates(data)
 	} else {
 		res = p.db.Model(&models.User{}).Updates(data)
 	}
-
 	if res.Error != nil {
 		return res.Error
 	}
@@ -154,10 +149,8 @@ func (p *provider) UpdateUsers(ctx context.Context, data map[string]interface{},
 func (p *provider) GetUserByPhoneNumber(ctx context.Context, phoneNumber string) (*models.User, error) {
 	var user *models.User
 	result := p.db.Where("phone_number = ?", phoneNumber).First(&user)
-
 	if result.Error != nil {
 		return nil, result.Error
 	}
-
 	return user, nil
 }

server/db/providers/sql/verification_requests.go

@@ -11,11 +11,10 @@ import (
 )
 
 // AddVerification to save verification request in database
-func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
+func (p *provider) AddVerificationRequest(ctx context.Context, verificationRequest *models.VerificationRequest) (*models.VerificationRequest, error) {
 	if verificationRequest.ID == "" {
 		verificationRequest.ID = uuid.New().String()
 	}
-
 	verificationRequest.Key = verificationRequest.ID
 	verificationRequest.CreatedAt = time.Now().Unix()
 	verificationRequest.UpdatedAt = time.Now().Unix()
@@ -23,75 +22,61 @@ func (p *provider) AddVerificationRequest(ctx context.Context, verificationReque
 		Columns:   []clause.Column{{Name: "email"}, {Name: "identifier"}},
 		DoUpdates: clause.AssignmentColumns([]string{"token", "expires_at", "nonce", "redirect_uri"}),
 	}).Create(&verificationRequest)
-
 	if result.Error != nil {
 		return verificationRequest, result.Error
 	}
-
 	return verificationRequest, nil
 }
 
 // GetVerificationRequestByToken to get verification request from database using token
-func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (models.VerificationRequest, error) {
-	var verificationRequest models.VerificationRequest
+func (p *provider) GetVerificationRequestByToken(ctx context.Context, token string) (*models.VerificationRequest, error) {
+	var verificationRequest *models.VerificationRequest
 	result := p.db.Where("token = ?", token).First(&verificationRequest)
-
 	if result.Error != nil {
 		return verificationRequest, result.Error
 	}
-
 	return verificationRequest, nil
 }
 
 // GetVerificationRequestByEmail to get verification request by email from database
-func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (models.VerificationRequest, error) {
-	var verificationRequest models.VerificationRequest
-
+func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email string, identifier string) (*models.VerificationRequest, error) {
+	var verificationRequest *models.VerificationRequest
 	result := p.db.Where("email = ? AND identifier = ?", email, identifier).First(&verificationRequest)
-
 	if result.Error != nil {
 		return verificationRequest, result.Error
 	}
-
 	return verificationRequest, nil
 }
 
 // ListVerificationRequests to get list of verification requests from database
-func (p *provider) ListVerificationRequests(ctx context.Context, pagination model.Pagination) (*model.VerificationRequests, error) {
+func (p *provider) ListVerificationRequests(ctx context.Context, pagination *model.Pagination) (*model.VerificationRequests, error) {
 	var verificationRequests []models.VerificationRequest
-
 	result := p.db.Limit(int(pagination.Limit)).Offset(int(pagination.Offset)).Order("created_at DESC").Find(&verificationRequests)
 	if result.Error != nil {
 		return nil, result.Error
 	}
-
 	responseVerificationRequests := []*model.VerificationRequest{}
 	for _, v := range verificationRequests {
 		responseVerificationRequests = append(responseVerificationRequests, v.AsAPIVerificationRequest())
 	}
-
 	var total int64
 	totalRes := p.db.Model(&models.VerificationRequest{}).Count(&total)
 	if totalRes.Error != nil {
 		return nil, totalRes.Error
 	}
-
 	paginationClone := pagination
 	paginationClone.Total = total
-
 	return &model.VerificationRequests{
 		VerificationRequests: responseVerificationRequests,
-		Pagination:           &paginationClone,
+		Pagination:           paginationClone,
 	}, nil
 }
 
 // DeleteVerificationRequest to delete verification request from database
-func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest models.VerificationRequest) error {
+func (p *provider) DeleteVerificationRequest(ctx context.Context, verificationRequest *models.VerificationRequest) error {
 	result := p.db.Delete(&verificationRequest)
-
 	if result.Error != nil {
 		return result.Error
 	}
-
 	return nil
 }

server/db/providers/sql/webhook.go

@@ -12,7 +12,7 @@ import (
 )
 
 // AddWebhook to add webhook
-func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+func (p *provider) AddWebhook(ctx context.Context, webhook *models.Webhook) (*model.Webhook, error) {
 	if webhook.ID == "" {
 		webhook.ID = uuid.New().String()
 	}
@@ -29,7 +29,7 @@ func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*mod
 }
 
 // UpdateWebhook to update webhook
-func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*model.Webhook, error) {
+func (p *provider) UpdateWebhook(ctx context.Context, webhook *models.Webhook) (*model.Webhook, error) {
 	webhook.UpdatedAt = time.Now().Unix()
 	// Event is changed
 	if !strings.Contains(webhook.EventName, "-") {
@@ -43,7 +43,7 @@ func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*
 }
 
 // ListWebhooks to list webhook
-func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination) (*model.Webhooks, error) {
+func (p *provider) ListWebhook(ctx context.Context, pagination *model.Pagination) (*model.Webhooks, error) {
 	var webhooks []models.Webhook
 	result := p.db.Limit(int(pagination.Limit)).Offset(int(pagination.Offset)).Order("created_at DESC").Find(&webhooks)
 	if result.Error != nil {
@@ -61,14 +61,14 @@ func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination)
 		responseWebhooks = append(responseWebhooks, w.AsAPIWebhook())
 	}
 	return &model.Webhooks{
-		Pagination: &paginationClone,
+		Pagination: paginationClone,
 		Webhooks:   responseWebhooks,
 	}, nil
 }
 
 // GetWebhookByID to get webhook by id
 func (p *provider) GetWebhookByID(ctx context.Context, webhookID string) (*model.Webhook, error) {
-	var webhook models.Webhook
+	var webhook *models.Webhook
 
 	result := p.db.Where("id = ?", webhookID).First(&webhook)
 	if result.Error != nil {

server/db/providers/sql/webhook_log.go

@@ -12,7 +12,7 @@ import (
 )
 
 // AddWebhookLog to add webhook log
-func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookLog) (*model.WebhookLog, error) {
+func (p *provider) AddWebhookLog(ctx context.Context, webhookLog *models.WebhookLog) (*model.WebhookLog, error) {
 	if webhookLog.ID == "" {
 		webhookLog.ID = uuid.New().String()
 	}
@@ -32,7 +32,7 @@ func (p *provider) AddWebhookLog(ctx context.Context, webhookLog models.WebhookL
 }
 
 // ListWebhookLogs to list webhook logs
-func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Pagination, webhookID string) (*model.WebhookLogs, error) {
+func (p *provider) ListWebhookLogs(ctx context.Context, pagination *model.Pagination, webhookID string) (*model.WebhookLogs, error) {
 	var webhookLogs []models.WebhookLog
 	var result *gorm.DB
 	var totalRes *gorm.DB
@@ -63,6 +63,6 @@ func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Paginat
 	}
 	return &model.WebhookLogs{
 		WebhookLogs: responseWebhookLogs,
-		Pagination:  &paginationClone,
+		Pagination:  paginationClone,
 	}, nil
 }

server/email/email.go

@@ -72,7 +72,6 @@ func getEmailTemplate(event string, data map[string]interface{}) (*model.EmailTe
 		return nil, err
 	}
 	subjectString := buf.String()
-
 	return &model.EmailTemplate{
 		Template: templateString,
 		Subject:  subjectString,

server/env/env.go

@@ -19,7 +19,7 @@ import (
 // InitEnv to initialize EnvData and through error if required env are not present
 func InitAllEnv() error {
 	envData, err := GetEnvData()
-	if err != nil {
+	if err != nil || envData == nil {
 		log.Info("No env data found in db, using local clone of env data")
 		// get clone of current store
 		envData, err = memorystore.Provider.GetEnvStore()
@@ -104,6 +104,13 @@ func InitAllEnv() error {
 	osDisableStrongPassword := os.Getenv(constants.EnvKeyDisableStrongPassword)
 	osEnforceMultiFactorAuthentication := os.Getenv(constants.EnvKeyEnforceMultiFactorAuthentication)
 	osDisableMultiFactorAuthentication := os.Getenv(constants.EnvKeyDisableMultiFactorAuthentication)
+	// phone verification var
+	osDisablePhoneVerification := os.Getenv(constants.EnvKeyDisablePhoneVerification)
+	// twilio vars
+	osTwilioApiKey := os.Getenv(constants.EnvKeyTwilioAPIKey)
+	osTwilioApiSecret := os.Getenv(constants.EnvKeyTwilioAPISecret)
+	osTwilioAccountSid := os.Getenv(constants.EnvKeyTwilioAccountSID)
+	osTwilioSender := os.Getenv(constants.EnvKeyTwilioSender)
 
 	// os slice vars
 	osAllowedOrigins := os.Getenv(constants.EnvKeyAllowedOrigins)
@@ -136,6 +143,7 @@ func InitAllEnv() error {
 	if val, ok := envData[constants.EnvAwsRegion]; !ok || val == "" {
 		envData[constants.EnvAwsRegion] = osAwsRegion
 	}
+
 	if osAwsRegion != "" && envData[constants.EnvAwsRegion] != osAwsRegion {
 		envData[constants.EnvAwsRegion] = osAwsRegion
 	}
@@ -591,7 +599,7 @@ func InitAllEnv() error {
 		if err != nil {
 			return err
 		}
-		if boolValue != envData[constants.EnvKeyDisableMagicLinkLogin].(bool) {
+		if boolValue != envData[constants.EnvKeyDisableMagicLinkLogin] {
 			envData[constants.EnvKeyDisableMagicLinkLogin] = boolValue
 		}
 	}
@@ -681,11 +689,11 @@ func InitAllEnv() error {
 		envData[constants.EnvKeyIsEmailServiceEnabled] = false
 	}
 
-	if envData[constants.EnvKeySmtpHost] != "" || envData[constants.EnvKeySmtpUsername] != "" || envData[constants.EnvKeySmtpPassword] != "" || envData[constants.EnvKeySenderEmail] != "" && envData[constants.EnvKeySmtpPort] != "" {
+	if envData[constants.EnvKeySmtpHost] != "" && envData[constants.EnvKeySmtpUsername] != "" && envData[constants.EnvKeySmtpPassword] != "" && envData[constants.EnvKeySenderEmail] != "" && envData[constants.EnvKeySmtpPort] != "" {
 		envData[constants.EnvKeyIsEmailServiceEnabled] = true
 	}
 
-	if envData[constants.EnvKeyEnforceMultiFactorAuthentication].(bool) && !envData[constants.EnvKeyIsEmailServiceEnabled].(bool) {
+	if envData[constants.EnvKeyEnforceMultiFactorAuthentication].(bool) && !envData[constants.EnvKeyIsEmailServiceEnabled].(bool) && !envData[constants.EnvKeyIsSMSServiceEnabled].(bool) {
 		return errors.New("to enable multi factor authentication, please enable email service")
 	}
 
@@ -767,6 +775,56 @@ func InitAllEnv() error {
 		envData[constants.EnvKeyDefaultAuthorizeResponseMode] = osAuthorizeResponseMode
 	}
 
+	if val, ok := envData[constants.EnvKeyTwilioAPISecret]; !ok || val == "" {
+		envData[constants.EnvKeyTwilioAPISecret] = osTwilioApiSecret
+	}
+	if osTwilioApiSecret != "" && envData[constants.EnvKeyTwilioAPISecret] != osTwilioApiSecret {
+		envData[constants.EnvKeyTwilioAPISecret] = osTwilioApiSecret
+	}
+
+	if val, ok := envData[constants.EnvKeyTwilioAPIKey]; !ok || val == "" {
+		envData[constants.EnvKeyTwilioAPIKey] = osTwilioApiKey
+	}
+	if osTwilioApiKey != "" && envData[constants.EnvKeyTwilioAPIKey] != osTwilioApiKey {
+		envData[constants.EnvKeyTwilioAPIKey] = osTwilioApiKey
+	}
+
+	if val, ok := envData[constants.EnvKeyTwilioAccountSID]; !ok || val == "" {
+		envData[constants.EnvKeyTwilioAccountSID] = osTwilioAccountSid
+	}
+	if osTwilioAccountSid != "" && envData[constants.EnvKeyTwilioAccountSID] != osTwilioAccountSid {
+		envData[constants.EnvKeyTwilioAccountSID] = osTwilioAccountSid
+	}
+
+	if val, ok := envData[constants.EnvKeyTwilioSender]; !ok || val == "" {
+		envData[constants.EnvKeyTwilioSender] = osTwilioSender
+	}
+	if osTwilioSender != "" && envData[constants.EnvKeyTwilioSender] != osTwilioSender {
+		envData[constants.EnvKeyTwilioSender] = osTwilioSender
+	}
+
+	if _, ok := envData[constants.EnvKeyDisablePhoneVerification]; !ok {
+		envData[constants.EnvKeyDisablePhoneVerification] = osDisablePhoneVerification == "false"
+	}
+	if osDisablePhoneVerification != "" {
+		boolValue, err := strconv.ParseBool(osDisablePhoneVerification)
+		if err != nil {
+			return err
+		}
+		if boolValue != envData[constants.EnvKeyDisablePhoneVerification] {
+			envData[constants.EnvKeyDisablePhoneVerification] = boolValue
+		}
+	}
+
+	if envData[constants.EnvKeyTwilioAPIKey] == "" || envData[constants.EnvKeyTwilioAPISecret] == "" || envData[constants.EnvKeyTwilioAccountSID] == "" || envData[constants.EnvKeyTwilioSender] == "" {
+		envData[constants.EnvKeyDisablePhoneVerification] = true
+		envData[constants.EnvKeyIsSMSServiceEnabled] = false
+	}
+	if envData[constants.EnvKeyTwilioAPIKey] != "" && envData[constants.EnvKeyTwilioAPISecret] != "" && envData[constants.EnvKeyTwilioAccountSID] != "" && envData[constants.EnvKeyTwilioSender] != "" {
+		envData[constants.EnvKeyDisablePhoneVerification] = false
+		envData[constants.EnvKeyIsSMSServiceEnabled] = true
+	}
+
 	err = memorystore.Provider.UpdateEnvStore(envData)
 	if err != nil {
 		log.Debug("Error while updating env store: ", err)

server/env/persist_env.go

@@ -62,7 +62,7 @@ func GetEnvData() (map[string]interface{}, error) {
 	ctx := context.Background()
 	env, err := db.Provider.GetEnv(ctx)
 	// config not found in db
-	if err != nil {
+	if err != nil || env == nil {
 		log.Debug("Error while getting env data from db: ", err)
 		return result, err
 	}
@@ -112,7 +112,7 @@ func PersistEnv() error {
 	ctx := context.Background()
 	env, err := db.Provider.GetEnv(ctx)
 	// config not found in db
-	if err != nil || env.EnvData == "" {
+	if err != nil || env == nil {
 		// AES encryption needs 32 bit key only, so we chop off last 4 characters from 36 bit uuid
 		hash := uuid.New().String()[:36-4]
 		err := memorystore.Provider.UpdateEnvVariable(constants.EnvKeyEncryptionKey, hash)
@@ -121,25 +121,21 @@ func PersistEnv() error {
 			return err
 		}
 		encodedHash := crypto.EncryptB64(hash)
-
 		res, err := memorystore.Provider.GetEnvStore()
 		if err != nil {
 			log.Debug("Error while getting env store: ", err)
 			return err
 		}
-
 		encryptedConfig, err := crypto.EncryptEnvData(res)
 		if err != nil {
 			log.Debug("Error while encrypting env data: ", err)
 			return err
 		}
-
-		env = models.Env{
+		env = &models.Env{
 			Hash:    encodedHash,
 			EnvData: encryptedConfig,
 		}
-
-		env, err = db.Provider.AddEnv(ctx, env)
+		_, err = db.Provider.AddEnv(ctx, env)
 		if err != nil {
 			log.Debug("Error while persisting env data to db: ", err)
 			return err
@@ -200,7 +196,7 @@ func PersistEnv() error {
 				envValue := strings.TrimSpace(os.Getenv(key))
 				if envValue != "" {
 					switch key {
-					case constants.EnvKeyIsProd, constants.EnvKeyDisableBasicAuthentication, constants.EnvKeyDisableMobileBasicAuthentication, constants.EnvKeyDisableEmailVerification, constants.EnvKeyDisableLoginPage, constants.EnvKeyDisableMagicLinkLogin, constants.EnvKeyDisableSignUp, constants.EnvKeyDisableRedisForEnv, constants.EnvKeyDisableStrongPassword, constants.EnvKeyIsEmailServiceEnabled, constants.EnvKeyEnforceMultiFactorAuthentication, constants.EnvKeyDisableMultiFactorAuthentication, constants.EnvKeyAdminCookieSecure, constants.EnvKeyAppCookieSecure:
+					case constants.EnvKeyIsProd, constants.EnvKeyDisableBasicAuthentication, constants.EnvKeyDisableMobileBasicAuthentication, constants.EnvKeyDisableEmailVerification, constants.EnvKeyDisableLoginPage, constants.EnvKeyDisableMagicLinkLogin, constants.EnvKeyDisableSignUp, constants.EnvKeyDisableRedisForEnv, constants.EnvKeyDisableStrongPassword, constants.EnvKeyIsEmailServiceEnabled, constants.EnvKeyIsSMSServiceEnabled, constants.EnvKeyEnforceMultiFactorAuthentication, constants.EnvKeyDisableMultiFactorAuthentication, constants.EnvKeyAdminCookieSecure, constants.EnvKeyAppCookieSecure, constants.EnvKeyDisablePhoneVerification:
 						if envValueBool, err := strconv.ParseBool(envValue); err == nil {
 							if value.(bool) != envValueBool {
 								storeData[key] = envValueBool

server/go.mod

@@ -5,7 +5,7 @@ go 1.16
 require (
 	github.com/99designs/gqlgen v0.17.20
 	github.com/arangodb/go-driver v1.2.1
-	github.com/aws/aws-sdk-go v1.44.109
+	github.com/aws/aws-sdk-go v1.44.298
 	github.com/coreos/go-oidc/v3 v3.1.0
 	github.com/couchbase/gocb/v2 v2.6.0
 	github.com/gin-gonic/gin v1.8.1
@@ -17,7 +17,7 @@ require (
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/google/go-cmp v0.5.6 // indirect
 	github.com/google/uuid v1.3.0
-	github.com/guregu/dynamo v1.16.0
+	github.com/guregu/dynamo v1.20.0
 	github.com/joho/godotenv v1.3.0
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/pelletier/go-toml/v2 v2.0.5 // indirect
@@ -25,11 +25,12 @@ require (
 	github.com/robertkrimen/otto v0.0.0-20211024170158-b87d35c0b86f
 	github.com/sirupsen/logrus v1.8.1
 	github.com/stretchr/testify v1.8.0
+	github.com/twilio/twilio-go v1.7.2
 	github.com/vektah/gqlparser/v2 v2.5.1
 	go.mongodb.org/mongo-driver v1.8.1
 	golang.org/x/crypto v0.4.0
 	golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914
-	google.golang.org/appengine v1.6.7 // indirect
+	google.golang.org/appengine v1.6.7
 	google.golang.org/protobuf v1.28.1 // indirect
 	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
 	gopkg.in/mail.v2 v2.3.1

server/graph/model/models_gen.go

@@ -27,7 +27,8 @@ type AdminSignupInput struct {
 
 type AuthResponse struct {
 	Message                   string  `json:"message"`
-	ShouldShowOtpScreen *bool   `json:"should_show_otp_screen"`
+	ShouldShowEmailOtpScreen  *bool   `json:"should_show_email_otp_screen"`
+	ShouldShowMobileOtpScreen *bool   `json:"should_show_mobile_otp_screen"`
 	AccessToken               *string `json:"access_token"`
 	IDToken                   *string `json:"id_token"`
 	RefreshToken              *string `json:"refresh_token"`
@@ -144,7 +145,8 @@ type GenerateJWTKeysResponse struct {
 }
 
 type GetUserRequest struct {
-	ID string `json:"id"`
+	ID    *string `json:"id"`
+	Email *string `json:"email"`
 }
 
 type InviteMemberInput struct {
@@ -221,6 +223,7 @@ type MobileSignUpInput struct {
 	RedirectURI              *string                `json:"redirect_uri"`
 	IsMultiFactorAuthEnabled *bool                  `json:"is_multi_factor_auth_enabled"`
 	State                    *string                `json:"state"`
+	AppData                  map[string]interface{} `json:"app_data"`
 }
 
 type OAuthRevokeInput struct {
@@ -244,7 +247,8 @@ type PaginationInput struct {
 }
 
 type ResendOTPRequest struct {
-	Email string  `json:"email"`
+	Email       *string `json:"email"`
+	PhoneNumber *string `json:"phone_number"`
 	State       *string `json:"state"`
 }
 
@@ -264,6 +268,15 @@ type Response struct {
 	Message string `json:"message"`
 }
 
+type SMSVerificationRequests struct {
+	ID            string `json:"id"`
+	Code          string `json:"code"`
+	CodeExpiresAt int64  `json:"code_expires_at"`
+	PhoneNumber   string `json:"phone_number"`
+	CreatedAt     int64  `json:"created_at"`
+	UpdatedAt     *int64 `json:"updated_at"`
+}
+
 type SessionQueryInput struct {
 	Roles []string `json:"roles"`
 	Scope []string `json:"scope"`
@@ -286,11 +299,13 @@ type SignUpInput struct {
 	RedirectURI              *string                `json:"redirect_uri"`
 	IsMultiFactorAuthEnabled *bool                  `json:"is_multi_factor_auth_enabled"`
 	State                    *string                `json:"state"`
+	AppData                  map[string]interface{} `json:"app_data"`
 }
 
 type TestEndpointRequest struct {
 	Endpoint         string                 `json:"endpoint"`
 	EventName        string                 `json:"event_name"`
+	EventDescription *string                `json:"event_description"`
 	Headers          map[string]interface{} `json:"headers"`
 }
 
@@ -380,6 +395,7 @@ type UpdateProfileInput struct {
 	PhoneNumber              *string                `json:"phone_number"`
 	Picture                  *string                `json:"picture"`
 	IsMultiFactorAuthEnabled *bool                  `json:"is_multi_factor_auth_enabled"`
+	AppData                  map[string]interface{} `json:"app_data"`
 }
 
 type UpdateUserInput struct {
@@ -396,6 +412,7 @@ type UpdateUserInput struct {
 	Picture                  *string                `json:"picture"`
 	Roles                    []*string              `json:"roles"`
 	IsMultiFactorAuthEnabled *bool                  `json:"is_multi_factor_auth_enabled"`
+	AppData                  map[string]interface{} `json:"app_data"`
 }
 
 type UpdateWebhookRequest struct {
@@ -427,6 +444,7 @@ type User struct {
 	UpdatedAt                *int64                 `json:"updated_at"`
 	RevokedTimestamp         *int64                 `json:"revoked_timestamp"`
 	IsMultiFactorAuthEnabled *bool                  `json:"is_multi_factor_auth_enabled"`
+	AppData                  map[string]interface{} `json:"app_data"`
 }
 
 type Users struct {
@@ -445,6 +463,15 @@ type ValidateJWTTokenResponse struct {
 	Claims  map[string]interface{} `json:"claims"`
 }
 
+type ValidateSessionInput struct {
+	Cookie string   `json:"cookie"`
+	Roles  []string `json:"roles"`
+}
+
+type ValidateSessionResponse struct {
+	IsValid bool `json:"is_valid"`
+}
+
 type VerificationRequest struct {
 	ID          string  `json:"id"`
 	Identifier  *string `json:"identifier"`
@@ -468,7 +495,8 @@ type VerifyEmailInput struct {
 }
 
 type VerifyOTPRequest struct {
-	Email string  `json:"email"`
+	Email       *string `json:"email"`
+	PhoneNumber *string `json:"phone_number"`
 	Otp         string  `json:"otp"`
 	State       *string `json:"state"`
 }

server/graph/schema.graphqls

@@ -51,6 +51,7 @@ type User {
   updated_at: Int64
   revoked_timestamp: Int64
   is_multi_factor_auth_enabled: Boolean
+  app_data: Map
 }
 
 type Users {
@@ -75,6 +76,15 @@ type VerificationRequests {
   verification_requests: [VerificationRequest!]!
 }
 
+type SMSVerificationRequests {
+  id: ID!
+  code: String!
+  code_expires_at: Int64!
+  phone_number: String!
+  created_at: Int64!
+  updated_at: Int64
+}
+
 type Error {
   message: String!
   reason: String!
@@ -82,7 +92,8 @@ type Error {
 
 type AuthResponse {
   message: String!
-  should_show_otp_screen: Boolean
+  should_show_email_otp_screen: Boolean
+  should_show_mobile_otp_screen: Boolean
   access_token: String
   id_token: String
   refresh_token: String
@@ -168,6 +179,10 @@ type ValidateJWTTokenResponse {
   claims: Map
 }
 
+type ValidateSessionResponse {
+  is_valid: Boolean!
+}
+
 type GenerateJWTKeysResponse {
   secret: String
   public_key: String
@@ -308,6 +323,7 @@ input MobileSignUpInput {
   # it is used to get code for an on-going auth process during login
   # and use that code for setting `c_hash` in id_token
   state: String
+  app_data: Map
 }
 
 input SignUpInput {
@@ -330,6 +346,7 @@ input SignUpInput {
   # it is used to get code for an on-going auth process during login
   # and use that code for setting `c_hash` in id_token
   state: String
+  app_data: Map
 }
 
 input LoginInput {
@@ -385,6 +402,7 @@ input UpdateProfileInput {
   phone_number: String
   picture: String
   is_multi_factor_auth_enabled: Boolean
+  app_data: Map
 }
 
 input UpdateUserInput {
@@ -401,6 +419,7 @@ input UpdateUserInput {
   picture: String
   roles: [String]
   is_multi_factor_auth_enabled: Boolean
+  app_data: Map
 }
 
 input ForgotPasswordInput {
@@ -460,6 +479,11 @@ input ValidateJWTTokenInput {
   roles: [String!]
 }
 
+input ValidateSessionInput {
+  cookie: String!
+  roles: [String!]
+}
+
 input GenerateJWTKeysInput {
   type: String!
 }
@@ -493,6 +517,7 @@ input WebhookRequest {
 input TestEndpointRequest {
   endpoint: String!
   event_name: String!
+  event_description: String
   headers: Map
 }
 
@@ -520,7 +545,9 @@ input DeleteEmailTemplateRequest {
 }
 
 input VerifyOTPRequest {
-  email: String!
+  # either email or phone_number is required
+  email: String
+  phone_number: String
   otp: String!
   # state is used for authorization code grant flow
   # it is used to get code for an on-going auth process during login
@@ -529,7 +556,8 @@ input VerifyOTPRequest {
 }
 
 input ResendOTPRequest {
-  email: String!
+  email: String
+  phone_number: String
   # state is used for authorization code grant flow
   # it is used to get code for an on-going auth process during login
   # and use that code for setting `c_hash` in id_token
@@ -537,7 +565,8 @@ input ResendOTPRequest {
 }
 
 input GetUserRequest {
-  id: String!
+  id: String
+  email: String
 }
 
 type Mutation {
@@ -580,6 +609,7 @@ type Query {
   session(params: SessionQueryInput): AuthResponse!
   profile: User!
   validate_jwt_token(params: ValidateJWTTokenInput!): ValidateJWTTokenResponse!
+  validate_session(params: ValidateSessionInput): ValidateSessionResponse!
   # admin only apis
   _users(params: PaginatedInput): Users!
   _user(params: GetUserRequest!): User!

server/graph/schema.resolvers.go

@@ -186,6 +186,11 @@ func (r *queryResolver) ValidateJwtToken(ctx context.Context, params model.Valid
 	return resolvers.ValidateJwtTokenResolver(ctx, params)
 }
 
+// ValidateSession is the resolver for the validate_session field.
+func (r *queryResolver) ValidateSession(ctx context.Context, params *model.ValidateSessionInput) (*model.ValidateSessionResponse, error) {
+	return resolvers.ValidateSessionResolver(ctx, params)
+}
+
 // Users is the resolver for the _users field.
 func (r *queryResolver) Users(ctx context.Context, params *model.PaginatedInput) (*model.Users, error) {
 	return resolvers.UsersResolver(ctx, params)

server/handlers/authorize.go

@@ -84,9 +84,9 @@ func AuthorizeHandler() gin.HandlerFunc {
 
 		if responseMode == "" {
 			if val, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultAuthorizeResponseMode); err == nil {
-				responseType = val
+				responseMode = val
 			} else {
-				responseType = constants.ResponseModeQuery
+				responseMode = constants.ResponseModeQuery
 			}
 		}
 

server/handlers/oauth_callback.go

@@ -55,7 +55,7 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 		inputRoles := strings.Split(sessionSplit[2], ",")
 		scopes := strings.Split(sessionSplit[3], ",")
 
-		user := models.User{}
+		var user *models.User
 		oauthCode := ctx.Request.FormValue("code")
 		switch provider {
 		case constants.AuthRecipeMethodGoogle:
@@ -260,10 +260,12 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 		go func() {
 			if isSignUp {
 				utils.RegisterEvent(ctx, constants.UserSignUpWebhookEvent, provider, user)
+				// User is also logged in with signup
+				utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, provider, user)
 			} else {
 				utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, provider, user)
 			}
-			db.Provider.AddSession(ctx, models.Session{
+			db.Provider.AddSession(ctx, &models.Session{
 				UserID:    user.ID,
 				UserAgent: utils.GetUserAgent(ctx.Request),
 				IP:        utils.GetIP(ctx.Request),
@@ -279,15 +281,14 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 	}
 }
 
-func processGoogleUserInfo(code string) (models.User, error) {
-	user := models.User{}
+func processGoogleUserInfo(code string) (*models.User, error) {
+	var user *models.User
 	ctx := context.Background()
 	oauth2Token, err := oauth.OAuthProviders.GoogleConfig.Exchange(ctx, code)
 	if err != nil {
 		log.Debug("Failed to exchange code for token: ", err)
 		return user, fmt.Errorf("invalid google exchange code: %s", err.Error())
 	}
-
 	verifier := oauth.OIDCProviders.GoogleOIDC.Verifier(&oidc.Config{ClientID: oauth.OAuthProviders.GoogleConfig.ClientID})
 
 	// Extract the ID Token from OAuth2 token.
@@ -312,8 +313,8 @@ func processGoogleUserInfo(code string) (models.User, error) {
 	return user, nil
 }
 
-func processGithubUserInfo(code string) (models.User, error) {
-	user := models.User{}
+func processGithubUserInfo(code string) (*models.User, error) {
+	var user *models.User
 	oauth2Token, err := oauth.OAuthProviders.GithubConfig.Exchange(context.TODO(), code)
 	if err != nil {
 		log.Debug("Failed to exchange code for token: ", err)
@@ -409,7 +410,7 @@ func processGithubUserInfo(code string) (models.User, error) {
 		}
 	}
 
-	user = models.User{
+	user = &models.User{
 		GivenName:  &firstName,
 		FamilyName: &lastName,
 		Picture:    &picture,
@@ -419,8 +420,8 @@ func processGithubUserInfo(code string) (models.User, error) {
 	return user, nil
 }
 
-func processFacebookUserInfo(code string) (models.User, error) {
-	user := models.User{}
+func processFacebookUserInfo(code string) (*models.User, error) {
+	var user *models.User
 	oauth2Token, err := oauth.OAuthProviders.FacebookConfig.Exchange(context.TODO(), code)
 	if err != nil {
 		log.Debug("Invalid facebook exchange code: ", err)
@@ -452,7 +453,7 @@ func processFacebookUserInfo(code string) (models.User, error) {
 	userRawData := make(map[string]interface{})
 	json.Unmarshal(body, &userRawData)
 
-	email := fmt.Sprintf("%v", userRawData["sub"])
+	email := fmt.Sprintf("%v", userRawData["email"])
 
 	picObject := userRawData["picture"].(map[string]interface{})["data"]
 	picDataObject := picObject.(map[string]interface{})
@@ -460,7 +461,7 @@ func processFacebookUserInfo(code string) (models.User, error) {
 	lastName := fmt.Sprintf("%v", userRawData["last_name"])
 	picture := fmt.Sprintf("%v", picDataObject["url"])
 
-	user = models.User{
+	user = &models.User{
 		GivenName:  &firstName,
 		FamilyName: &lastName,
 		Picture:    &picture,
@@ -470,8 +471,8 @@ func processFacebookUserInfo(code string) (models.User, error) {
 	return user, nil
 }
 
-func processLinkedInUserInfo(code string) (models.User, error) {
-	user := models.User{}
+func processLinkedInUserInfo(code string) (*models.User, error) {
+	var user *models.User
 	oauth2Token, err := oauth.OAuthProviders.LinkedInConfig.Exchange(context.TODO(), code)
 	if err != nil {
 		log.Debug("Failed to exchange code for token: ", err)
@@ -542,7 +543,7 @@ func processLinkedInUserInfo(code string) (models.User, error) {
 	profilePicture := userRawData["profilePicture"].(map[string]interface{})["displayImage~"].(map[string]interface{})["elements"].([]interface{})[0].(map[string]interface{})["identifiers"].([]interface{})[0].(map[string]interface{})["identifier"].(string)
 	emailAddress := emailRawData["elements"].([]interface{})[0].(map[string]interface{})["handle~"].(map[string]interface{})["emailAddress"].(string)
 
-	user = models.User{
+	user = &models.User{
 		GivenName:  &firstName,
 		FamilyName: &lastName,
 		Picture:    &profilePicture,
@@ -552,8 +553,8 @@ func processLinkedInUserInfo(code string) (models.User, error) {
 	return user, nil
 }
 
-func processAppleUserInfo(code string) (models.User, error) {
-	user := models.User{}
+func processAppleUserInfo(code string) (*models.User, error) {
+	var user *models.User
 	oauth2Token, err := oauth.OAuthProviders.AppleConfig.Exchange(context.TODO(), code)
 	if err != nil {
 		log.Debug("Failed to exchange code for token: ", err)
@@ -605,8 +606,8 @@ func processAppleUserInfo(code string) (models.User, error) {
 	return user, err
 }
 
-func processTwitterUserInfo(code, verifier string) (models.User, error) {
-	user := models.User{}
+func processTwitterUserInfo(code, verifier string) (*models.User, error) {
+	var user *models.User
 	oauth2Token, err := oauth.OAuthProviders.TwitterConfig.Exchange(context.TODO(), code, oauth2.SetAuthURLParam("code_verifier", verifier))
 	if err != nil {
 		log.Debug("Failed to exchange code for token: ", err)
@@ -662,7 +663,7 @@ func processTwitterUserInfo(code, verifier string) (models.User, error) {
 	nickname := userRawData["username"].(string)
 	profilePicture := userRawData["profile_image_url"].(string)
 
-	user = models.User{
+	user = &models.User{
 		GivenName:  &firstName,
 		FamilyName: &lastName,
 		Picture:    &profilePicture,
@@ -673,8 +674,8 @@ func processTwitterUserInfo(code, verifier string) (models.User, error) {
 }
 
 // process microsoft user information
-func processMicrosoftUserInfo(code string) (models.User, error) {
-	user := models.User{}
+func processMicrosoftUserInfo(code string) (*models.User, error) {
+	var user *models.User
 	ctx := context.Background()
 	oauth2Token, err := oauth.OAuthProviders.MicrosoftConfig.Exchange(ctx, code)
 	if err != nil {

server/handlers/verify_email.go

@@ -175,11 +175,12 @@ func VerifyEmailHandler() gin.HandlerFunc {
 		go func() {
 			if isSignUp {
 				utils.RegisterEvent(c, constants.UserSignUpWebhookEvent, loginMethod, user)
+				// User is also logged in with signup
+				utils.RegisterEvent(c, constants.UserLoginWebhookEvent, loginMethod, user)
 			} else {
 				utils.RegisterEvent(c, constants.UserLoginWebhookEvent, loginMethod, user)
 			}
-
-			db.Provider.AddSession(c, models.Session{
+			db.Provider.AddSession(c, &models.Session{
 				UserID:    user.ID,
 				UserAgent: utils.GetUserAgent(c.Request),
 				IP:        utils.GetIP(c.Request),

server/memorystore/memory_store.go

@@ -33,6 +33,7 @@ func InitMemStore() error {
 		constants.EnvKeyDisableSignUp:                    false,
 		constants.EnvKeyDisableStrongPassword:            false,
 		constants.EnvKeyIsEmailServiceEnabled:            false,
+		constants.EnvKeyIsSMSServiceEnabled:              false,
 		constants.EnvKeyEnforceMultiFactorAuthentication: false,
 		constants.EnvKeyDisableMultiFactorAuthentication: false,
 		constants.EnvKeyAppCookieSecure:                  true,

server/memorystore/providers/inmemory/provider.go

@@ -9,6 +9,7 @@ import (
 type provider struct {
 	mutex           sync.Mutex
 	sessionStore    *stores.SessionStore
+	mfasessionStore *stores.SessionStore
 	stateStore      *stores.StateStore
 	envStore        *stores.EnvStore
 }
@@ -19,6 +20,7 @@ func NewInMemoryProvider() (*provider, error) {
 		mutex:           sync.Mutex{},
 		envStore:        stores.NewEnvStore(),
 		sessionStore:    stores.NewSessionStore(),
+		mfasessionStore: stores.NewSessionStore(),
 		stateStore:      stores.NewStateStore(),
 	}, nil
 }

server/memorystore/providers/inmemory/store.go

@@ -42,6 +42,27 @@ func (c *provider) DeleteSessionForNamespace(namespace string) error {
 	return nil
 }
 
+// SetMfaSession sets the mfa session with key and value of userId
+func (c *provider) SetMfaSession(userId, key string, expiration int64) error {
+	c.mfasessionStore.Set(userId, key, userId, expiration)
+	return nil
+}
+
+// GetMfaSession returns value of given mfa session
+func (c *provider) GetMfaSession(userId, key string) (string, error) {
+	val := c.mfasessionStore.Get(userId, key)
+	if val == "" {
+		return "", fmt.Errorf("Not found")
+	}
+	return val, nil
+}
+
+// DeleteMfaSession deletes given mfa session from in-memory store.
+func (c *provider) DeleteMfaSession(userId, key string) error {
+	c.mfasessionStore.Remove(userId, key)
+	return nil
+}
+
 // SetState sets the state in the in-memory store.
 func (c *provider) SetState(key, state string) error {
 	if os.Getenv("ENV") != constants.TestEnv {

server/memorystore/providers/provider_tests.go

@@ -112,4 +112,15 @@ func ProviderTests(t *testing.T, p Provider) {
 	key, err = p.GetUserSession("auth_provider1:124", "access_token_key")
 	assert.Empty(t, key)
 	assert.Error(t, err)
+
+	err = p.SetMfaSession("auth_provider:123", "session123", time.Now().Add(60*time.Second).Unix())
+	assert.NoError(t, err)
+	key, err = p.GetMfaSession("auth_provider:123", "session123")
+	assert.NoError(t, err)
+	assert.Equal(t, "auth_provider:123", key)
+	err = p.DeleteMfaSession("auth_provider:123", "session123")
+	assert.NoError(t, err)
+	key, err = p.GetMfaSession("auth_provider:123", "session123")
+	assert.Error(t, err)
+	assert.Empty(t, key)
 }

server/memorystore/providers/providers.go

@@ -12,6 +12,12 @@ type Provider interface {
 	DeleteAllUserSessions(userId string) error
 	// DeleteSessionForNamespace deletes the session for a given namespace
 	DeleteSessionForNamespace(namespace string) error
+	// SetMfaSession sets the mfa session with key and value of userId
+	SetMfaSession(userId, key string, expiration int64) error
+	// GetMfaSession returns value of given mfa session
+	GetMfaSession(userId, key string) (string, error)
+	// DeleteMfaSession deletes given mfa session from in-memory store.
+	DeleteMfaSession(userId, key string) error
 
 	// SetState sets the login state (key, value form) in the session store
 	SetState(key, state string) error

server/memorystore/providers/redis/provider.go

@@ -9,6 +9,10 @@ import (
 	log "github.com/sirupsen/logrus"
 )
 
+const (
+	dialTimeout = 60 * time.Second
+)
+
 // RedisClient is the interface for redis client & redis cluster client
 type RedisClient interface {
 	HMSet(ctx context.Context, key string, values ...interface{}) *redis.BoolCmd
@@ -41,8 +45,7 @@ func NewRedisProvider(redisURL string) (*provider, error) {
 		urls := []string{opt.Addr}
 		urlList := redisURLHostPortsList[1:]
 		urls = append(urls, urlList...)
-		clusterOpt := &redis.ClusterOptions{Addrs: urls}
-
+		clusterOpt := &redis.ClusterOptions{Addrs: urls, DialTimeout: dialTimeout}
 		rdb := redis.NewClusterClient(clusterOpt)
 		ctx := context.Background()
 		_, err = rdb.Ping(ctx).Result()
@@ -62,7 +65,7 @@ func NewRedisProvider(redisURL string) (*provider, error) {
 		log.Debug("error parsing redis url: ", err)
 		return nil, err
 	}
-
+	opt.DialTimeout = dialTimeout
 	rdb := redis.NewClient(opt)
 	ctx := context.Background()
 	_, err = rdb.Ping(ctx).Result()

server/memorystore/providers/redis/store.go

@@ -16,6 +16,8 @@ var (
 	envStorePrefix = "authorizer_env"
 )
 
+const mfaSessionPrefix = "mfa_sess_"
+
 // SetUserSession sets the user session for given user identifier in form recipe:user_id
 func (c *provider) SetUserSession(userId, key, token string, expiration int64) error {
 	currentTime := time.Now()
@@ -91,6 +93,37 @@ func (c *provider) DeleteSessionForNamespace(namespace string) error {
 	return nil
 }
 
+// SetMfaSession sets the mfa session with key and value of userId
+func (c *provider) SetMfaSession(userId, key string, expiration int64) error {
+	currentTime := time.Now()
+	expireTime := time.Unix(expiration, 0)
+	duration := expireTime.Sub(currentTime)
+	err := c.store.Set(c.ctx, fmt.Sprintf("%s%s:%s", mfaSessionPrefix, userId, key), userId, duration).Err()
+	if err != nil {
+		log.Debug("Error saving user session to redis: ", err)
+		return err
+	}
+	return nil
+}
+
+// GetMfaSession returns value of given mfa session
+func (c *provider) GetMfaSession(userId, key string) (string, error) {
+	data, err := c.store.Get(c.ctx, fmt.Sprintf("%s%s:%s", mfaSessionPrefix, userId, key)).Result()
+	if err != nil {
+		return "", err
+	}
+	return data, nil
+}
+
+// DeleteMfaSession deletes given mfa session from in-memory store.
+func (c *provider) DeleteMfaSession(userId, key string) error {
+	if err := c.store.Del(c.ctx, fmt.Sprintf("%s%s:%s", mfaSessionPrefix, userId, key)).Err(); err != nil {
+		log.Debug("Error deleting user session from redis: ", err)
+		// continue
+	}
+	return nil
+}
+
 // SetState sets the state in redis store.
 func (c *provider) SetState(key, value string) error {
 	err := c.store.Set(c.ctx, stateStorePrefix+key, value, 0).Err()
@@ -143,7 +176,7 @@ func (c *provider) GetEnvStore() (map[string]interface{}, error) {
 		return nil, err
 	}
 	for key, value := range data {
-		if key == constants.EnvKeyDisableBasicAuthentication || key == constants.EnvKeyDisableMobileBasicAuthentication || key == constants.EnvKeyDisableEmailVerification || key == constants.EnvKeyDisableLoginPage || key == constants.EnvKeyDisableMagicLinkLogin || key == constants.EnvKeyDisableRedisForEnv || key == constants.EnvKeyDisableSignUp || key == constants.EnvKeyDisableStrongPassword || key == constants.EnvKeyIsEmailServiceEnabled || key == constants.EnvKeyEnforceMultiFactorAuthentication || key == constants.EnvKeyDisableMultiFactorAuthentication || key == constants.EnvKeyAppCookieSecure || key == constants.EnvKeyAdminCookieSecure {
+		if key == constants.EnvKeyDisableBasicAuthentication || key == constants.EnvKeyDisableMobileBasicAuthentication || key == constants.EnvKeyDisableEmailVerification || key == constants.EnvKeyDisableLoginPage || key == constants.EnvKeyDisableMagicLinkLogin || key == constants.EnvKeyDisableRedisForEnv || key == constants.EnvKeyDisableSignUp || key == constants.EnvKeyDisableStrongPassword || key == constants.EnvKeyIsEmailServiceEnabled || key == constants.EnvKeyIsSMSServiceEnabled || key == constants.EnvKeyEnforceMultiFactorAuthentication || key == constants.EnvKeyDisableMultiFactorAuthentication || key == constants.EnvKeyAppCookieSecure || key == constants.EnvKeyAdminCookieSecure {
 			boolValue, err := strconv.ParseBool(value)
 			if err != nil {
 				return res, err

server/oauth/oauth.go

@@ -10,11 +10,16 @@ import (
 	githubOAuth2 "golang.org/x/oauth2/github"
 	linkedInOAuth2 "golang.org/x/oauth2/linkedin"
 	microsoftOAuth2 "golang.org/x/oauth2/microsoft"
+	"google.golang.org/appengine/log"
 
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/memorystore"
 )
 
+const (
+	microsoftCommonTenant = "common"
+)
+
 // OAuthProviders is a struct that contains reference all the OAuth providers
 type OAuthProvider struct {
 	GoogleConfig    *oauth2.Config
@@ -171,12 +176,16 @@ func InitOAuth() error {
 		microsoftClientSecret = ""
 	}
 	microsoftActiveDirTenantID, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyMicrosoftActiveDirectoryTenantID)
-	if err != nil {
-		microsoftActiveDirTenantID = ""
+	if err != nil || microsoftActiveDirTenantID == "" {
+		microsoftActiveDirTenantID = microsoftCommonTenant
+	}
+	if microsoftClientID != "" && microsoftClientSecret != "" {
+		if microsoftActiveDirTenantID == microsoftCommonTenant {
+			ctx = oidc.InsecureIssuerURLContext(ctx, fmt.Sprintf("https://login.microsoftonline.com/%s/v2.0", microsoftActiveDirTenantID))
 		}
-	if microsoftClientID != "" && microsoftClientSecret != "" && microsoftActiveDirTenantID != "" {
 		p, err := oidc.NewProvider(ctx, fmt.Sprintf("https://login.microsoftonline.com/%s/v2.0", microsoftActiveDirTenantID))
 		if err != nil {
+			log.Debugf(ctx, "Error while creating OIDC provider for Microsoft: %v", err)
 			return err
 		}
 		OIDCProviders.MicrosoftOIDC = p

server/resolvers/add_email_template.go

@@ -47,7 +47,7 @@ func AddEmailTemplateResolver(ctx context.Context, params model.AddEmailTemplate
 		design = ""
 	}
 
-	_, err = db.Provider.AddEmailTemplate(ctx, models.EmailTemplate{
+	_, err = db.Provider.AddEmailTemplate(ctx, &models.EmailTemplate{
 		EventName: params.EventName,
 		Template:  params.Template,
 		Subject:   params.Subject,

server/resolvers/add_webhook.go

@@ -43,7 +43,7 @@ func AddWebhookResolver(ctx context.Context, params model.AddWebhookRequest) (*m
 	if params.EventDescription == nil {
 		params.EventDescription = refs.NewStringRef(strings.Join(strings.Split(params.EventName, "."), " "))
 	}
-	_, err = db.Provider.AddWebhook(ctx, models.Webhook{
+	_, err = db.Provider.AddWebhook(ctx, &models.Webhook{
 		EventDescription: refs.StringValue(params.EventDescription),
 		EventName:        params.EventName,
 		EndPoint:         params.Endpoint,