feat: otp resolvers updated

server/resolvers/login.go

@@ -99,6 +99,12 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
 	}
 
 	if refs.BoolValue(user.IsMultiFactorAuthEnabled) {
+		//TODO - send email based on email config
+		db.Provider.UpsertOTP(ctx, &models.OTP{
+			Email:     user.Email,
+			Otp:       utils.GenerateOTP(),
+			ExpiresAt: time.Now().Add(1 * time.Minute).Unix(),
+		})
 		return &model.AuthResponse{
 			Message:             "Please check the OTP in your inbox",
 			ShouldShowOtpScreen: refs.NewBoolRef(true),

server/resolvers/resend_otp.go

@@ -0,0 +1,59 @@
+package resolvers
+
+import (
+	"context"
+	"fmt"
+	"strings"
+	"time"
+
+	log "github.com/sirupsen/logrus"
+
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/refs"
+	"github.com/authorizerdev/authorizer/server/utils"
+)
+
+// ResendOTPResolver is a resolver for resend otp mutation
+func ResendOTPResolver(ctx context.Context, params model.ResendOTPRequest) (*model.Response, error) {
+	var res *model.Response
+
+	log := log.WithFields(log.Fields{
+		"email": params.Email,
+	})
+	params.Email = strings.ToLower(params.Email)
+	user, err := db.Provider.GetUserByEmail(ctx, params.Email)
+	if err != nil {
+		log.Debug("Failed to get user by email: ", err)
+		return res, fmt.Errorf(`user with this email not found`)
+	}
+
+	if user.RevokedTimestamp != nil {
+		log.Debug("User access is revoked")
+		return res, fmt.Errorf(`user access has been revoked`)
+	}
+
+	if user.EmailVerifiedAt == nil {
+		log.Debug("User email is not verified")
+		return res, fmt.Errorf(`email not verified`)
+	}
+
+	if !refs.BoolValue(user.IsMultiFactorAuthEnabled) {
+		log.Debug("User multi factor authentication is not enabled")
+		return res, fmt.Errorf(`multi factor authentication not enabled`)
+	}
+
+	//TODO - send email based on email config
+	db.Provider.UpsertOTP(ctx, &models.OTP{
+		Email:     user.Email,
+		Otp:       utils.GenerateOTP(),
+		ExpiresAt: time.Now().Add(1 * time.Minute).Unix(),
+	})
+
+	res = &model.Response{
+		Message: `OTP has been sent. Please check your inbox`,
+	}
+
+	return res, nil
+}

server/resolvers/verify_otp.go

@@ -32,11 +32,16 @@ func VerifyOtpResolver(ctx context.Context, params model.VerifyOTPRequest) (*mod
 		return res, fmt.Errorf(`invalid email: %s`, err.Error())
 	}
 
+	if params.Otp != otp.Otp {
+		log.Debug("Failed to verify otp request: Incorrect value")
+		return res, fmt.Errorf(`invalid otp`)
+	}
+
 	expiresIn := otp.ExpiresAt - time.Now().Unix()
 
-	if params.Otp != otp.Otp || expiresIn < 0 {
-		log.Debug("Failed to verify otp request: ", err)
-		return res, fmt.Errorf(`invalid otp: %s`, err.Error())
+	if expiresIn < 0 {
+		log.Debug("Failed to verify otp request: Timeout")
+		return res, fmt.Errorf("otp expired")
 	}
 
 	user, err := db.Provider.GetUserByEmail(ctx, params.Email)