fix: remove debug logs

fix(update_profile): changing password if not signed up via basic auth

Makefile

@@ -10,7 +10,16 @@ build-dashboard:
 clean:
 	rm -rf build
 test:
-	rm -rf server/test/test.db && rm -rf test.db && cd server && go clean --testcache && go test -p 1 -v ./test
+	rm -rf server/test/test.db && rm -rf test.db && cd server && go clean --testcache && TEST_DBS="sqlite" go test -p 1 -v ./test
+test-all-db:
+	rm -rf server/test/test.db && rm -rf test.db
+	docker run -d --name authorizer_scylla_db -p 9042:9042 scylladb/scylla
+	docker run -d --name authorizer_mongodb_db -p 27017:27017 mongo:4.4.15
+	docker run -d --name authorizer_arangodb -p 8529:8529 -e ARANGO_NO_AUTH=1 arangodb/arangodb:3.8.4
+	cd server && go clean --testcache && TEST_DBS="sqlite,mongodb,arangodb,scylladb" go test -p 1 -v ./test
+	docker rm -vf authorizer_mongodb_db
+	docker rm -vf authorizer_scylla_db
+	docker rm -vf authorizer_arangodb
 generate:
 	cd server && go get github.com/99designs/gqlgen/cmd@v0.14.0 && go run github.com/99designs/gqlgen generate
 	

server/constants/db_types.go

@@ -23,4 +23,6 @@ const (
 	DbTypeScyllaDB = "scylladb"
 	// DbTypeCockroachDB is the cockroach database type
 	DbTypeCockroachDB = "cockroachdb"
+	// DbTypePlanetScaleDB is the planetscale database type
+	DbTypePlanetScaleDB = "planetscale"
 )

server/constants/oauth_info_urls.go

@@ -8,6 +8,9 @@ const (
 	FacebookUserInfoURL = "https://graph.facebook.com/me?fields=id,first_name,last_name,name,email,picture&access_token="
 	// Ref: https://docs.github.com/en/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps#3-your-github-app-accesses-the-api-with-the-users-access-token
 	GithubUserInfoURL = "https://api.github.com/user"
+	// Get github user emails when user info email is empty Ref: https://stackoverflow.com/a/35387123
+	GithubUserEmails = "https://api/github.com/user/emails"
+
 	// Ref: https://docs.microsoft.com/en-us/linkedin/shared/integrations/people/profile-api
 	LinkedInUserInfoURL = "https://api.linkedin.com/v2/me?projection=(id,localizedFirstName,localizedLastName,emailAddress,profilePicture(displayImage~:playableStreams))"
 	LinkedInEmailURL    = "https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~))"

server/db/models/email_templates.go

@@ -0,0 +1,33 @@
+package models
+
+import (
+	"strings"
+
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/refs"
+)
+
+// EmailTemplate model for database
+type EmailTemplate struct {
+	Key       string `json:"_key,omitempty" bson:"_key,omitempty" cql:"_key,omitempty"` // for arangodb
+	ID        string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id" cql:"id"`
+	EventName string `gorm:"unique" json:"event_name" bson:"event_name" cql:"event_name"`
+	Template  string `gorm:"type:text" json:"template" bson:"template" cql:"template"`
+	CreatedAt int64  `json:"created_at" bson:"created_at" cql:"created_at"`
+	UpdatedAt int64  `json:"updated_at" bson:"updated_at" cql:"updated_at"`
+}
+
+// AsAPIEmailTemplate to return email template as graphql response object
+func (e *EmailTemplate) AsAPIEmailTemplate() *model.EmailTemplate {
+	id := e.ID
+	if strings.Contains(id, Collections.EmailTemplate+"/") {
+		id = strings.TrimPrefix(id, Collections.EmailTemplate+"/")
+	}
+	return &model.EmailTemplate{
+		ID:        id,
+		EventName: e.EventName,
+		Template:  e.Template,
+		CreatedAt: refs.NewInt64Ref(e.CreatedAt),
+		UpdatedAt: refs.NewInt64Ref(e.UpdatedAt),
+	}
+}

server/db/models/model.go

@@ -8,6 +8,7 @@ type CollectionList struct {
 	Env                 string
 	Webhook             string
 	WebhookLog          string
+	EmailTemplate       string
 }
 
 var (
@@ -21,5 +22,6 @@ var (
 		Env:                 Prefix + "env",
 		Webhook:             Prefix + "webhook",
 		WebhookLog:          Prefix + "webhook_log",
+		EmailTemplate:       Prefix + "email_template",
 	}
 )

server/db/models/session.go

@@ -6,8 +6,7 @@ package models
 type Session struct {
 	Key       string `json:"_key,omitempty" bson:"_key,omitempty" cql:"_key,omitempty"` // for arangodb
 	ID        string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id" cql:"id"`
-	UserID    string `gorm:"type:char(36),index:" json:"user_id" bson:"user_id" cql:"user_id"`
-	User      User   `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;" json:"-" bson:"-" cql:"-"`
+	UserID    string `gorm:"type:char(36)" json:"user_id" bson:"user_id" cql:"user_id"`
 	UserAgent string `json:"user_agent" bson:"user_agent" cql:"user_agent"`
 	IP        string `json:"ip" bson:"ip" cql:"ip"`
 	CreatedAt int64  `json:"created_at" bson:"created_at" cql:"created_at"`

server/db/models/user.go

@@ -4,6 +4,7 @@ import (
 	"strings"
 
 	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/refs"
 )
 
 // Note: any change here should be reflected in providers/casandra/provider.go as it does not have model support in collection creation
@@ -35,11 +36,13 @@ type User struct {
 func (user *User) AsAPIUser() *model.User {
 	isEmailVerified := user.EmailVerifiedAt != nil
 	isPhoneVerified := user.PhoneNumberVerifiedAt != nil
-	email := user.Email
-	createdAt := user.CreatedAt
-	updatedAt := user.UpdatedAt
+
+	id := user.ID
+	if strings.Contains(id, Collections.WebhookLog+"/") {
+		id = strings.TrimPrefix(id, Collections.WebhookLog+"/")
+	}
 	return &model.User{
-		ID:                  user.ID,
+		ID:                  id,
 		Email:               user.Email,
 		EmailVerified:       isEmailVerified,
 		SignupMethods:       user.SignupMethods,
@@ -47,7 +50,7 @@ func (user *User) AsAPIUser() *model.User {
 		FamilyName:          user.FamilyName,
 		MiddleName:          user.MiddleName,
 		Nickname:            user.Nickname,
-		PreferredUsername:   &email,
+		PreferredUsername:   refs.NewStringRef(user.Email),
 		Gender:              user.Gender,
 		Birthdate:           user.Birthdate,
 		PhoneNumber:         user.PhoneNumber,
@@ -55,7 +58,7 @@ func (user *User) AsAPIUser() *model.User {
 		Picture:             user.Picture,
 		Roles:               strings.Split(user.Roles, ","),
 		RevokedTimestamp:    user.RevokedTimestamp,
-		CreatedAt:           &createdAt,
-		UpdatedAt:           &updatedAt,
+		CreatedAt:           refs.NewInt64Ref(user.CreatedAt),
+		UpdatedAt:           refs.NewInt64Ref(user.UpdatedAt),
 	}
 }

server/db/models/verification_requests.go

@@ -1,6 +1,11 @@
 package models
 
-import "github.com/authorizerdev/authorizer/server/graph/model"
+import (
+	"strings"
+
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/refs"
+)
 
 // Note: any change here should be reflected in providers/casandra/provider.go as it does not have model support in collection creation
 
@@ -19,23 +24,20 @@ type VerificationRequest struct {
 }
 
 func (v *VerificationRequest) AsAPIVerificationRequest() *model.VerificationRequest {
-	token := v.Token
-	createdAt := v.CreatedAt
-	updatedAt := v.UpdatedAt
-	email := v.Email
-	nonce := v.Nonce
-	redirectURI := v.RedirectURI
-	expires := v.ExpiresAt
-	identifier := v.Identifier
+	id := v.ID
+	if strings.Contains(id, Collections.WebhookLog+"/") {
+		id = strings.TrimPrefix(id, Collections.WebhookLog+"/")
+	}
+
 	return &model.VerificationRequest{
-		ID:          v.ID,
-		Token:       &token,
-		Identifier:  &identifier,
-		Expires:     &expires,
-		Email:       &email,
-		Nonce:       &nonce,
-		RedirectURI: &redirectURI,
-		CreatedAt:   &createdAt,
-		UpdatedAt:   &updatedAt,
+		ID:          id,
+		Token:       refs.NewStringRef(v.Token),
+		Identifier:  refs.NewStringRef(v.Identifier),
+		Expires:     refs.NewInt64Ref(v.ExpiresAt),
+		Email:       refs.NewStringRef(v.Email),
+		Nonce:       refs.NewStringRef(v.Nonce),
+		RedirectURI: refs.NewStringRef(v.RedirectURI),
+		CreatedAt:   refs.NewInt64Ref(v.CreatedAt),
+		UpdatedAt:   refs.NewInt64Ref(v.UpdatedAt),
 	}
 }

server/db/models/webhook.go

@@ -2,8 +2,10 @@ package models
 
 import (
 	"encoding/json"
+	"strings"
 
 	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/refs"
 )
 
 // Note: any change here should be reflected in providers/casandra/provider.go as it does not have model support in collection creation
@@ -20,16 +22,23 @@ type Webhook struct {
 	UpdatedAt int64  `json:"updated_at" bson:"updated_at" cql:"updated_at"`
 }
 
+// AsAPIWebhook to return webhook as graphql response object
 func (w *Webhook) AsAPIWebhook() *model.Webhook {
 	headersMap := make(map[string]interface{})
 	json.Unmarshal([]byte(w.Headers), &headersMap)
+
+	id := w.ID
+	if strings.Contains(id, Collections.Webhook+"/") {
+		id = strings.TrimPrefix(id, Collections.Webhook+"/")
+	}
+
 	return &model.Webhook{
-		ID:        w.ID,
-		EventName: &w.EventName,
-		Endpoint:  &w.EndPoint,
+		ID:        id,
+		EventName: refs.NewStringRef(w.EventName),
+		Endpoint:  refs.NewStringRef(w.EndPoint),
 		Headers:   headersMap,
-		Enabled:   &w.Enabled,
-		CreatedAt: &w.CreatedAt,
-		UpdatedAt: &w.UpdatedAt,
+		Enabled:   refs.NewBoolRef(w.Enabled),
+		CreatedAt: refs.NewInt64Ref(w.CreatedAt),
+		UpdatedAt: refs.NewInt64Ref(w.UpdatedAt),
 	}
 }

server/db/models/webhook_log.go

@@ -1,6 +1,11 @@
 package models
 
-import "github.com/authorizerdev/authorizer/server/graph/model"
+import (
+	"strings"
+
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/refs"
+)
 
 // Note: any change here should be reflected in providers/casandra/provider.go as it does not have model support in collection creation
 
@@ -11,20 +16,24 @@ type WebhookLog struct {
 	HttpStatus int64  `json:"http_status" bson:"http_status" cql:"http_status"`
 	Response   string `gorm:"type:text" json:"response" bson:"response" cql:"response"`
 	Request    string `gorm:"type:text" json:"request" bson:"request" cql:"request"`
-	WebhookID  string  `gorm:"type:char(36),index:" json:"webhook_id" bson:"webhook_id" cql:"webhook_id"`
-	Webhook    Webhook `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;" json:"-" bson:"-" cql:"-"`
+	WebhookID  string `gorm:"type:char(36)" json:"webhook_id" bson:"webhook_id" cql:"webhook_id"`
 	CreatedAt  int64  `json:"created_at" bson:"created_at" cql:"created_at"`
 	UpdatedAt  int64  `json:"updated_at" bson:"updated_at" cql:"updated_at"`
 }
 
+// AsAPIWebhookLog to return webhook log as graphql response object
 func (w *WebhookLog) AsAPIWebhookLog() *model.WebhookLog {
+	id := w.ID
+	if strings.Contains(id, Collections.WebhookLog+"/") {
+		id = strings.TrimPrefix(id, Collections.WebhookLog+"/")
+	}
 	return &model.WebhookLog{
-		ID:         w.ID,
-		HTTPStatus: &w.HttpStatus,
-		Response:   &w.Response,
-		Request:    &w.Request,
-		WebhookID:  &w.WebhookID,
-		CreatedAt:  &w.CreatedAt,
-		UpdatedAt:  &w.UpdatedAt,
+		ID:         id,
+		HTTPStatus: refs.NewInt64Ref(w.HttpStatus),
+		Response:   refs.NewStringRef(w.Response),
+		Request:    refs.NewStringRef(w.Request),
+		WebhookID:  refs.NewStringRef(w.WebhookID),
+		CreatedAt:  refs.NewInt64Ref(w.CreatedAt),
+		UpdatedAt:  refs.NewInt64Ref(w.UpdatedAt),
 	}
 }

server/db/providers/arangodb/email_template.go

@@ -0,0 +1,151 @@
+package arangodb
+
+import (
+	"context"
+	"fmt"
+	"time"
+
+	"github.com/arangodb/go-driver"
+	arangoDriver "github.com/arangodb/go-driver"
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/google/uuid"
+)
+
+// AddEmailTemplate to add EmailTemplate
+func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+	if emailTemplate.ID == "" {
+		emailTemplate.ID = uuid.New().String()
+	}
+
+	emailTemplate.Key = emailTemplate.ID
+	emailTemplate.CreatedAt = time.Now().Unix()
+	emailTemplate.UpdatedAt = time.Now().Unix()
+
+	emailTemplateCollection, _ := p.db.Collection(ctx, models.Collections.EmailTemplate)
+	_, err := emailTemplateCollection.CreateDocument(ctx, emailTemplate)
+	if err != nil {
+		return nil, err
+	}
+	return emailTemplate.AsAPIEmailTemplate(), nil
+}
+
+// UpdateEmailTemplate to update EmailTemplate
+func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+	emailTemplate.UpdatedAt = time.Now().Unix()
+
+	emailTemplateCollection, _ := p.db.Collection(ctx, models.Collections.EmailTemplate)
+	meta, err := emailTemplateCollection.UpdateDocument(ctx, emailTemplate.Key, emailTemplate)
+	if err != nil {
+		return nil, err
+	}
+
+	emailTemplate.Key = meta.Key
+	emailTemplate.ID = meta.ID.String()
+	return emailTemplate.AsAPIEmailTemplate(), nil
+}
+
+// ListEmailTemplates to list EmailTemplate
+func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagination) (*model.EmailTemplates, error) {
+	emailTemplates := []*model.EmailTemplate{}
+
+	query := fmt.Sprintf("FOR d in %s SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.EmailTemplate, pagination.Offset, pagination.Limit)
+
+	sctx := driver.WithQueryFullCount(ctx)
+	cursor, err := p.db.Query(sctx, query, nil)
+	if err != nil {
+		return nil, err
+	}
+	defer cursor.Close()
+
+	paginationClone := pagination
+	paginationClone.Total = cursor.Statistics().FullCount()
+
+	for {
+		var emailTemplate models.EmailTemplate
+		meta, err := cursor.ReadDocument(ctx, &emailTemplate)
+
+		if arangoDriver.IsNoMoreDocuments(err) {
+			break
+		} else if err != nil {
+			return nil, err
+		}
+
+		if meta.Key != "" {
+			emailTemplates = append(emailTemplates, emailTemplate.AsAPIEmailTemplate())
+		}
+	}
+
+	return &model.EmailTemplates{
+		Pagination:     &paginationClone,
+		EmailTemplates: emailTemplates,
+	}, nil
+}
+
+// GetEmailTemplateByID to get EmailTemplate by id
+func (p *provider) GetEmailTemplateByID(ctx context.Context, emailTemplateID string) (*model.EmailTemplate, error) {
+	var emailTemplate models.EmailTemplate
+	query := fmt.Sprintf("FOR d in %s FILTER d._key == @email_template_id RETURN d", models.Collections.EmailTemplate)
+	bindVars := map[string]interface{}{
+		"email_template_id": emailTemplateID,
+	}
+
+	cursor, err := p.db.Query(ctx, query, bindVars)
+	if err != nil {
+		return nil, err
+	}
+	defer cursor.Close()
+
+	for {
+		if !cursor.HasMore() {
+			if emailTemplate.Key == "" {
+				return nil, fmt.Errorf("email template not found")
+			}
+			break
+		}
+		_, err := cursor.ReadDocument(ctx, &emailTemplate)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return emailTemplate.AsAPIEmailTemplate(), nil
+}
+
+// GetEmailTemplateByEventName to get EmailTemplate by event_name
+func (p *provider) GetEmailTemplateByEventName(ctx context.Context, eventName string) (*model.EmailTemplate, error) {
+	var emailTemplate models.EmailTemplate
+	query := fmt.Sprintf("FOR d in %s FILTER d.event_name == @event_name RETURN d", models.Collections.EmailTemplate)
+	bindVars := map[string]interface{}{
+		"event_name": eventName,
+	}
+
+	cursor, err := p.db.Query(ctx, query, bindVars)
+	if err != nil {
+		return nil, err
+	}
+	defer cursor.Close()
+
+	for {
+		if !cursor.HasMore() {
+			if emailTemplate.Key == "" {
+				return nil, fmt.Errorf("email template not found")
+			}
+			break
+		}
+		_, err := cursor.ReadDocument(ctx, &emailTemplate)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return emailTemplate.AsAPIEmailTemplate(), nil
+}
+
+// DeleteEmailTemplate to delete EmailTemplate
+func (p *provider) DeleteEmailTemplate(ctx context.Context, emailTemplate *model.EmailTemplate) error {
+	eventTemplateCollection, _ := p.db.Collection(ctx, models.Collections.EmailTemplate)
+	_, err := eventTemplateCollection.RemoveDocument(ctx, emailTemplate.ID)
+	if err != nil {
+		return err
+	}
+	return nil
+}

server/db/providers/arangodb/provider.go

@@ -134,6 +134,20 @@ func NewProvider() (*provider, error) {
 		Sparse: true,
 	})
 
+	emailTemplateCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.EmailTemplate)
+	if !emailTemplateCollectionExists {
+		_, err = arangodb.CreateCollection(ctx, models.Collections.EmailTemplate, nil)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	emailTemplateCollection, _ := arangodb.Collection(nil, models.Collections.EmailTemplate)
+	emailTemplateCollection.EnsureHashIndex(ctx, []string{"event_name"}, &arangoDriver.EnsureHashIndexOptions{
+		Unique: true,
+		Sparse: true,
+	})
+
 	return &provider{
 		db: arangodb,
 	}, err

server/db/providers/arangodb/session.go

@@ -2,7 +2,6 @@ package arangodb
 
 import (
 	"context"
-	"fmt"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -24,17 +23,3 @@ func (p *provider) AddSession(ctx context.Context, session models.Session) error
 	}
 	return nil
 }
-
-// DeleteSession to delete session information from database
-func (p *provider) DeleteSession(ctx context.Context, userId string) error {
-	query := fmt.Sprintf(`FOR d IN %s FILTER d.user_id == @userId REMOVE { _key: d._key } IN %s`, models.Collections.Session, models.Collections.Session)
-	bindVars := map[string]interface{}{
-		"userId": userId,
-	}
-	cursor, err := p.db.Query(ctx, query, bindVars)
-	if err != nil {
-		return err
-	}
-	defer cursor.Close()
-	return nil
-}

server/db/providers/arangodb/user.go

@@ -63,6 +63,16 @@ func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
 		return err
 	}
 
+	query := fmt.Sprintf(`FOR d IN %s FILTER d.user_id == @user_id REMOVE { _key: d._key } IN %s`, models.Collections.Session, models.Collections.Session)
+	bindVars := map[string]interface{}{
+		"user_id": user.ID,
+	}
+	cursor, err := p.db.Query(ctx, query, bindVars)
+	if err != nil {
+		return err
+	}
+	defer cursor.Close()
+
 	return nil
 }
 

server/db/providers/arangodb/webhook.go

@@ -83,7 +83,7 @@ func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination)
 // GetWebhookByID to get webhook by id
 func (p *provider) GetWebhookByID(ctx context.Context, webhookID string) (*model.Webhook, error) {
 	var webhook models.Webhook
-	query := fmt.Sprintf("FOR d in %s FILTER d._id == @webhook_id RETURN d", models.Collections.Webhook)
+	query := fmt.Sprintf("FOR d in %s FILTER d._key == @webhook_id RETURN d", models.Collections.Webhook)
 	bindVars := map[string]interface{}{
 		"webhook_id": webhookID,
 	}
@@ -146,9 +146,9 @@ func (p *provider) DeleteWebhook(ctx context.Context, webhook *model.Webhook) er
 		return err
 	}
 
-	query := fmt.Sprintf("FOR d in %s FILTER d.event_id == @event_id REMOVE { _key: d._key }", models.Collections.WebhookLog)
+	query := fmt.Sprintf("FOR d IN %s FILTER d.webhook_id == @webhook_id REMOVE { _key: d._key } IN %s", models.Collections.WebhookLog, models.Collections.WebhookLog)
 	bindVars := map[string]interface{}{
-		"event_id": webhook.ID,
+		"webhook_id": webhook.ID,
 	}
 
 	cursor, err := p.db.Query(ctx, query, bindVars)

server/db/providers/arangodb/webhook_log.go

@@ -37,11 +37,12 @@ func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Paginat
 	query := fmt.Sprintf("FOR d in %s SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.WebhookLog, pagination.Offset, pagination.Limit)
 
 	if webhookID != "" {
-		query = fmt.Sprintf("FOR d in %s FILTER d.webhook_id == @webhookID SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.WebhookLog, pagination.Offset, pagination.Limit)
+		query = fmt.Sprintf("FOR d in %s FILTER d.webhook_id == @webhook_id SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.WebhookLog, pagination.Offset, pagination.Limit)
 		bindVariables = map[string]interface{}{
 			"webhook_id": webhookID,
 		}
 	}
+
 	sctx := driver.WithQueryFullCount(ctx)
 	cursor, err := p.db.Query(sctx, query, bindVariables)
 	if err != nil {

server/db/providers/cassandradb/email_template.go

@@ -0,0 +1,159 @@
+package cassandradb
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"reflect"
+	"strings"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/gocql/gocql"
+	"github.com/google/uuid"
+)
+
+// AddEmailTemplate to add EmailTemplate
+func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+	if emailTemplate.ID == "" {
+		emailTemplate.ID = uuid.New().String()
+	}
+
+	emailTemplate.Key = emailTemplate.ID
+	emailTemplate.CreatedAt = time.Now().Unix()
+	emailTemplate.UpdatedAt = time.Now().Unix()
+
+	existingEmailTemplate, _ := p.GetEmailTemplateByEventName(ctx, emailTemplate.EventName)
+	if existingEmailTemplate != nil {
+		return nil, fmt.Errorf("Email template with %s event_name already exists", emailTemplate.EventName)
+	}
+
+	insertQuery := fmt.Sprintf("INSERT INTO %s (id, event_name, template,  created_at, updated_at) VALUES ('%s', '%s', '%s', %d, %d)", KeySpace+"."+models.Collections.EmailTemplate, emailTemplate.ID, emailTemplate.EventName, emailTemplate.Template, emailTemplate.CreatedAt, emailTemplate.UpdatedAt)
+	err := p.db.Query(insertQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
+
+	return emailTemplate.AsAPIEmailTemplate(), nil
+}
+
+// UpdateEmailTemplate to update EmailTemplate
+func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+	emailTemplate.UpdatedAt = time.Now().Unix()
+
+	bytes, err := json.Marshal(emailTemplate)
+	if err != nil {
+		return nil, err
+	}
+	// use decoder instead of json.Unmarshall, because it converts int64 -> float64 after unmarshalling
+	decoder := json.NewDecoder(strings.NewReader(string(bytes)))
+	decoder.UseNumber()
+	emailTemplateMap := map[string]interface{}{}
+	err = decoder.Decode(&emailTemplateMap)
+	if err != nil {
+		return nil, err
+	}
+
+	updateFields := ""
+	for key, value := range emailTemplateMap {
+		if key == "_id" {
+			continue
+		}
+
+		if key == "_key" {
+			continue
+		}
+
+		if value == nil {
+			updateFields += fmt.Sprintf("%s = null,", key)
+			continue
+		}
+
+		valueType := reflect.TypeOf(value)
+		if valueType.Name() == "string" {
+			updateFields += fmt.Sprintf("%s = '%s', ", key, value.(string))
+		} else {
+			updateFields += fmt.Sprintf("%s = %v, ", key, value)
+		}
+	}
+	updateFields = strings.Trim(updateFields, " ")
+	updateFields = strings.TrimSuffix(updateFields, ",")
+
+	query := fmt.Sprintf("UPDATE %s SET %s WHERE id = '%s'", KeySpace+"."+models.Collections.EmailTemplate, updateFields, emailTemplate.ID)
+	err = p.db.Query(query).Exec()
+	if err != nil {
+		return nil, err
+	}
+
+	return emailTemplate.AsAPIEmailTemplate(), nil
+}
+
+// ListEmailTemplates to list EmailTemplate
+func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagination) (*model.EmailTemplates, error) {
+	emailTemplates := []*model.EmailTemplate{}
+	paginationClone := pagination
+
+	totalCountQuery := fmt.Sprintf(`SELECT COUNT(*) FROM %s`, KeySpace+"."+models.Collections.EmailTemplate)
+	err := p.db.Query(totalCountQuery).Consistency(gocql.One).Scan(&paginationClone.Total)
+	if err != nil {
+		return nil, err
+	}
+
+	// there is no offset in cassandra
+	// so we fetch till limit + offset
+	// and return the results from offset to limit
+	query := fmt.Sprintf("SELECT id, event_name, template, created_at, updated_at FROM %s LIMIT %d", KeySpace+"."+models.Collections.EmailTemplate, pagination.Limit+pagination.Offset)
+
+	scanner := p.db.Query(query).Iter().Scanner()
+	counter := int64(0)
+	for scanner.Next() {
+		if counter >= pagination.Offset {
+			var emailTemplate models.EmailTemplate
+			err := scanner.Scan(&emailTemplate.ID, &emailTemplate.EventName, &emailTemplate.Template, &emailTemplate.CreatedAt, &emailTemplate.UpdatedAt)
+			if err != nil {
+				return nil, err
+			}
+			emailTemplates = append(emailTemplates, emailTemplate.AsAPIEmailTemplate())
+		}
+		counter++
+	}
+
+	return &model.EmailTemplates{
+		Pagination:     &paginationClone,
+		EmailTemplates: emailTemplates,
+	}, nil
+}
+
+// GetEmailTemplateByID to get EmailTemplate by id
+func (p *provider) GetEmailTemplateByID(ctx context.Context, emailTemplateID string) (*model.EmailTemplate, error) {
+	var emailTemplate models.EmailTemplate
+	query := fmt.Sprintf(`SELECT id, event_name, template, created_at, updated_at FROM %s WHERE id = '%s' LIMIT 1`, KeySpace+"."+models.Collections.EmailTemplate, emailTemplateID)
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&emailTemplate.ID, &emailTemplate.EventName, &emailTemplate.Template, &emailTemplate.CreatedAt, &emailTemplate.UpdatedAt)
+	if err != nil {
+		return nil, err
+	}
+	return emailTemplate.AsAPIEmailTemplate(), nil
+}
+
+// GetEmailTemplateByEventName to get EmailTemplate by event_name
+func (p *provider) GetEmailTemplateByEventName(ctx context.Context, eventName string) (*model.EmailTemplate, error) {
+	var emailTemplate models.EmailTemplate
+	query := fmt.Sprintf(`SELECT id, event_name, template, created_at, updated_at FROM %s WHERE event_name = '%s' LIMIT 1 ALLOW FILTERING`, KeySpace+"."+models.Collections.EmailTemplate, eventName)
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&emailTemplate.ID, &emailTemplate.EventName, &emailTemplate.Template, &emailTemplate.CreatedAt, &emailTemplate.UpdatedAt)
+	if err != nil {
+		return nil, err
+	}
+	return emailTemplate.AsAPIEmailTemplate(), nil
+}
+
+// DeleteEmailTemplate to delete EmailTemplate
+func (p *provider) DeleteEmailTemplate(ctx context.Context, emailTemplate *model.EmailTemplate) error {
+	query := fmt.Sprintf("DELETE FROM %s WHERE id = '%s'", KeySpace+"."+models.Collections.EmailTemplate, emailTemplate.ID)
+	err := p.db.Query(query).Exec()
+	if err != nil {
+		return err
+	}
+
+	return nil
+}

server/db/providers/cassandradb/provider.go

@@ -143,6 +143,11 @@ func NewProvider() (*provider, error) {
 	if err != nil {
 		return nil, err
 	}
+	sessionIndexQuery := fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_session_user_id ON %s.%s (user_id)", KeySpace, models.Collections.Session)
+	err = session.Query(sessionIndexQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
 
 	userCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, email text, email_verified_at bigint, password text, signup_methods text, given_name text, family_name text, middle_name text, nickname text, gender text, birthdate text, phone_number text, phone_number_verified_at bigint, picture text, roles text, updated_at bigint, created_at bigint, revoked_timestamp bigint, PRIMARY KEY (id))", KeySpace, models.Collections.User)
 	err = session.Query(userCollectionQuery).Exec()
@@ -177,7 +182,7 @@ func NewProvider() (*provider, error) {
 		return nil, err
 	}
 
-	webhookCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, event_name text, endpoint text, enabled boolean, updated_at bigint, created_at bigint, PRIMARY KEY (id))", KeySpace, models.Collections.Webhook)
+	webhookCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, event_name text, endpoint text, enabled boolean, headers text, updated_at bigint, created_at bigint, PRIMARY KEY (id))", KeySpace, models.Collections.Webhook)
 	err = session.Query(webhookCollectionQuery).Exec()
 	if err != nil {
 		return nil, err
@@ -199,6 +204,17 @@ func NewProvider() (*provider, error) {
 		return nil, err
 	}
 
+	emailTemplateCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, event_name text, template text, updated_at bigint, created_at bigint, PRIMARY KEY (id))", KeySpace, models.Collections.EmailTemplate)
+	err = session.Query(emailTemplateCollectionQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
+	emailTemplateIndexQuery := fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_email_template_event_name ON %s.%s (event_name)", KeySpace, models.Collections.EmailTemplate)
+	err = session.Query(emailTemplateIndexQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
+
 	return &provider{
 		db: session,
 	}, err

server/db/providers/cassandradb/session.go

@@ -25,13 +25,3 @@ func (p *provider) AddSession(ctx context.Context, session models.Session) error
 	}
 	return nil
 }
-
-// DeleteSession to delete session information from database
-func (p *provider) DeleteSession(ctx context.Context, userId string) error {
-	deleteSessionQuery := fmt.Sprintf("DELETE FROM %s WHERE user_id = '%s'", KeySpace+"."+models.Collections.Session, userId)
-	err := p.db.Query(deleteSessionQuery).Exec()
-	if err != nil {
-		return err
-	}
-	return nil
-}

server/db/providers/cassandradb/user.go

@@ -102,6 +102,10 @@ func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.Use
 			continue
 		}
 
+		if key == "_key" {
+			continue
+		}
+
 		if value == nil {
 			updateFields += fmt.Sprintf("%s = null,", key)
 			continue
@@ -131,7 +135,29 @@ func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.Use
 func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
 	query := fmt.Sprintf("DELETE FROM %s WHERE id = '%s'", KeySpace+"."+models.Collections.User, user.ID)
 	err := p.db.Query(query).Exec()
+	if err != nil {
 		return err
+	}
+
+	getSessionsQuery := fmt.Sprintf("SELECT id FROM %s WHERE user_id = '%s' ALLOW FILTERING", KeySpace+"."+models.Collections.Session, user.ID)
+	scanner := p.db.Query(getSessionsQuery).Iter().Scanner()
+	sessionIDs := ""
+	for scanner.Next() {
+		var wlID string
+		err = scanner.Scan(&wlID)
+		if err != nil {
+			return err
+		}
+		sessionIDs += fmt.Sprintf("'%s',", wlID)
+	}
+	sessionIDs = strings.TrimSuffix(sessionIDs, ",")
+	deleteSessionQuery := fmt.Sprintf("DELETE FROM %s WHERE id IN (%s)", KeySpace+"."+models.Collections.Session, sessionIDs)
+	err = p.db.Query(deleteSessionQuery).Exec()
+	if err != nil {
+		return err
+	}
+
+	return nil
 }
 
 // ListUsers to get list of users from database
@@ -171,7 +197,7 @@ func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (
 // GetUserByEmail to get user information from database using email address
 func (p *provider) GetUserByEmail(ctx context.Context, email string) (models.User, error) {
 	var user models.User
-	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, created_at, updated_at FROM %s WHERE email = '%s' LIMIT 1", KeySpace+"."+models.Collections.User, email)
+	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, created_at, updated_at FROM %s WHERE email = '%s' LIMIT 1 ALLOW FILTERING", KeySpace+"."+models.Collections.User, email)
 	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.CreatedAt, &user.UpdatedAt)
 	if err != nil {
 		return user, err

server/db/providers/cassandradb/webhook.go

@@ -24,6 +24,11 @@ func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*mod
 	webhook.CreatedAt = time.Now().Unix()
 	webhook.UpdatedAt = time.Now().Unix()
 
+	existingHook, _ := p.GetWebhookByEventName(ctx, webhook.EventName)
+	if existingHook != nil {
+		return nil, fmt.Errorf("Webhook with %s event_name already exists", webhook.EventName)
+	}
+
 	insertQuery := fmt.Sprintf("INSERT INTO %s (id, event_name, endpoint, headers, enabled,  created_at, updated_at) VALUES ('%s', '%s', '%s', '%s', %t, %d, %d)", KeySpace+"."+models.Collections.Webhook, webhook.ID, webhook.EventName, webhook.EndPoint, webhook.Headers, webhook.Enabled, webhook.CreatedAt, webhook.UpdatedAt)
 	err := p.db.Query(insertQuery).Exec()
 	if err != nil {
@@ -56,6 +61,10 @@ func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*
 			continue
 		}
 
+		if key == "_key" {
+			continue
+		}
+
 		if value == nil {
 			updateFields += fmt.Sprintf("%s = null,", key)
 			continue
@@ -72,7 +81,6 @@ func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*
 	updateFields = strings.TrimSuffix(updateFields, ",")
 
 	query := fmt.Sprintf("UPDATE %s SET %s WHERE id = '%s'", KeySpace+"."+models.Collections.Webhook, updateFields, webhook.ID)
-
 	err = p.db.Query(query).Exec()
 	if err != nil {
 		return nil, err
@@ -130,7 +138,7 @@ func (p *provider) GetWebhookByID(ctx context.Context, webhookID string) (*model
 // GetWebhookByEventName to get webhook by event_name
 func (p *provider) GetWebhookByEventName(ctx context.Context, eventName string) (*model.Webhook, error) {
 	var webhook models.Webhook
-	query := fmt.Sprintf(`SELECT id, event_name, endpoint, headers, enabled, created_at, updated_at FROM %s WHERE event_name = '%s' LIMIT 1`, KeySpace+"."+models.Collections.Webhook, eventName)
+	query := fmt.Sprintf(`SELECT id, event_name, endpoint, headers, enabled, created_at, updated_at FROM %s WHERE event_name = '%s' LIMIT 1 ALLOW FILTERING`, KeySpace+"."+models.Collections.Webhook, eventName)
 	err := p.db.Query(query).Consistency(gocql.One).Scan(&webhook.ID, &webhook.EventName, &webhook.EndPoint, &webhook.Headers, &webhook.Enabled, &webhook.CreatedAt, &webhook.UpdatedAt)
 	if err != nil {
 		return nil, err
@@ -146,7 +154,19 @@ func (p *provider) DeleteWebhook(ctx context.Context, webhook *model.Webhook) er
 		return err
 	}
 
-	query = fmt.Sprintf("DELETE FROM %s WHERE webhook_id = '%s'", KeySpace+"."+models.Collections.WebhookLog, webhook.ID)
+	getWebhookLogQuery := fmt.Sprintf("SELECT id FROM %s WHERE webhook_id = '%s' ALLOW FILTERING", KeySpace+"."+models.Collections.WebhookLog, webhook.ID)
+	scanner := p.db.Query(getWebhookLogQuery).Iter().Scanner()
+	webhookLogIDs := ""
+	for scanner.Next() {
+		var wlID string
+		err = scanner.Scan(&wlID)
+		if err != nil {
+			return err
+		}
+		webhookLogIDs += fmt.Sprintf("'%s',", wlID)
+	}
+	webhookLogIDs = strings.TrimSuffix(webhookLogIDs, ",")
+	query = fmt.Sprintf("DELETE FROM %s WHERE id IN (%s)", KeySpace+"."+models.Collections.WebhookLog, webhookLogIDs)
 	err = p.db.Query(query).Exec()
 	return err
 }

server/db/providers/cassandradb/webhook_log.go

@@ -40,8 +40,8 @@ func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Paginat
 	query := fmt.Sprintf("SELECT id, http_status, response, request, webhook_id, created_at, updated_at FROM %s LIMIT %d", KeySpace+"."+models.Collections.WebhookLog, pagination.Limit+pagination.Offset)
 
 	if webhookID != "" {
-		totalCountQuery = fmt.Sprintf(`SELECT COUNT(*) FROM %s WHERE webhook_id='%s'`, KeySpace+"."+models.Collections.WebhookLog, webhookID)
-		query = fmt.Sprintf("SELECT id, http_status, response, request, webhook_id, created_at, updated_at FROM %s WHERE webhook_id = '%s' LIMIT %d", KeySpace+"."+models.Collections.WebhookLog, webhookID, pagination.Limit+pagination.Offset)
+		totalCountQuery = fmt.Sprintf(`SELECT COUNT(*) FROM %s WHERE webhook_id='%s' ALLOW FILTERING`, KeySpace+"."+models.Collections.WebhookLog, webhookID)
+		query = fmt.Sprintf("SELECT id, http_status, response, request, webhook_id, created_at, updated_at FROM %s WHERE webhook_id = '%s' LIMIT %d ALLOW FILTERING", KeySpace+"."+models.Collections.WebhookLog, webhookID, pagination.Limit+pagination.Offset)
 	}
 
 	err := p.db.Query(totalCountQuery).Consistency(gocql.One).Scan(&paginationClone.Total)

server/db/providers/mongodb/email_template.go

@@ -0,0 +1,115 @@
+package mongodb
+
+import (
+	"context"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/google/uuid"
+	"go.mongodb.org/mongo-driver/bson"
+	"go.mongodb.org/mongo-driver/mongo/options"
+)
+
+// AddEmailTemplate to add EmailTemplate
+func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+	if emailTemplate.ID == "" {
+		emailTemplate.ID = uuid.New().String()
+	}
+
+	emailTemplate.Key = emailTemplate.ID
+	emailTemplate.CreatedAt = time.Now().Unix()
+	emailTemplate.UpdatedAt = time.Now().Unix()
+
+	emailTemplateCollection := p.db.Collection(models.Collections.EmailTemplate, options.Collection())
+	_, err := emailTemplateCollection.InsertOne(ctx, emailTemplate)
+	if err != nil {
+		return nil, err
+	}
+	return emailTemplate.AsAPIEmailTemplate(), nil
+}
+
+// UpdateEmailTemplate to update EmailTemplate
+func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+	emailTemplate.UpdatedAt = time.Now().Unix()
+
+	emailTemplateCollection := p.db.Collection(models.Collections.EmailTemplate, options.Collection())
+	_, err := emailTemplateCollection.UpdateOne(ctx, bson.M{"_id": bson.M{"$eq": emailTemplate.ID}}, bson.M{"$set": emailTemplate}, options.MergeUpdateOptions())
+	if err != nil {
+		return nil, err
+	}
+
+	return emailTemplate.AsAPIEmailTemplate(), nil
+}
+
+// ListEmailTemplates to list EmailTemplate
+func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagination) (*model.EmailTemplates, error) {
+	var emailTemplates []*model.EmailTemplate
+	opts := options.Find()
+	opts.SetLimit(pagination.Limit)
+	opts.SetSkip(pagination.Offset)
+	opts.SetSort(bson.M{"created_at": -1})
+
+	paginationClone := pagination
+
+	emailTemplateCollection := p.db.Collection(models.Collections.EmailTemplate, options.Collection())
+	count, err := emailTemplateCollection.CountDocuments(ctx, bson.M{}, options.Count())
+	if err != nil {
+		return nil, err
+	}
+
+	paginationClone.Total = count
+
+	cursor, err := emailTemplateCollection.Find(ctx, bson.M{}, opts)
+	if err != nil {
+		return nil, err
+	}
+	defer cursor.Close(ctx)
+
+	for cursor.Next(ctx) {
+		var emailTemplate models.EmailTemplate
+		err := cursor.Decode(&emailTemplate)
+		if err != nil {
+			return nil, err
+		}
+		emailTemplates = append(emailTemplates, emailTemplate.AsAPIEmailTemplate())
+	}
+
+	return &model.EmailTemplates{
+		Pagination:     &paginationClone,
+		EmailTemplates: emailTemplates,
+	}, nil
+}
+
+// GetEmailTemplateByID to get EmailTemplate by id
+func (p *provider) GetEmailTemplateByID(ctx context.Context, emailTemplateID string) (*model.EmailTemplate, error) {
+	var emailTemplate models.EmailTemplate
+	emailTemplateCollection := p.db.Collection(models.Collections.EmailTemplate, options.Collection())
+	err := emailTemplateCollection.FindOne(ctx, bson.M{"_id": emailTemplateID}).Decode(&emailTemplate)
+	if err != nil {
+		return nil, err
+	}
+	return emailTemplate.AsAPIEmailTemplate(), nil
+}
+
+// GetEmailTemplateByEventName to get EmailTemplate by event_name
+func (p *provider) GetEmailTemplateByEventName(ctx context.Context, eventName string) (*model.EmailTemplate, error) {
+	var emailTemplate models.EmailTemplate
+	emailTemplateCollection := p.db.Collection(models.Collections.EmailTemplate, options.Collection())
+	err := emailTemplateCollection.FindOne(ctx, bson.M{"event_name": eventName}).Decode(&emailTemplate)
+	if err != nil {
+		return nil, err
+	}
+	return emailTemplate.AsAPIEmailTemplate(), nil
+}
+
+// DeleteEmailTemplate to delete EmailTemplate
+func (p *provider) DeleteEmailTemplate(ctx context.Context, emailTemplate *model.EmailTemplate) error {
+	emailTemplateCollection := p.db.Collection(models.Collections.EmailTemplate, options.Collection())
+	_, err := emailTemplateCollection.DeleteOne(nil, bson.M{"_id": emailTemplate.ID}, options.Delete())
+	if err != nil {
+		return err
+	}
+
+	return nil
+}

server/db/providers/mongodb/provider.go

@@ -101,6 +101,15 @@ func NewProvider() (*provider, error) {
 		},
 	}, options.CreateIndexes())
 
+	mongodb.CreateCollection(ctx, models.Collections.EmailTemplate, options.CreateCollection())
+	emailTemplateCollection := mongodb.Collection(models.Collections.EmailTemplate, options.Collection())
+	emailTemplateCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{
+		{
+			Keys:    bson.M{"event_name": 1},
+			Options: options.Index().SetUnique(true).SetSparse(true),
+		},
+	}, options.CreateIndexes())
+
 	return &provider{
 		db: mongodb,
 	}, nil

server/db/providers/mongodb/session.go

@@ -6,7 +6,6 @@ import (
 
 	"github.com/authorizerdev/authorizer/server/db/models"
 	"github.com/google/uuid"
-	"go.mongodb.org/mongo-driver/bson"
 	"go.mongodb.org/mongo-driver/mongo/options"
 )
 
@@ -26,13 +25,3 @@ func (p *provider) AddSession(ctx context.Context, session models.Session) error
 	}
 	return nil
 }
-
-// DeleteSession to delete session information from database
-func (p *provider) DeleteSession(ctx context.Context, userId string) error {
-	sessionCollection := p.db.Collection(models.Collections.Session, options.Collection())
-	_, err := sessionCollection.DeleteMany(ctx, bson.M{"user_id": userId}, options.Delete())
-	if err != nil {
-		return err
-	}
-	return nil
-}

server/db/providers/mongodb/user.go

@@ -57,6 +57,12 @@ func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
 		return err
 	}
 
+	sessionCollection := p.db.Collection(models.Collections.Session, options.Collection())
+	_, err = sessionCollection.DeleteMany(ctx, bson.M{"user_id": user.ID}, options.Delete())
+	if err != nil {
+		return err
+	}
+
 	return nil
 }
 

server/db/providers/mongodb/webhook.go

@@ -111,7 +111,7 @@ func (p *provider) DeleteWebhook(ctx context.Context, webhook *model.Webhook) er
 	}
 
 	webhookLogCollection := p.db.Collection(models.Collections.WebhookLog, options.Collection())
-	_, err = webhookLogCollection.DeleteOne(nil, bson.M{"webhook_id": webhook.ID}, options.Delete())
+	_, err = webhookLogCollection.DeleteMany(nil, bson.M{"webhook_id": webhook.ID}, options.Delete())
 	if err != nil {
 		return err
 	}

server/db/providers/provider_template/email_template.go

@@ -0,0 +1,48 @@
+package provider_template
+
+import (
+	"context"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/google/uuid"
+)
+
+// AddEmailTemplate to add EmailTemplate
+func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+	if emailTemplate.ID == "" {
+		emailTemplate.ID = uuid.New().String()
+	}
+
+	emailTemplate.Key = emailTemplate.ID
+	emailTemplate.CreatedAt = time.Now().Unix()
+	emailTemplate.UpdatedAt = time.Now().Unix()
+	return emailTemplate.AsAPIEmailTemplate(), nil
+}
+
+// UpdateEmailTemplate to update EmailTemplate
+func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+	emailTemplate.UpdatedAt = time.Now().Unix()
+	return emailTemplate.AsAPIEmailTemplate(), nil
+}
+
+// ListEmailTemplates to list EmailTemplate
+func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagination) (*model.EmailTemplates, error) {
+	return nil, nil
+}
+
+// GetEmailTemplateByID to get EmailTemplate by id
+func (p *provider) GetEmailTemplateByID(ctx context.Context, emailTemplateID string) (*model.EmailTemplate, error) {
+	return nil, nil
+}
+
+// GetEmailTemplateByEventName to get EmailTemplate by event_name
+func (p *provider) GetEmailTemplateByEventName(ctx context.Context, eventName string) (*model.EmailTemplate, error) {
+	return nil, nil
+}
+
+// DeleteEmailTemplate to delete EmailTemplate
+func (p *provider) DeleteEmailTemplate(ctx context.Context, emailTemplate *model.EmailTemplate) error {
+	return nil
+}

server/db/providers/providers.go

@@ -34,8 +34,6 @@ type Provider interface {
 
 	// AddSession to save session information in database
 	AddSession(ctx context.Context, session models.Session) error
-	// DeleteSession to delete session information from database
-	DeleteSession(ctx context.Context, userId string) error
 
 	// AddEnv to save environment information in database
 	AddEnv(ctx context.Context, env models.Env) (models.Env, error)
@@ -61,4 +59,17 @@ type Provider interface {
 	AddWebhookLog(ctx context.Context, webhookLog models.WebhookLog) (*model.WebhookLog, error)
 	// ListWebhookLogs to list webhook logs
 	ListWebhookLogs(ctx context.Context, pagination model.Pagination, webhookID string) (*model.WebhookLogs, error)
+
+	// AddEmailTemplate to add EmailTemplate
+	AddEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error)
+	// UpdateEmailTemplate to update EmailTemplate
+	UpdateEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error)
+	// ListEmailTemplates to list EmailTemplate
+	ListEmailTemplate(ctx context.Context, pagination model.Pagination) (*model.EmailTemplates, error)
+	// GetEmailTemplateByID to get EmailTemplate by id
+	GetEmailTemplateByID(ctx context.Context, emailTemplateID string) (*model.EmailTemplate, error)
+	// GetEmailTemplateByEventName to get EmailTemplate by event_name
+	GetEmailTemplateByEventName(ctx context.Context, eventName string) (*model.EmailTemplate, error)
+	// DeleteEmailTemplate to delete EmailTemplate
+	DeleteEmailTemplate(ctx context.Context, emailTemplate *model.EmailTemplate) error
 }

server/db/providers/sql/email_template.go

@@ -0,0 +1,100 @@
+package sql
+
+import (
+	"context"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/google/uuid"
+)
+
+// AddEmailTemplate to add EmailTemplate
+func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+	if emailTemplate.ID == "" {
+		emailTemplate.ID = uuid.New().String()
+	}
+
+	emailTemplate.Key = emailTemplate.ID
+	emailTemplate.CreatedAt = time.Now().Unix()
+	emailTemplate.UpdatedAt = time.Now().Unix()
+
+	res := p.db.Create(&emailTemplate)
+	if res.Error != nil {
+		return nil, res.Error
+	}
+	return emailTemplate.AsAPIEmailTemplate(), nil
+}
+
+// UpdateEmailTemplate to update EmailTemplate
+func (p *provider) UpdateEmailTemplate(ctx context.Context, emailTemplate models.EmailTemplate) (*model.EmailTemplate, error) {
+	emailTemplate.UpdatedAt = time.Now().Unix()
+
+	res := p.db.Save(&emailTemplate)
+	if res.Error != nil {
+		return nil, res.Error
+	}
+	return emailTemplate.AsAPIEmailTemplate(), nil
+}
+
+// ListEmailTemplates to list EmailTemplate
+func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagination) (*model.EmailTemplates, error) {
+	var emailTemplates []models.EmailTemplate
+
+	result := p.db.Limit(int(pagination.Limit)).Offset(int(pagination.Offset)).Order("created_at DESC").Find(&emailTemplates)
+	if result.Error != nil {
+		return nil, result.Error
+	}
+
+	var total int64
+	totalRes := p.db.Model(&models.EmailTemplate{}).Count(&total)
+	if totalRes.Error != nil {
+		return nil, totalRes.Error
+	}
+
+	paginationClone := pagination
+	paginationClone.Total = total
+
+	responseEmailTemplates := []*model.EmailTemplate{}
+	for _, w := range emailTemplates {
+		responseEmailTemplates = append(responseEmailTemplates, w.AsAPIEmailTemplate())
+	}
+	return &model.EmailTemplates{
+		Pagination:     &paginationClone,
+		EmailTemplates: responseEmailTemplates,
+	}, nil
+}
+
+// GetEmailTemplateByID to get EmailTemplate by id
+func (p *provider) GetEmailTemplateByID(ctx context.Context, emailTemplateID string) (*model.EmailTemplate, error) {
+	var emailTemplate models.EmailTemplate
+
+	result := p.db.Where("id = ?", emailTemplateID).First(&emailTemplate)
+	if result.Error != nil {
+		return nil, result.Error
+	}
+	return emailTemplate.AsAPIEmailTemplate(), nil
+}
+
+// GetEmailTemplateByEventName to get EmailTemplate by event_name
+func (p *provider) GetEmailTemplateByEventName(ctx context.Context, eventName string) (*model.EmailTemplate, error) {
+	var emailTemplate models.EmailTemplate
+
+	result := p.db.Where("event_name = ?", eventName).First(&emailTemplate)
+	if result.Error != nil {
+		return nil, result.Error
+	}
+	return emailTemplate.AsAPIEmailTemplate(), nil
+}
+
+// DeleteEmailTemplate to delete EmailTemplate
+func (p *provider) DeleteEmailTemplate(ctx context.Context, emailTemplate *model.EmailTemplate) error {
+	result := p.db.Delete(&models.EmailTemplate{
+		ID: emailTemplate.ID,
+	})
+	if result.Error != nil {
+		return result.Error
+	}
+
+	return nil
+}

server/db/providers/sql/provider.go

@@ -50,7 +50,7 @@ func NewProvider() (*provider, error) {
 		sqlDB, err = gorm.Open(postgres.Open(dbURL), ormConfig)
 	case constants.DbTypeSqlite:
 		sqlDB, err = gorm.Open(sqlite.Open(dbURL), ormConfig)
-	case constants.DbTypeMysql, constants.DbTypeMariaDB:
+	case constants.DbTypeMysql, constants.DbTypeMariaDB, constants.DbTypePlanetScaleDB:
 		sqlDB, err = gorm.Open(mysql.Open(dbURL), ormConfig)
 	case constants.DbTypeSqlserver:
 		sqlDB, err = gorm.Open(sqlserver.Open(dbURL), ormConfig)
@@ -60,7 +60,7 @@ func NewProvider() (*provider, error) {
 		return nil, err
 	}
 
-	err = sqlDB.AutoMigrate(&models.User{}, &models.VerificationRequest{}, &models.Session{}, &models.Env{}, &models.Webhook{}, models.WebhookLog{})
+	err = sqlDB.AutoMigrate(&models.User{}, &models.VerificationRequest{}, &models.Session{}, &models.Env{}, &models.Webhook{}, models.WebhookLog{}, models.EmailTemplate{})
 	if err != nil {
 		return nil, err
 	}

server/db/providers/sql/session.go

@@ -27,13 +27,3 @@ func (p *provider) AddSession(ctx context.Context, session models.Session) error
 	}
 	return nil
 }
-
-// DeleteSession to delete session information from database
-func (p *provider) DeleteSession(ctx context.Context, userId string) error {
-	result := p.db.Where("user_id = ?", userId).Delete(&models.Session{})
-
-	if result.Error != nil {
-		return result.Error
-	}
-	return nil
-}

server/db/providers/sql/user.go

@@ -63,6 +63,11 @@ func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
 		return result.Error
 	}
 
+	result = p.db.Where("user_id = ?", user.ID).Delete(&models.Session{})
+	if result.Error != nil {
+		return result.Error
+	}
+
 	return nil
 }
 

server/email/invite_email.go

@@ -70,7 +70,7 @@ func InviteEmail(toEmail, token, verificationURL, redirectURI string) error {
                                                                                         <tr style="background: rgb(249,250,251);padding: 10px;margin-bottom:10px;border-radius:5px;">
                                                                                             <td class="esd-block-text es-m-txt-c es-p15t" align="center" style="padding:10px;padding-bottom:30px;">
                                                                                                 <p>Hi there 👋</p>
-                                                                                                <p>Join us! You are invited to sign-up for <b>{{.org_name}}</b>. Please accept the invitation by clicking the clicking the button below.</p> <br/>
+                                                                                                <p>Join us! You are invited to sign-up for <b>{{.org_name}}</b>. Please accept the invitation by clicking the button below.</p> <br/>
                                                                                                 <a 
                                                                                                 clicktracking="off" href="{{.verification_url}}" class="es-button" target="_blank" style="text-decoration: none;padding:10px 15px;background-color: rgba(59,130,246,1);color: #fff;font-size: 1em;border-radius:5px;">Get Started</a>
                                                                                             </td>

server/env/persist_env.go

@@ -113,7 +113,7 @@ func PersistEnv() error {
 	ctx := context.Background()
 	env, err := db.Provider.GetEnv(ctx)
 	// config not found in db
-	if err != nil {
+	if err != nil || env.EnvData == "" {
 		// AES encryption needs 32 bit key only, so we chop off last 4 characters from 36 bit uuid
 		hash := uuid.New().String()[:36-4]
 		err := memorystore.Provider.UpdateEnvVariable(constants.EnvKeyEncryptionKey, hash)
@@ -174,7 +174,7 @@ func PersistEnv() error {
 
 		err = json.Unmarshal(decryptedConfigs, &storeData)
 		if err != nil {
-			log.Debug("Error while unmarshalling env data: ", err)
+			log.Debug("Error while un-marshalling env data: ", err)
 			return err
 		}
 

server/graph/model/models_gen.go

@@ -2,6 +2,11 @@
 
 package model
 
+type AddEmailTemplateRequest struct {
+	EventName string `json:"event_name"`
+	Template  string `json:"template"`
+}
+
 type AddWebhookRequest struct {
 	EventName string                 `json:"event_name"`
 	Endpoint  string                 `json:"endpoint"`
@@ -26,10 +31,27 @@ type AuthResponse struct {
 	User         *User   `json:"user"`
 }
 
+type DeleteEmailTemplateRequest struct {
+	ID string `json:"id"`
+}
+
 type DeleteUserInput struct {
 	Email string `json:"email"`
 }
 
+type EmailTemplate struct {
+	ID        string `json:"id"`
+	EventName string `json:"event_name"`
+	Template  string `json:"template"`
+	CreatedAt *int64 `json:"created_at"`
+	UpdatedAt *int64 `json:"updated_at"`
+}
+
+type EmailTemplates struct {
+	Pagination     *Pagination      `json:"pagination"`
+	EmailTemplates []*EmailTemplate `json:"EmailTemplates"`
+}
+
 type Env struct {
 	AccessTokenExpiryTime      *string  `json:"ACCESS_TOKEN_EXPIRY_TIME"`
 	AdminSecret                *string  `json:"ADMIN_SECRET"`
@@ -214,6 +236,12 @@ type UpdateAccessInput struct {
 	UserID string `json:"user_id"`
 }
 
+type UpdateEmailTemplateRequest struct {
+	ID        string  `json:"id"`
+	EventName *string `json:"event_name"`
+	Template  *string `json:"template"`
+}
+
 type UpdateEnvInput struct {
 	AccessTokenExpiryTime      *string  `json:"ACCESS_TOKEN_EXPIRY_TIME"`
 	AdminSecret                *string  `json:"ADMIN_SECRET"`

server/graph/schema.graphqls

@@ -150,6 +150,54 @@ type GenerateJWTKeysResponse {
 	private_key: String
 }
 
+type Webhook {
+	id: ID!
+	event_name: String
+	endpoint: String
+	enabled: Boolean
+	headers: Map
+	created_at: Int64
+	updated_at: Int64
+}
+
+type Webhooks {
+	pagination: Pagination!
+	webhooks: [Webhook!]!
+}
+
+type WebhookLog {
+	id: ID!
+	http_status: Int64
+	response: String
+	request: String
+	webhook_id: ID
+	created_at: Int64
+	updated_at: Int64
+}
+
+type TestEndpointResponse {
+	http_status: Int64
+	response: Map
+}
+
+type WebhookLogs {
+	pagination: Pagination!
+	webhook_logs: [WebhookLog!]!
+}
+
+type EmailTemplate {
+	id: ID!
+	event_name: String!
+	template: String!
+	created_at: Int64
+	updated_at: Int64
+}
+
+type EmailTemplates {
+	pagination: Pagination!
+	EmailTemplates: [EmailTemplate!]!
+}
+
 input UpdateEnvInput {
 	ACCESS_TOKEN_EXPIRY_TIME: String
 	ADMIN_SECRET: String
@@ -324,38 +372,8 @@ input GenerateJWTKeysInput {
 	type: String!
 }
 
-type Webhook {
-	id: ID!
-	event_name: String
-	endpoint: String
-	enabled: Boolean
-	headers: Map
-	created_at: Int64
-	updated_at: Int64
-}
-
-type Webhooks {
-	pagination: Pagination!
-	webhooks: [Webhook!]!
-}
-
-type WebhookLog {
-	id: ID!
-	http_status: Int64
-	response: String
-	request: String
-	webhook_id: ID
-	created_at: Int64
-	updated_at: Int64
-}
-
-type TestEndpointResponse {
-	http_status: Int64
-	response: Map
-}
-
 input ListWebhookLogRequest {
-	pagination: PaginationInput!
+	pagination: PaginationInput
 	webhook_id: String
 }
 
@@ -384,9 +402,19 @@ input TestEndpointRequest {
 	headers: Map
 }
 
-type WebhookLogs {
-	pagination: Pagination!
-	webhook_logs: [WebhookLog!]!
+input AddEmailTemplateRequest {
+	event_name: String!
+	template: String!
+}
+
+input UpdateEmailTemplateRequest {
+	id: ID!
+	event_name: String
+	template: String
+}
+
+input DeleteEmailTemplateRequest {
+	id: ID!
 }
 
 type Mutation {
@@ -415,6 +443,9 @@ type Mutation {
 	_update_webhook(params: UpdateWebhookRequest!): Response!
 	_delete_webhook(params: WebhookRequest!): Response!
 	_test_endpoint(params: TestEndpointRequest!): TestEndpointResponse!
+	_add_email_template(params: AddEmailTemplateRequest!): Response!
+	_update_email_template(params: UpdateEmailTemplateRequest!): Response!
+	_delete_email_template(params: DeleteEmailTemplateRequest!): Response!
 }
 
 type Query {
@@ -429,5 +460,6 @@ type Query {
 	_env: Env!
 	_webhook(params: WebhookRequest!): Webhook!
 	_webhooks(params: PaginatedInput): Webhooks!
-	_webhook_logs(params: ListWebhookLogRequest!): WebhookLogs!
+	_webhook_logs(params: ListWebhookLogRequest): WebhookLogs!
+	_email_templates(params: PaginatedInput): EmailTemplates!
 }

server/graph/schema.resolvers.go

@@ -107,6 +107,18 @@ func (r *mutationResolver) TestEndpoint(ctx context.Context, params model.TestEn
 	return resolvers.TestEndpointResolver(ctx, params)
 }
 
+func (r *mutationResolver) AddEmailTemplate(ctx context.Context, params model.AddEmailTemplateRequest) (*model.Response, error) {
+	return resolvers.AddEmailTemplateResolver(ctx, params)
+}
+
+func (r *mutationResolver) UpdateEmailTemplate(ctx context.Context, params model.UpdateEmailTemplateRequest) (*model.Response, error) {
+	return resolvers.UpdateEmailTemplateResolver(ctx, params)
+}
+
+func (r *mutationResolver) DeleteEmailTemplate(ctx context.Context, params model.DeleteEmailTemplateRequest) (*model.Response, error) {
+	return resolvers.DeleteEmailTemplateResolver(ctx, params)
+}
+
 func (r *queryResolver) Meta(ctx context.Context) (*model.Meta, error) {
 	return resolvers.MetaResolver(ctx)
 }
@@ -147,15 +159,21 @@ func (r *queryResolver) Webhooks(ctx context.Context, params *model.PaginatedInp
 	return resolvers.WebhooksResolver(ctx, params)
 }
 
-func (r *queryResolver) WebhookLogs(ctx context.Context, params model.ListWebhookLogRequest) (*model.WebhookLogs, error) {
+func (r *queryResolver) WebhookLogs(ctx context.Context, params *model.ListWebhookLogRequest) (*model.WebhookLogs, error) {
 	return resolvers.WebhookLogsResolver(ctx, params)
 }
 
+func (r *queryResolver) EmailTemplates(ctx context.Context, params *model.PaginatedInput) (*model.EmailTemplates, error) {
+	return resolvers.EmailTemplatesResolver(ctx, params)
+}
+
 // Mutation returns generated.MutationResolver implementation.
 func (r *Resolver) Mutation() generated.MutationResolver { return &mutationResolver{r} }
 
 // Query returns generated.QueryResolver implementation.
 func (r *Resolver) Query() generated.QueryResolver { return &queryResolver{r} }
 
-type mutationResolver struct{ *Resolver }
-type queryResolver struct{ *Resolver }
+type (
+	mutationResolver struct{ *Resolver }
+	queryResolver    struct{ *Resolver }
+)

server/handlers/oauth_callback.go

@@ -320,12 +320,60 @@ func processGithubUserInfo(code string) (models.User, error) {
 	}
 
 	picture := userRawData["avatar_url"]
+	email := userRawData["email"]
+
+	if email == "" {
+		type GithubUserEmails struct {
+			Email   string `json:"email"`
+			Primary bool   `json:"primary"`
+		}
+
+		// fetch using /users/email endpoint
+		req, err := http.NewRequest("GET", constants.GithubUserEmails, nil)
+		if err != nil {
+			log.Debug("Failed to create github emails request: ", err)
+			return user, fmt.Errorf("error creating github user info request: %s", err.Error())
+		}
+		req.Header = http.Header{
+			"Authorization": []string{fmt.Sprintf("token %s", oauth2Token.AccessToken)},
+		}
+
+		response, err := client.Do(req)
+		if err != nil {
+			log.Debug("Failed to request github user email: ", err)
+			return user, err
+		}
+
+		defer response.Body.Close()
+		body, err := ioutil.ReadAll(response.Body)
+		if err != nil {
+			log.Debug("Failed to read github user email response body: ", err)
+			return user, fmt.Errorf("failed to read github response body: %s", err.Error())
+		}
+		if response.StatusCode >= 400 {
+			log.Debug("Failed to request github user email: ", string(body))
+			return user, fmt.Errorf("failed to request github user info: %s", string(body))
+		}
+
+		emailData := []GithubUserEmails{}
+		err = json.Unmarshal(body, &emailData)
+		if err != nil {
+			log.Debug("Failed to parse github user email: ", err)
+		}
+
+		for _, userEmail := range emailData {
+			email = userEmail.Email
+			if userEmail.Primary {
+				break
+			}
+		}
+	}
 
 	user = models.User{
 		GivenName:  &firstName,
 		FamilyName: &lastName,
 		Picture:    &picture,
-		Email:      userRawData["email"],
+		Email:      email,
 	}
 
 	return user, nil

server/memorystore/providers/inmemory/stores/env_store.go

@@ -1,10 +1,7 @@
 package stores
 
 import (
-	"os"
 	"sync"
-
-	"github.com/authorizerdev/authorizer/server/constants"
 )
 
 // EnvStore struct to store the env variables
@@ -23,12 +20,10 @@ func NewEnvStore() *EnvStore {
 
 // UpdateEnvStore to update the whole env store object
 func (e *EnvStore) UpdateStore(store map[string]interface{}) {
-	if os.Getenv("ENV") != constants.TestEnv {
 	e.mutex.Lock()
 	defer e.mutex.Unlock()
-	}
-	// just override the keys + new keys
 
+	// just override the keys + new keys
 	for key, value := range store {
 		e.store[key] = value
 	}
@@ -46,9 +41,8 @@ func (e *EnvStore) Get(key string) interface{} {
 
 // Set sets the value of the key in env store
 func (e *EnvStore) Set(key string, value interface{}) {
-	if os.Getenv("ENV") != constants.TestEnv {
 	e.mutex.Lock()
 	defer e.mutex.Unlock()
-	}
+
 	e.store[key] = value
 }

server/memorystore/providers/inmemory/stores/session_store.go

@@ -1,11 +1,8 @@
 package stores
 
 import (
-	"os"
 	"strings"
 	"sync"
-
-	"github.com/authorizerdev/authorizer/server/constants"
 )
 
 // SessionStore struct to store the env variables
@@ -29,10 +26,9 @@ func (s *SessionStore) Get(key, subKey string) string {
 
 // Set sets the value of the key in state store
 func (s *SessionStore) Set(key string, subKey, value string) {
-	if os.Getenv("ENV") != constants.TestEnv {
 	s.mutex.Lock()
 	defer s.mutex.Unlock()
-	}
+
 	if _, ok := s.store[key]; !ok {
 		s.store[key] = make(map[string]string)
 	}
@@ -41,19 +37,15 @@ func (s *SessionStore) Set(key string, subKey, value string) {
 
 // RemoveAll all values for given key
 func (s *SessionStore) RemoveAll(key string) {
-	if os.Getenv("ENV") != constants.TestEnv {
 	s.mutex.Lock()
 	defer s.mutex.Unlock()
-	}
 	delete(s.store, key)
 }
 
 // Remove value for given key and subkey
 func (s *SessionStore) Remove(key, subKey string) {
-	if os.Getenv("ENV") != constants.TestEnv {
 	s.mutex.Lock()
 	defer s.mutex.Unlock()
-	}
 	if _, ok := s.store[key]; ok {
 		delete(s.store[key], subKey)
 	}
@@ -69,11 +61,8 @@ func (s *SessionStore) GetAll(key string) map[string]string {
 
 // RemoveByNamespace to delete session for a given namespace example google,github
 func (s *SessionStore) RemoveByNamespace(namespace string) error {
-	if os.Getenv("ENV") != constants.TestEnv {
 	s.mutex.Lock()
 	defer s.mutex.Unlock()
-	}
-
 	for key := range s.store {
 		if strings.Contains(key, namespace+":") {
 			delete(s.store, key)

server/memorystore/providers/inmemory/stores/state_store.go

@@ -1,10 +1,7 @@
 package stores
 
 import (
-	"os"
 	"sync"
-
-	"github.com/authorizerdev/authorizer/server/constants"
 )
 
 // StateStore struct to store the env variables
@@ -28,19 +25,16 @@ func (s *StateStore) Get(key string) string {
 
 // Set sets the value of the key in state store
 func (s *StateStore) Set(key string, value string) {
-	if os.Getenv("ENV") != constants.TestEnv {
 	s.mutex.Lock()
 	defer s.mutex.Unlock()
-	}
+
 	s.store[key] = value
 }
 
 // Remove removes the key from state store
 func (s *StateStore) Remove(key string) {
-	if os.Getenv("ENV") != constants.TestEnv {
 	s.mutex.Lock()
 	defer s.mutex.Unlock()
-	}
 
 	delete(s.store, key)
 }

server/refs/bool.go

@@ -0,0 +1,14 @@
+package refs
+
+// NewBoolRef returns a reference to a bool with given value
+func NewBoolRef(v bool) *bool {
+	return &v
+}
+
+// BoolValue returns the value of the given bool ref
+func BoolValue(r *bool) bool {
+	if r == nil {
+		return false
+	}
+	return *r
+}

server/refs/int.go

@@ -0,0 +1,14 @@
+package refs
+
+// NewInt64Ref returns a reference to a int64 with given value
+func NewInt64Ref(v int64) *int64 {
+	return &v
+}
+
+// Int64Value returns the value of the given bool ref
+func Int64Value(r *int64) int64 {
+	if r == nil {
+		return 0
+	}
+	return *r
+}

server/refs/string.go

@@ -1,4 +1,4 @@
-package utils
+package refs
 
 // NewStringRef returns a reference to a string with given value
 func NewStringRef(v string) *string {
@@ -16,15 +16,4 @@ func StringValue(r *string, defaultValue ...string) string {
 	return ""
 }
 
-// NewBoolRef returns a reference to a bool with given value
-func NewBoolRef(v bool) *bool {
-	return &v
-}
 
-// BoolValue returns the value of the given bool ref
-func BoolValue(r *bool) bool {
-	if r == nil {
-		return false
-	}
-	return *r
-}

server/resolvers/add_email_template.go

@@ -0,0 +1,53 @@
+package resolvers
+
+import (
+	"context"
+	"fmt"
+	"strings"
+
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/token"
+	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/authorizerdev/authorizer/server/validators"
+	log "github.com/sirupsen/logrus"
+)
+
+// TODO add template validator
+
+// AddEmailTemplateResolver resolver for add email template mutation
+func AddEmailTemplateResolver(ctx context.Context, params model.AddEmailTemplateRequest) (*model.Response, error) {
+	gc, err := utils.GinContextFromContext(ctx)
+	if err != nil {
+		log.Debug("Failed to get GinContext: ", err)
+		return nil, err
+	}
+
+	if !token.IsSuperAdmin(gc) {
+		log.Debug("Not logged in as super admin")
+		return nil, fmt.Errorf("unauthorized")
+	}
+
+	if !validators.IsValidEmailTemplateEventName(params.EventName) {
+		log.Debug("Invalid Event Name: ", params.EventName)
+		return nil, fmt.Errorf("invalid event name %s", params.EventName)
+	}
+
+	if strings.TrimSpace(params.Template) == "" {
+		return nil, fmt.Errorf("empty template not allowed")
+	}
+
+	_, err = db.Provider.AddEmailTemplate(ctx, models.EmailTemplate{
+		EventName: params.EventName,
+		Template:  params.Template,
+	})
+	if err != nil {
+		log.Debug("Failed to add email template: ", err)
+		return nil, err
+	}
+
+	return &model.Response{
+		Message: `Email template added successfully`,
+	}, nil
+}

server/resolvers/add_webhook.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"strings"
 
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -32,6 +33,11 @@ func AddWebhookResolver(ctx context.Context, params model.AddWebhookRequest) (*m
 		return nil, fmt.Errorf("invalid event name %s", params.EventName)
 	}
 
+	if strings.TrimSpace(params.Endpoint) == "" {
+		log.Debug("empty endpoint not allowed")
+		return nil, fmt.Errorf("empty endpoint not allowed")
+	}
+
 	headerBytes, err := json.Marshal(params.Headers)
 	if err != nil {
 		return nil, err

server/resolvers/delete_email_template.go

@@ -0,0 +1,49 @@
+package resolvers
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/token"
+	"github.com/authorizerdev/authorizer/server/utils"
+	log "github.com/sirupsen/logrus"
+)
+
+// DeleteEmailTemplateResolver resolver to delete email template and its relevant logs
+func DeleteEmailTemplateResolver(ctx context.Context, params model.DeleteEmailTemplateRequest) (*model.Response, error) {
+	gc, err := utils.GinContextFromContext(ctx)
+	if err != nil {
+		log.Debug("Failed to get GinContext: ", err)
+		return nil, err
+	}
+
+	if !token.IsSuperAdmin(gc) {
+		log.Debug("Not logged in as super admin")
+		return nil, fmt.Errorf("unauthorized")
+	}
+
+	if params.ID == "" {
+		log.Debug("email template is required")
+		return nil, fmt.Errorf("email template ID required")
+	}
+
+	log := log.WithField("email_template_id", params.ID)
+
+	emailTemplate, err := db.Provider.GetEmailTemplateByID(ctx, params.ID)
+	if err != nil {
+		log.Debug("failed to get email template: ", err)
+		return nil, err
+	}
+
+	err = db.Provider.DeleteEmailTemplate(ctx, emailTemplate)
+	if err != nil {
+		log.Debug("failed to delete email template: ", err)
+		return nil, err
+	}
+
+	return &model.Response{
+		Message: "Email templated deleted successfully",
+	}, nil
+}

server/resolvers/email_templates.go

@@ -0,0 +1,35 @@
+package resolvers
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/token"
+	"github.com/authorizerdev/authorizer/server/utils"
+	log "github.com/sirupsen/logrus"
+)
+
+// EmailTemplatesResolver resolver for getting the list of email templates based on pagination
+func EmailTemplatesResolver(ctx context.Context, params *model.PaginatedInput) (*model.EmailTemplates, error) {
+	gc, err := utils.GinContextFromContext(ctx)
+	if err != nil {
+		log.Debug("Failed to get GinContext: ", err)
+		return nil, err
+	}
+
+	if !token.IsSuperAdmin(gc) {
+		log.Debug("Not logged in as super admin")
+		return nil, fmt.Errorf("unauthorized")
+	}
+
+	pagination := utils.GetPagination(params)
+
+	emailTemplates, err := db.Provider.ListEmailTemplate(ctx, pagination)
+	if err != nil {
+		log.Debug("failed to get email templates: ", err)
+		return nil, err
+	}
+	return emailTemplates, nil
+}

server/resolvers/env.go

@@ -10,6 +10,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
 )
@@ -38,10 +39,10 @@ func EnvResolver(ctx context.Context) (*model.Env, error) {
 	}
 
 	if val, ok := store[constants.EnvKeyAccessTokenExpiryTime]; ok {
-		res.AccessTokenExpiryTime = utils.NewStringRef(val.(string))
+		res.AccessTokenExpiryTime = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyAdminSecret]; ok {
-		res.AdminSecret = utils.NewStringRef(val.(string))
+		res.AdminSecret = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyClientID]; ok {
 		res.ClientID = val.(string)
@@ -50,103 +51,103 @@ func EnvResolver(ctx context.Context) (*model.Env, error) {
 		res.ClientSecret = val.(string)
 	}
 	if val, ok := store[constants.EnvKeyDatabaseURL]; ok {
-		res.DatabaseURL = utils.NewStringRef(val.(string))
+		res.DatabaseURL = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyDatabaseName]; ok {
-		res.DatabaseName = utils.NewStringRef(val.(string))
+		res.DatabaseName = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyDatabaseType]; ok {
-		res.DatabaseType = utils.NewStringRef(val.(string))
+		res.DatabaseType = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyDatabaseUsername]; ok {
-		res.DatabaseUsername = utils.NewStringRef(val.(string))
+		res.DatabaseUsername = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyDatabasePassword]; ok {
-		res.DatabasePassword = utils.NewStringRef(val.(string))
+		res.DatabasePassword = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyDatabaseHost]; ok {
-		res.DatabaseHost = utils.NewStringRef(val.(string))
+		res.DatabaseHost = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyDatabasePort]; ok {
-		res.DatabasePort = utils.NewStringRef(val.(string))
+		res.DatabasePort = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyCustomAccessTokenScript]; ok {
-		res.CustomAccessTokenScript = utils.NewStringRef(val.(string))
+		res.CustomAccessTokenScript = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeySmtpHost]; ok {
-		res.SMTPHost = utils.NewStringRef(val.(string))
+		res.SMTPHost = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeySmtpPort]; ok {
-		res.SMTPPort = utils.NewStringRef(val.(string))
+		res.SMTPPort = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeySmtpUsername]; ok {
-		res.SMTPUsername = utils.NewStringRef(val.(string))
+		res.SMTPUsername = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeySmtpPassword]; ok {
-		res.SMTPPassword = utils.NewStringRef(val.(string))
+		res.SMTPPassword = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeySenderEmail]; ok {
-		res.SenderEmail = utils.NewStringRef(val.(string))
+		res.SenderEmail = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyJwtType]; ok {
-		res.JwtType = utils.NewStringRef(val.(string))
+		res.JwtType = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyJwtSecret]; ok {
-		res.JwtSecret = utils.NewStringRef(val.(string))
+		res.JwtSecret = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyJwtRoleClaim]; ok {
-		res.JwtRoleClaim = utils.NewStringRef(val.(string))
+		res.JwtRoleClaim = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyJwtPublicKey]; ok {
-		res.JwtPublicKey = utils.NewStringRef(val.(string))
+		res.JwtPublicKey = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyJwtPrivateKey]; ok {
-		res.JwtPrivateKey = utils.NewStringRef(val.(string))
+		res.JwtPrivateKey = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyAppURL]; ok {
-		res.AppURL = utils.NewStringRef(val.(string))
+		res.AppURL = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyRedisURL]; ok {
-		res.RedisURL = utils.NewStringRef(val.(string))
+		res.RedisURL = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyResetPasswordURL]; ok {
-		res.ResetPasswordURL = utils.NewStringRef(val.(string))
+		res.ResetPasswordURL = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyGoogleClientID]; ok {
-		res.GoogleClientID = utils.NewStringRef(val.(string))
+		res.GoogleClientID = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyGoogleClientSecret]; ok {
-		res.GoogleClientSecret = utils.NewStringRef(val.(string))
+		res.GoogleClientSecret = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyFacebookClientID]; ok {
-		res.FacebookClientID = utils.NewStringRef(val.(string))
+		res.FacebookClientID = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyFacebookClientSecret]; ok {
-		res.FacebookClientSecret = utils.NewStringRef(val.(string))
+		res.FacebookClientSecret = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyGithubClientID]; ok {
-		res.GithubClientID = utils.NewStringRef(val.(string))
+		res.GithubClientID = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyGithubClientSecret]; ok {
-		res.GithubClientSecret = utils.NewStringRef(val.(string))
+		res.GithubClientSecret = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyLinkedInClientID]; ok {
-		res.LinkedinClientID = utils.NewStringRef(val.(string))
+		res.LinkedinClientID = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyLinkedInClientSecret]; ok {
-		res.LinkedinClientSecret = utils.NewStringRef(val.(string))
+		res.LinkedinClientSecret = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyAppleClientID]; ok {
-		res.AppleClientID = utils.NewStringRef(val.(string))
+		res.AppleClientID = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyAppleClientSecret]; ok {
-		res.AppleClientSecret = utils.NewStringRef(val.(string))
+		res.AppleClientSecret = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyOrganizationName]; ok {
-		res.OrganizationName = utils.NewStringRef(val.(string))
+		res.OrganizationName = refs.NewStringRef(val.(string))
 	}
 	if val, ok := store[constants.EnvKeyOrganizationLogo]; ok {
-		res.OrganizationLogo = utils.NewStringRef(val.(string))
+		res.OrganizationLogo = refs.NewStringRef(val.(string))
 	}
 
 	// string slice vars

server/resolvers/test_endpoint.go

@@ -11,6 +11,7 @@ import (
 
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
 	"github.com/authorizerdev/authorizer/server/validators"
@@ -41,8 +42,8 @@ func TestEndpointResolver(ctx context.Context, params model.TestEndpointRequest)
 		Email:         "test_endpoint@foo.com",
 		EmailVerified: true,
 		SignupMethods: constants.AuthRecipeMethodMagicLinkLogin,
-		GivenName:     utils.NewStringRef("Foo"),
-		FamilyName:    utils.NewStringRef("Bar"),
+		GivenName:     refs.NewStringRef("Foo"),
+		FamilyName:    refs.NewStringRef("Bar"),
 	}
 
 	userBytes, err := json.Marshal(user)

server/resolvers/update_email_template.go

@@ -0,0 +1,70 @@
+package resolvers
+
+import (
+	"context"
+	"fmt"
+	"strings"
+
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/refs"
+	"github.com/authorizerdev/authorizer/server/token"
+	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/authorizerdev/authorizer/server/validators"
+	log "github.com/sirupsen/logrus"
+)
+
+// TODO add template validator
+
+// UpdateEmailTemplateResolver resolver for update email template mutation
+func UpdateEmailTemplateResolver(ctx context.Context, params model.UpdateEmailTemplateRequest) (*model.Response, error) {
+	gc, err := utils.GinContextFromContext(ctx)
+	if err != nil {
+		log.Debug("Failed to get GinContext: ", err)
+		return nil, err
+	}
+
+	if !token.IsSuperAdmin(gc) {
+		log.Debug("Not logged in as super admin")
+		return nil, fmt.Errorf("unauthorized")
+	}
+
+	emailTemplate, err := db.Provider.GetEmailTemplateByID(ctx, params.ID)
+	if err != nil {
+		log.Debug("failed to get email template: ", err)
+		return nil, err
+	}
+
+	emailTemplateDetails := models.EmailTemplate{
+		ID:        emailTemplate.ID,
+		Key:       emailTemplate.ID,
+		EventName: emailTemplate.EventName,
+		CreatedAt: refs.Int64Value(emailTemplate.CreatedAt),
+	}
+
+	if params.EventName != nil && emailTemplateDetails.EventName != refs.StringValue(params.EventName) {
+		if isValid := validators.IsValidEmailTemplateEventName(refs.StringValue(params.EventName)); !isValid {
+			log.Debug("invalid event name: ", refs.StringValue(params.EventName))
+			return nil, fmt.Errorf("invalid event name %s", refs.StringValue(params.EventName))
+		}
+		emailTemplateDetails.EventName = refs.StringValue(params.EventName)
+	}
+
+	if params.Template != nil && emailTemplateDetails.Template != refs.StringValue(params.Template) {
+		if strings.TrimSpace(refs.StringValue(params.Template)) == "" {
+			log.Debug("empty template not allowed")
+			return nil, fmt.Errorf("empty template not allowed")
+		}
+		emailTemplateDetails.Template = refs.StringValue(params.Template)
+	}
+
+	_, err = db.Provider.UpdateEmailTemplate(ctx, emailTemplateDetails)
+	if err != nil {
+		return nil, err
+	}
+
+	return &model.Response{
+		Message: `Email template updated successfully.`,
+	}, nil
+}

server/resolvers/update_profile.go

@@ -17,6 +17,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/parsers"
+	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
 	"github.com/authorizerdev/authorizer/server/validators"
@@ -45,7 +46,7 @@ func UpdateProfileResolver(ctx context.Context, params model.UpdateProfileInput)
 	}
 
 	// validate if all params are not empty
-	if params.GivenName == nil && params.FamilyName == nil && params.Picture == nil && params.MiddleName == nil && params.Nickname == nil && params.OldPassword == nil && params.Email == nil && params.Birthdate == nil && params.Gender == nil && params.PhoneNumber == nil {
+	if params.GivenName == nil && params.FamilyName == nil && params.Picture == nil && params.MiddleName == nil && params.Nickname == nil && params.OldPassword == nil && params.Email == nil && params.Birthdate == nil && params.Gender == nil && params.PhoneNumber == nil && params.NewPassword == nil && params.ConfirmNewPassword == nil {
 		log.Debug("All params are empty")
 		return res, fmt.Errorf("please enter at least one param to update")
 	}
@@ -61,70 +62,108 @@ func UpdateProfileResolver(ctx context.Context, params model.UpdateProfileInput)
 		return res, err
 	}
 
-	if params.GivenName != nil && user.GivenName != params.GivenName {
+	if params.GivenName != nil && refs.StringValue(user.GivenName) != refs.StringValue(params.GivenName) {
 		user.GivenName = params.GivenName
 	}
 
-	if params.FamilyName != nil && user.FamilyName != params.FamilyName {
+	if params.FamilyName != nil && refs.StringValue(user.FamilyName) != refs.StringValue(params.FamilyName) {
 		user.FamilyName = params.FamilyName
 	}
 
-	if params.MiddleName != nil && user.MiddleName != params.MiddleName {
+	if params.MiddleName != nil && refs.StringValue(user.MiddleName) != refs.StringValue(params.MiddleName) {
 		user.MiddleName = params.MiddleName
 	}
 
-	if params.Nickname != nil && user.Nickname != params.Nickname {
+	if params.Nickname != nil && refs.StringValue(user.Nickname) != refs.StringValue(params.Nickname) {
 		user.Nickname = params.Nickname
 	}
 
-	if params.Birthdate != nil && user.Birthdate != params.Birthdate {
+	if params.Birthdate != nil && refs.StringValue(user.Birthdate) != refs.StringValue(params.Birthdate) {
 		user.Birthdate = params.Birthdate
 	}
 
-	if params.Gender != nil && user.Gender != params.Gender {
+	if params.Gender != nil && refs.StringValue(user.Gender) != refs.StringValue(params.Gender) {
 		user.Gender = params.Gender
 	}
 
-	if params.PhoneNumber != nil && user.PhoneNumber != params.PhoneNumber {
+	if params.PhoneNumber != nil && refs.StringValue(user.PhoneNumber) != refs.StringValue(params.PhoneNumber) {
 		user.PhoneNumber = params.PhoneNumber
 	}
 
-	if params.Picture != nil && user.Picture != params.Picture {
+	if params.Picture != nil && refs.StringValue(user.Picture) != refs.StringValue(params.Picture) {
 		user.Picture = params.Picture
 	}
 
-	if params.OldPassword != nil {
-		if err = bcrypt.CompareHashAndPassword([]byte(*user.Password), []byte(*params.OldPassword)); err != nil {
-			log.Debug("Failed to compare hash and old password: ", err)
-			return res, fmt.Errorf("incorrect old password")
-		}
-
-		if params.NewPassword == nil {
-			log.Debug("Failed to get new password: ")
-			return res, fmt.Errorf("new password is required")
-		}
-
-		if params.ConfirmNewPassword == nil {
-			log.Debug("Failed to get confirm new password: ")
+	isPasswordChanging := false
+	if params.NewPassword != nil && params.ConfirmNewPassword == nil {
+		isPasswordChanging = true
+		log.Debug("confirm password is empty")
 		return res, fmt.Errorf("confirm password is required")
 	}
 
-		if *params.ConfirmNewPassword != *params.NewPassword {
+	if params.ConfirmNewPassword != nil && params.NewPassword == nil {
+		isPasswordChanging = true
+		log.Debug("new password is empty")
+		return res, fmt.Errorf("new password is required")
+	}
+
+	if params.NewPassword != nil && params.ConfirmNewPassword != nil {
+		isPasswordChanging = true
+	}
+
+	if isPasswordChanging && user.Password != nil && params.OldPassword == nil {
+		log.Debug("old password is empty")
+		return res, fmt.Errorf("old password is required")
+	}
+
+	if isPasswordChanging && user.Password != nil && params.OldPassword != nil {
+		if err = bcrypt.CompareHashAndPassword([]byte(refs.StringValue(user.Password)), []byte(refs.StringValue(params.OldPassword))); err != nil {
+			log.Debug("Failed to compare hash and old password: ", err)
+			return res, fmt.Errorf("incorrect old password")
+		}
+	}
+
+	shouldAddBasicSignUpMethod := false
+	isBasicAuthDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication)
+	if err != nil {
+		log.Debug("Error getting basic auth disabled: ", err)
+		isBasicAuthDisabled = true
+	}
+
+	if params.NewPassword != nil && params.ConfirmNewPassword != nil {
+		if isBasicAuthDisabled {
+			log.Debug("Cannot update password as basic authentication is disabled")
+			return res, fmt.Errorf(`basic authentication is disabled for this instance`)
+		}
+
+		if refs.StringValue(params.ConfirmNewPassword) != refs.StringValue(params.NewPassword) {
 			log.Debug("Failed to compare new password and confirm new password")
 			return res, fmt.Errorf(`password and confirm password does not match`)
 		}
 
-		password, _ := crypto.EncryptPassword(*params.NewPassword)
+		if user.Password == nil || refs.StringValue(user.Password) == "" {
+			shouldAddBasicSignUpMethod = true
+		}
 
+		if err := validators.IsValidPassword(refs.StringValue(params.NewPassword)); err != nil {
+			log.Debug("Invalid password")
+			return res, err
+		}
+
+		password, _ := crypto.EncryptPassword(refs.StringValue(params.NewPassword))
 		user.Password = &password
+
+		if shouldAddBasicSignUpMethod {
+			user.SignupMethods = user.SignupMethods + "," + constants.AuthRecipeMethodBasicAuth
+		}
 	}
 
 	hasEmailChanged := false
 
-	if params.Email != nil && user.Email != *params.Email {
+	if params.Email != nil && user.Email != refs.StringValue(params.Email) {
 		// check if valid email
 		if !validators.IsValidEmail(*params.Email) {
-			log.Debug("Failed to validate email: ", *params.Email)
+			log.Debug("Failed to validate email: ", refs.StringValue(params.Email))
 			return res, fmt.Errorf("invalid email address")
 		}
 		newEmail := strings.ToLower(*params.Email)

server/resolvers/update_webhook.go

@@ -4,10 +4,12 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"strings"
 
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/db/models"
 	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
 	"github.com/authorizerdev/authorizer/server/validators"
@@ -45,35 +47,35 @@ func UpdateWebhookResolver(ctx context.Context, params model.UpdateWebhookReques
 	webhookDetails := models.Webhook{
 		ID:        webhook.ID,
 		Key:       webhook.ID,
-		EventName: utils.StringValue(webhook.EventName),
-		EndPoint:  utils.StringValue(webhook.Endpoint),
-		Enabled:   utils.BoolValue(webhook.Enabled),
+		EventName: refs.StringValue(webhook.EventName),
+		EndPoint:  refs.StringValue(webhook.Endpoint),
+		Enabled:   refs.BoolValue(webhook.Enabled),
 		Headers:   headersString,
-		CreatedAt: *webhook.CreatedAt,
+		CreatedAt: refs.Int64Value(webhook.CreatedAt),
 	}
 
-	if params.EventName != nil && webhookDetails.EventName != utils.StringValue(params.EventName) {
-		if isValid := validators.IsValidWebhookEventName(utils.StringValue(params.EventName)); !isValid {
-			log.Debug("invalid event name: ", utils.StringValue(params.EventName))
-			return nil, fmt.Errorf("invalid event name %s", utils.StringValue(params.EventName))
+	if params.EventName != nil && webhookDetails.EventName != refs.StringValue(params.EventName) {
+		if isValid := validators.IsValidWebhookEventName(refs.StringValue(params.EventName)); !isValid {
+			log.Debug("invalid event name: ", refs.StringValue(params.EventName))
+			return nil, fmt.Errorf("invalid event name %s", refs.StringValue(params.EventName))
 		}
-		webhookDetails.EventName = utils.StringValue(params.EventName)
+		webhookDetails.EventName = refs.StringValue(params.EventName)
 	}
 
-	if params.Endpoint != nil && webhookDetails.EndPoint != utils.StringValue(params.Endpoint) {
-		webhookDetails.EventName = utils.StringValue(params.EventName)
+	if params.Endpoint != nil && webhookDetails.EndPoint != refs.StringValue(params.Endpoint) {
+		if strings.TrimSpace(refs.StringValue(params.Endpoint)) == "" {
+			log.Debug("empty endpoint not allowed")
+			return nil, fmt.Errorf("empty endpoint not allowed")
+		}
+		webhookDetails.EndPoint = refs.StringValue(params.Endpoint)
 	}
 
-	if params.Enabled != nil && webhookDetails.Enabled != utils.BoolValue(params.Enabled) {
-		webhookDetails.Enabled = utils.BoolValue(params.Enabled)
+	if params.Enabled != nil && webhookDetails.Enabled != refs.BoolValue(params.Enabled) {
+		webhookDetails.Enabled = refs.BoolValue(params.Enabled)
 	}
 
 	if params.Headers != nil {
-		for key, val := range params.Headers {
-			webhook.Headers[key] = val
-		}
-
-		headerBytes, err := json.Marshal(webhook.Headers)
+		headerBytes, err := json.Marshal(params.Headers)
 		if err != nil {
 			log.Debug("failed to marshall headers: ", err)
 			return nil, err

server/resolvers/webhook_logs.go

@@ -6,13 +6,14 @@ import (
 
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
 	log "github.com/sirupsen/logrus"
 )
 
 // WebhookLogsResolver resolver for getting the list of webhook_logs based on pagination & webhook identifier
-func WebhookLogsResolver(ctx context.Context, params model.ListWebhookLogRequest) (*model.WebhookLogs, error) {
+func WebhookLogsResolver(ctx context.Context, params *model.ListWebhookLogRequest) (*model.WebhookLogs, error) {
 	gc, err := utils.GinContextFromContext(ctx)
 	if err != nil {
 		log.Debug("Failed to get GinContext: ", err)
@@ -24,11 +25,20 @@ func WebhookLogsResolver(ctx context.Context, params model.ListWebhookLogRequest
 		return nil, fmt.Errorf("unauthorized")
 	}
 
-	pagination := utils.GetPagination(&model.PaginatedInput{
+	var pagination model.Pagination
+	var webhookID string
+
+	if params != nil {
+		pagination = utils.GetPagination(&model.PaginatedInput{
 			Pagination: params.Pagination,
 		})
+		webhookID = refs.StringValue(params.WebhookID)
+	} else {
+		pagination = utils.GetPagination(nil)
+		webhookID = ""
+	}
 
-	webhookLogs, err := db.Provider.ListWebhookLogs(ctx, pagination, utils.StringValue(params.WebhookID))
+	webhookLogs, err := db.Provider.ListWebhookLogs(ctx, pagination, webhookID)
 	if err != nil {
 		log.Debug("failed to get webhook logs: ", err)
 		return nil, err

server/resolvers/webhooks.go

@@ -28,7 +28,7 @@ func WebhooksResolver(ctx context.Context, params *model.PaginatedInput) (*model
 
 	webhooks, err := db.Provider.ListWebhook(ctx, pagination)
 	if err != nil {
-		log.Debug("failed to get webhook logs: ", err)
+		log.Debug("failed to get webhooks: ", err)
 		return nil, err
 	}
 	return webhooks, nil

server/test/add_email_template_test.go

@@ -0,0 +1,58 @@
+package test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/crypto"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func addEmailTemplateTest(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run("should add email templates", func(t *testing.T) {
+		req, ctx := createContext(s)
+		adminSecret, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret)
+		assert.NoError(t, err)
+		h, err := crypto.EncryptPassword(adminSecret)
+		assert.NoError(t, err)
+		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", constants.AdminCookieName, h))
+
+		t.Run("should not add email template for invalid event type", func(t *testing.T) {
+			emailTemplate, err := resolvers.AddEmailTemplateResolver(ctx, model.AddEmailTemplateRequest{
+				EventName: "test",
+			})
+			assert.Error(t, err)
+			assert.Nil(t, emailTemplate)
+		})
+
+		t.Run("should not add email template for empty template", func(t *testing.T) {
+			emailTemplate, err := resolvers.AddEmailTemplateResolver(ctx, model.AddEmailTemplateRequest{
+				EventName: s.TestInfo.TestEmailTemplateEventTypes[0],
+				Template:  "     ",
+			})
+			assert.Error(t, err)
+			assert.Nil(t, emailTemplate)
+		})
+		for _, eventType := range s.TestInfo.TestEmailTemplateEventTypes {
+			t.Run("should add email template for "+eventType, func(t *testing.T) {
+				emailTemplate, err := resolvers.AddEmailTemplateResolver(ctx, model.AddEmailTemplateRequest{
+					EventName: eventType,
+					Template:  `Test email`,
+				})
+				assert.NoError(t, err)
+				assert.NotNil(t, emailTemplate)
+				assert.NotEmpty(t, emailTemplate.Message)
+
+				et, err := db.Provider.GetEmailTemplateByEventName(ctx, eventType)
+				assert.NoError(t, err)
+				assert.Equal(t, et.EventName, eventType)
+			})
+		}
+	})
+}

server/test/add_webhook_test.go

@@ -22,7 +22,7 @@ func addWebhookTest(t *testing.T, s TestSetup) {
 		assert.NoError(t, err)
 		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", constants.AdminCookieName, h))
 
-		for _, eventType := range s.TestInfo.TestEventTypes {
+		for _, eventType := range s.TestInfo.TestWebhookEventTypes {
 			webhook, err := resolvers.AddWebhookResolver(ctx, model.AddWebhookRequest{
 				EventName: eventType,
 				Endpoint:  s.TestInfo.WebhookEndpoint,

server/test/delete_email_template_test.go

@@ -0,0 +1,52 @@
+package test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/crypto"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func deleteEmailTemplateTest(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run("should delete email templates", func(t *testing.T) {
+		req, ctx := createContext(s)
+		adminSecret, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret)
+		assert.NoError(t, err)
+		h, err := crypto.EncryptPassword(adminSecret)
+		assert.NoError(t, err)
+		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", constants.AdminCookieName, h))
+
+		// get all email templates
+		emailTemplates, err := db.Provider.ListEmailTemplate(ctx, model.Pagination{
+			Limit:  10,
+			Page:   1,
+			Offset: 0,
+		})
+		assert.NoError(t, err)
+
+		for _, e := range emailTemplates.EmailTemplates {
+			res, err := resolvers.DeleteEmailTemplateResolver(ctx, model.DeleteEmailTemplateRequest{
+				ID: e.ID,
+			})
+
+			assert.NoError(t, err)
+			assert.NotNil(t, res)
+			assert.NotEmpty(t, res.Message)
+		}
+
+		emailTemplates, err = db.Provider.ListEmailTemplate(ctx, model.Pagination{
+			Limit:  10,
+			Page:   1,
+			Offset: 0,
+		})
+		assert.NoError(t, err)
+		assert.Len(t, emailTemplates.EmailTemplates, 0)
+	})
+}

server/test/delete_webhook_test.go

@@ -24,7 +24,11 @@ func deleteWebhookTest(t *testing.T, s TestSetup) {
 		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", constants.AdminCookieName, h))
 
 		// get all webhooks
-		webhooks, err := db.Provider.ListWebhook(ctx, model.Pagination{})
+		webhooks, err := db.Provider.ListWebhook(ctx, model.Pagination{
+			Limit:  10,
+			Page:   1,
+			Offset: 0,
+		})
 		assert.NoError(t, err)
 
 		for _, w := range webhooks.Webhooks {
@@ -37,12 +41,17 @@ func deleteWebhookTest(t *testing.T, s TestSetup) {
 			assert.NotEmpty(t, res.Message)
 		}
 
-		webhooks, err = db.Provider.ListWebhook(ctx, model.Pagination{})
+		webhooks, err = db.Provider.ListWebhook(ctx, model.Pagination{
+			Limit:  10,
+			Page:   1,
+			Offset: 0,
+		})
 		assert.NoError(t, err)
 		assert.Len(t, webhooks.Webhooks, 0)
-
 		webhookLogs, err := db.Provider.ListWebhookLogs(ctx, model.Pagination{
-			Limit: 10,
+			Limit:  100,
+			Page:   1,
+			Offset: 0,
 		}, "")
 		assert.NoError(t, err)
 		assert.Len(t, webhookLogs.WebhookLogs, 0)

server/test/email_templates_test.go

@@ -0,0 +1,29 @@
+package test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/crypto"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func emailTemplatesTest(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run("should get email templates", func(t *testing.T) {
+		req, ctx := createContext(s)
+		adminSecret, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret)
+		assert.NoError(t, err)
+		h, err := crypto.EncryptPassword(adminSecret)
+		assert.NoError(t, err)
+		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", constants.AdminCookieName, h))
+
+		emailTemplates, err := resolvers.EmailTemplatesResolver(ctx, nil)
+		assert.NoError(t, err)
+		assert.NotEmpty(t, emailTemplates)
+		assert.Len(t, emailTemplates.EmailTemplates, len(s.TestInfo.TestEmailTemplateEventTypes))
+	})
+}

server/test/resolvers_test.go

@@ -2,6 +2,8 @@ package test
 
 import (
 	"context"
+	"os"
+	"strings"
 	"testing"
 	"time"
 
@@ -9,35 +11,66 @@ import (
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/env"
 	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/utils"
 )
 
 func TestResolvers(t *testing.T) {
 	databases := map[string]string{
-		constants.DbTypeSqlite: "../../data.db",
-		// constants.DbTypeArangodb:    "http://localhost:8529",
-		// constants.DbTypeMongodb:     "mongodb://localhost:27017",
-		// constants.DbTypeCassandraDB: "127.0.0.1:9042",
+		constants.DbTypeSqlite:   "../../test.db",
+		constants.DbTypeArangodb: "http://localhost:8529",
+		constants.DbTypeMongodb:  "mongodb://localhost:27017",
+		constants.DbTypeScyllaDB: "127.0.0.1:9042",
 	}
 
-	for dbType, dbURL := range databases {
+	testDBs := strings.Split(os.Getenv("TEST_DBS"), ",")
+	t.Log("Running tests for following dbs: ", testDBs)
+	for dbType := range databases {
+		if !utils.StringSliceContains(testDBs, dbType) {
+			delete(databases, dbType)
+		}
+	}
+
+	if utils.StringSliceContains(testDBs, constants.DbTypeSqlite) && len(testDBs) == 1 {
+		// do nothing
+	} else {
+		t.Log("waiting for docker containers to spun up")
+		// wait for docker containers to spun up
+		time.Sleep(30 * time.Second)
+	}
+
+	testDb := "authorizer_test"
 	s := testSetup()
 	defer s.Server.Close()
+
+	for dbType, dbURL := range databases {
 		ctx := context.Background()
 
 		memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDatabaseURL, dbURL)
 		memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDatabaseType, dbType)
+		memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDatabaseName, testDb)
+		os.Setenv(constants.EnvKeyDatabaseURL, dbURL)
+		os.Setenv(constants.EnvKeyDatabaseType, dbType)
+		os.Setenv(constants.EnvKeyDatabaseName, testDb)
+		memorystore.InitRequiredEnv()
+
 		err := db.InitDB()
 		if err != nil {
-			t.Errorf("Error initializing database: %s", err)
+			t.Errorf("Error initializing database: %s", err.Error())
 		}
 
 		// clean the persisted config for test to use fresh config
 		envData, err := db.Provider.GetEnv(ctx)
 		if err == nil {
 			envData.EnvData = ""
-			db.Provider.UpdateEnv(ctx, envData)
+			_, err = db.Provider.UpdateEnv(ctx, envData)
+			if err != nil {
+				t.Errorf("Error updating env: %s", err.Error())
+			}
+		}
+		err = env.PersistEnv()
+		if err != nil {
+			t.Errorf("Error persisting env: %s", err.Error())
 		}
-		env.PersistEnv()
 
 		memorystore.Provider.UpdateEnvVariable(constants.EnvKeyEnv, "test")
 		memorystore.Provider.UpdateEnvVariable(constants.EnvKeyIsProd, false)
@@ -61,6 +94,10 @@ func TestResolvers(t *testing.T) {
 			revokeAccessTest(t, s)
 			enableAccessTest(t, s)
 			generateJWTkeyTest(t, s)
+			addEmailTemplateTest(t, s)
+			updateEmailTemplateTest(t, s)
+			emailTemplatesTest(t, s)
+			deleteEmailTemplateTest(t, s)
 
 			// user resolvers tests
 			loginTests(t, s)
@@ -78,7 +115,6 @@ func TestResolvers(t *testing.T) {
 			inviteUserTest(t, s)
 			validateJwtTokenTest(t, s)
 
-			time.Sleep(5 * time.Second) // add sleep for webhooklogs to get generated as they are async
 			webhookLogsTest(t, s)   // get logs after above resolver tests are done
 			deleteWebhookTest(t, s) // delete webhooks (admin resolver)
 		})

server/test/test.go

@@ -24,7 +24,8 @@ type TestData struct {
 	Email                       string
 	Password                    string
 	WebhookEndpoint             string
-	TestEventTypes  []string
+	TestWebhookEventTypes       []string
+	TestEmailTemplateEventTypes []string
 }
 
 type TestSetup struct {
@@ -59,7 +60,6 @@ func cleanData(email string) {
 	dbUser, err := db.Provider.GetUserByEmail(ctx, email)
 	if err == nil {
 		db.Provider.DeleteUser(ctx, dbUser)
-		db.Provider.DeleteSession(ctx, dbUser.ID)
 	}
 }
 
@@ -80,7 +80,8 @@ func testSetup() TestSetup {
 		Email:                       fmt.Sprintf("%d_authorizer_tester@yopmail.com", time.Now().Unix()),
 		Password:                    "Test@123",
 		WebhookEndpoint:             "https://62cbc6738042b16aa7c22df2.mockapi.io/api/v1/webhook",
-		TestEventTypes:  []string{constants.UserAccessEnabledWebhookEvent, constants.UserAccessRevokedWebhookEvent, constants.UserCreatedWebhookEvent, constants.UserDeletedWebhookEvent, constants.UserLoginWebhookEvent, constants.UserSignUpWebhookEvent},
+		TestWebhookEventTypes:       []string{constants.UserAccessEnabledWebhookEvent, constants.UserAccessRevokedWebhookEvent, constants.UserCreatedWebhookEvent, constants.UserDeletedWebhookEvent, constants.UserLoginWebhookEvent, constants.UserSignUpWebhookEvent},
+		TestEmailTemplateEventTypes: []string{constants.VerificationTypeBasicAuthSignup, constants.VerificationTypeForgotPassword, constants.VerificationTypeMagicLinkLogin, constants.VerificationTypeUpdateEmail},
 	}
 
 	err := os.Setenv(constants.EnvKeyEnvPath, "../../.env.test")

server/test/update_email_template_test.go

@@ -0,0 +1,46 @@
+package test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/crypto"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/refs"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func updateEmailTemplateTest(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run("should update email template", func(t *testing.T) {
+		req, ctx := createContext(s)
+		adminSecret, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret)
+		assert.NoError(t, err)
+		h, err := crypto.EncryptPassword(adminSecret)
+		assert.NoError(t, err)
+		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", constants.AdminCookieName, h))
+		// get email template
+		emailTemplate, err := db.Provider.GetEmailTemplateByEventName(ctx, constants.VerificationTypeBasicAuthSignup)
+		assert.NoError(t, err)
+		assert.NotNil(t, emailTemplate)
+
+		res, err := resolvers.UpdateEmailTemplateResolver(ctx, model.UpdateEmailTemplateRequest{
+			ID:       emailTemplate.ID,
+			Template: refs.NewStringRef("Updated test template"),
+		})
+
+		assert.NoError(t, err)
+		assert.NotEmpty(t, res)
+		assert.NotEmpty(t, res.Message)
+
+		updatedEmailTemplate, err := db.Provider.GetEmailTemplateByEventName(ctx, constants.VerificationTypeBasicAuthSignup)
+		assert.NoError(t, err)
+		assert.NotNil(t, updatedEmailTemplate)
+		assert.Equal(t, emailTemplate.ID, updatedEmailTemplate.ID)
+		assert.Equal(t, updatedEmailTemplate.Template, "Updated test template")
+	})
+}

server/test/update_webhook_test.go

@@ -9,8 +9,8 @@ import (
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
-	"github.com/authorizerdev/authorizer/server/utils"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -27,12 +27,16 @@ func updateWebhookTest(t *testing.T, s TestSetup) {
 		webhook, err := db.Provider.GetWebhookByEventName(ctx, constants.UserDeletedWebhookEvent)
 		assert.NoError(t, err)
 		assert.NotNil(t, webhook)
-		webhook.Headers["x-new-test"] = "new-test"
+		// it should completely replace headers
+		webhook.Headers = map[string]interface{}{
+			"x-new-test": "test",
+		}
 
 		res, err := resolvers.UpdateWebhookResolver(ctx, model.UpdateWebhookRequest{
 			ID:       webhook.ID,
 			Headers:  webhook.Headers,
-			Enabled: utils.NewBoolRef(false),
+			Enabled:  refs.NewBoolRef(false),
+			Endpoint: refs.NewStringRef("https://sometest.com"),
 		})
 
 		assert.NoError(t, err)
@@ -43,15 +47,19 @@ func updateWebhookTest(t *testing.T, s TestSetup) {
 		assert.NoError(t, err)
 		assert.NotNil(t, updatedWebhook)
 		assert.Equal(t, webhook.ID, updatedWebhook.ID)
-		assert.Equal(t, utils.StringValue(webhook.EventName), utils.StringValue(updatedWebhook.EventName))
-		assert.Equal(t, utils.StringValue(webhook.Endpoint), utils.StringValue(updatedWebhook.Endpoint))
-		assert.Len(t, updatedWebhook.Headers, 2)
-		assert.False(t, utils.BoolValue(updatedWebhook.Enabled))
+		assert.Equal(t, refs.StringValue(webhook.EventName), refs.StringValue(updatedWebhook.EventName))
+		assert.Len(t, updatedWebhook.Headers, 1)
+		assert.False(t, refs.BoolValue(updatedWebhook.Enabled))
+		for key, val := range updatedWebhook.Headers {
+			assert.Equal(t, val, webhook.Headers[key])
+		}
+		assert.Equal(t, refs.StringValue(updatedWebhook.Endpoint), "https://sometest.com")
 
 		res, err = resolvers.UpdateWebhookResolver(ctx, model.UpdateWebhookRequest{
 			ID:       webhook.ID,
 			Headers:  webhook.Headers,
-			Enabled: utils.NewBoolRef(true),
+			Enabled:  refs.NewBoolRef(true),
+			Endpoint: refs.NewStringRef(s.TestInfo.WebhookEndpoint),
 		})
 		assert.NoError(t, err)
 		assert.NotEmpty(t, res)

server/test/webhook_logs_test.go

@@ -3,17 +3,19 @@ package test
 import (
 	"fmt"
 	"testing"
+	"time"
 
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/crypto"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
-	"github.com/authorizerdev/authorizer/server/utils"
 	"github.com/stretchr/testify/assert"
 )
 
 func webhookLogsTest(t *testing.T, s TestSetup) {
+	time.Sleep(30 * time.Second) // add sleep for webhooklogs to get generated as they are async
 	t.Helper()
 	t.Run("should get webhook logs", func(t *testing.T) {
 		req, ctx := createContext(s)
@@ -23,23 +25,25 @@ func webhookLogsTest(t *testing.T, s TestSetup) {
 		assert.NoError(t, err)
 		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", constants.AdminCookieName, h))
 
+		webhookLogs, err := resolvers.WebhookLogsResolver(ctx, nil)
+		assert.NoError(t, err)
+		assert.Greater(t, len(webhookLogs.WebhookLogs), 1)
+
 		webhooks, err := resolvers.WebhooksResolver(ctx, nil)
 		assert.NoError(t, err)
 		assert.NotEmpty(t, webhooks)
 
-		webhookLogs, err := resolvers.WebhookLogsResolver(ctx, model.ListWebhookLogRequest{})
-		assert.NoError(t, err)
-		assert.Greater(t, len(webhookLogs.WebhookLogs), 1)
-
 		for _, w := range webhooks.Webhooks {
-			webhookLogs, err := resolvers.WebhookLogsResolver(ctx, model.ListWebhookLogRequest{
+			t.Run(fmt.Sprintf("should get webhook for webhook_id:%s", w.ID), func(t *testing.T) {
+				webhookLogs, err := resolvers.WebhookLogsResolver(ctx, &model.ListWebhookLogRequest{
 					WebhookID: &w.ID,
 				})
 				assert.NoError(t, err)
 				assert.GreaterOrEqual(t, len(webhookLogs.WebhookLogs), 1)
 				for _, wl := range webhookLogs.WebhookLogs {
-				assert.Equal(t, utils.StringValue(wl.WebhookID), w.ID)
+					assert.Equal(t, refs.StringValue(wl.WebhookID), w.ID)
 				}
+			})
 		}
 	})
 }

server/test/webhook_test.go

@@ -9,8 +9,8 @@ import (
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
-	"github.com/authorizerdev/authorizer/server/utils"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -34,9 +34,9 @@ func webhookTest(t *testing.T, s TestSetup) {
 		})
 		assert.NoError(t, err)
 		assert.Equal(t, res.ID, webhook.ID)
-		assert.Equal(t, utils.StringValue(res.Endpoint), utils.StringValue(webhook.Endpoint))
-		assert.Equal(t, utils.StringValue(res.EventName), utils.StringValue(webhook.EventName))
-		assert.Equal(t, utils.BoolValue(res.Enabled), utils.BoolValue(webhook.Enabled))
+		assert.Equal(t, refs.StringValue(res.Endpoint), refs.StringValue(webhook.Endpoint))
+		assert.Equal(t, refs.StringValue(res.EventName), refs.StringValue(webhook.EventName))
+		assert.Equal(t, refs.BoolValue(res.Enabled), refs.BoolValue(webhook.Enabled))
 		assert.Len(t, res.Headers, len(webhook.Headers))
 	})
 }

server/test/webhooks_test.go

@@ -24,6 +24,6 @@ func webhooksTest(t *testing.T, s TestSetup) {
 		webhooks, err := resolvers.WebhooksResolver(ctx, nil)
 		assert.NoError(t, err)
 		assert.NotEmpty(t, webhooks)
-		assert.Len(t, webhooks.Webhooks, len(s.TestInfo.TestEventTypes))
+		assert.Len(t, webhooks.Webhooks, len(s.TestInfo.TestWebhookEventTypes))
 	})
 }

server/utils/webhook.go

@@ -11,6 +11,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/refs"
 	log "github.com/sirupsen/logrus"
 )
 
@@ -20,7 +21,7 @@ func RegisterEvent(ctx context.Context, eventName string, authRecipe string, use
 		return err
 	}
 
-	if !BoolValue(webhook.Enabled) {
+	if !refs.BoolValue(webhook.Enabled) {
 		return nil
 	}
 
@@ -52,7 +53,7 @@ func RegisterEvent(ctx context.Context, eventName string, authRecipe string, use
 	}
 
 	requestBytesBuffer := bytes.NewBuffer(requestBody)
-	req, err := http.NewRequest("POST", StringValue(webhook.Endpoint), requestBytesBuffer)
+	req, err := http.NewRequest("POST", refs.StringValue(webhook.Endpoint), requestBytesBuffer)
 	if err != nil {
 		log.Debug("error creating webhook post request: ", err)
 		return err

server/validators/email_template.go

@@ -0,0 +1,12 @@
+package validators
+
+import "github.com/authorizerdev/authorizer/server/constants"
+
+// IsValidEmailTemplateEventName function to validate email template events
+func IsValidEmailTemplateEventName(eventName string) bool {
+	if eventName != constants.VerificationTypeBasicAuthSignup && eventName != constants.VerificationTypeForgotPassword && eventName != constants.VerificationTypeMagicLinkLogin && eventName != constants.VerificationTypeUpdateEmail {
+		return false
+	}
+
+	return true
+}