fix: dashboard

update: separate routes for login and signup added

.dockerignore

@@ -9,3 +9,4 @@ build
 data.db
 app/node_modules
 app/build
+certs/

.env.sample

@@ -1,2 +1,3 @@
 DATABASE_URL=data.db
-DATABASE_TYPE=sqlite
+DATABASE_TYPE=sqlite
+CUSTOM_ACCESS_TOKEN_SCRIPT="function(user,tokenPayload){var data = tokenPayload;data.extra = {'x-extra-id': user.id};return data;}"

.github/CONTRIBUTING.md

@@ -43,12 +43,14 @@ Please ask as many questions as you need, either directly in the issue or on [Di
 ### Project Setup for Authorizer core
 
 1. Fork the [authorizer](https://github.com/authorizerdev/authorizer) repository (**Skip this step if you have access to repo**)
-2. `git clone https://github.com/authorizerdev/authorizer.git`
-3. `cd authorizer`
-4. `cp .env.sample .env`. Check all the supported env [here](https://docs.authorizer.dev/core/env/)
-5. Build the code `make clean && make`
+2. Clone repo: `git clone https://github.com/authorizerdev/authorizer.git` or use the forked url from step 1
+3. Change directory to authorizer: `cd authorizer`
+5. Create Env file `cp .env.sample .env`. Check all the supported env [here](https://docs.authorizer.dev/core/env/)
+6. Build Dashboard `make build-dashboard`
+7. Build App `make build-app`
+8. Build Server `make clean && make`
    > Note: if you don't have [`make`](https://www.ibm.com/docs/en/aix/7.2?topic=concepts-make-command), you can `cd` into `server` dir and build using the `go build` command
-6. Run binary `./build/server`
+9. Run binary `./build/server`
 
 ### Testing
 

.github/workflows/release.yaml

@@ -1,4 +1,19 @@
 on:
+  workflow_dispatch:
+    inputs:
+      logLevel:
+        description: 'Log level'     
+        required: true
+        default: 'warning' 
+        type: choice
+        options:
+        - info
+        - warning
+        - debug 
+      tags:
+        description: 'Tags'
+        required: false 
+        type: boolean
   release:
     types: [created]
 

.gitignore

@@ -10,4 +10,8 @@ build
 data.db
 .DS_Store
 .env.local
-*.tar.gz
+*.tar.gz
+.vscode/
+.yalc
+yalc.lock
+certs/

Makefile

@@ -11,3 +11,6 @@ clean:
 	rm -rf build
 test:
 	cd server && go clean --testcache && go test -v ./test
+generate:
+	cd server && go get github.com/99designs/gqlgen/cmd@v0.14.0 && go run github.com/99designs/gqlgen generate
+	

README.md

@@ -7,7 +7,7 @@
   Authorizer
 </h1>
 
-**Authorizer** is an open-source authentication and authorization solution for your applications. Bring your database and have complete control over the user information. You can self-host authorizer instances and connect to any database (Currently supports [Postgres](https://www.postgresql.org/), [MySQL](https://www.mysql.com/), [SQLite](https://www.sqlite.org/index.html), [SQLServer](https://www.microsoft.com/en-us/sql-server/), [MongoDB](https://mongodb.com/),[ArangoDB](https://www.arangodb.com/)).
+**Authorizer** is an open-source authentication and authorization solution for your applications. Bring your database and have complete control over the user information. You can self-host authorizer instances and connect to any database (Currently supports [Postgres](https://www.postgresql.org/), [MySQL](https://www.mysql.com/), [SQLite](https://www.sqlite.org/index.html), [SQLServer](https://www.microsoft.com/en-us/sql-server/), [MongoDB](https://mongodb.com/), [ArangoDB](https://www.arangodb.com/)).
 
 ## Table of contents
 
@@ -26,18 +26,16 @@
 - ✅ Sign-in / Sign-up with email ID and password
 - ✅ Secure session management
 - ✅ Email verification
+- ✅ OAuth2 and OpenID compatible APIs
 - ✅ APIs to update profile securely
 - ✅ Forgot password flow using email
 - ✅ Social logins (Google, Github, Facebook, more coming soon)
 - ✅ Role-based access management
-- ✅ Password-less login with email and magic link
+- ✅ Password-less login with magic link login
 
 ## Roadmap
 
-- Support more JWT encryption algorithms (Currently supporting HS256)
 - 2 Factor authentication
-- Back office (Admin dashboard to manage user)
-- Support more database
 - VueJS SDK
 - Svelte SDK
 - React Native SDK
@@ -59,33 +57,42 @@
 
 # Getting Started
 
-## Trying out Authorizer
+## Step 1: Get Authorizer Instance
+
+### Deploy Production Ready Instance
+
+Deploy production ready Authorizer instance using one click deployment options available below
+
+| **Infra provider** |                                                                                                        **One-click link**                                                                                                        |               **Additional information**               |
+| :----------------: | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------: | :----------------------------------------------------: |
+|    Railway.app     | <a href="https://railway.app/new/template?template=https://github.com/authorizerdev/authorizer-railway&amp;plugins=postgresql,redis"><img src="https://railway.app/button.svg" style="height: 44px" alt="Deploy on Railway"></a> | [docs](https://docs.authorizer.dev/deployment/railway) |
+|       Heroku       |             <a href="https://heroku.com/deploy?template=https://github.com/authorizerdev/authorizer-heroku"><img src="https://www.herokucdn.com/deploy/button.svg" alt="Deploy to Heroku" style="height: 44px;"></a>             | [docs](https://docs.authorizer.dev/deployment/heroku)  |
+|       Render       |                                 [![Deploy to Render](https://render.com/images/deploy-to-render-button.svg)](https://render.com/deploy?repo=https://github.com/authorizerdev/authorizer-render)                                  | [docs](https://docs.authorizer.dev/deployment/render)  |
+
+### Deploy Authorizer Using Source Code
 
 This guide helps you practice using Authorizer to evaluate it before you use it in a production environment. It includes instructions for installing the Authorizer server in local or standalone mode.
 
-- [Install using source code](#install-using-source-code)
-- [Install using binaries](#install-using-binaries)
-- [Install instance on heroku](#install-instance-on-Heroku)
-- [Install instance on railway.app](#install-instance-on-railway)
+#### Install using source code
 
-## Install using source code
-
-### Prerequisites
+#### Prerequisites
 
 - OS: Linux or macOS or windows
 - Go: (Golang)(https://golang.org/dl/) >= v1.15
 
-### Project Setup
+#### Project Setup
 
 1. Fork the [authorizer](https://github.com/authorizerdev/authorizer) repository (**Skip this step if you have access to repo**)
-2. `git clone https://github.com/authorizerdev/authorizer.git`
-3. `cd authorizer`
-4. `cp .env.sample .env`. Check all the supported env [here](https://docs.authorizer.dev/core/env/)
-5. Build the code `make clean && make`
+2. Clone repo: `git clone https://github.com/authorizerdev/authorizer.git` or use the forked url from step 1
+3. Change directory to authorizer: `cd authorizer`
+4. Create Env file `cp .env.sample .env`. Check all the supported env [here](https://docs.authorizer.dev/core/env/)
+5. Build Dashboard `make build-dashboard`
+6. Build App `make build-app`
+7. Build Server `make clean && make`
    > Note: if you don't have [`make`](https://www.ibm.com/docs/en/aix/7.2?topic=concepts-make-command), you can `cd` into `server` dir and build using the `go build` command
-6. Run binary `./build/server`
+8. Run binary `./build/server`
 
-## Install using binaries
+### Deploy Authorizer using binaries
 
 Deploy / Try Authorizer using binaries. With each [Authorizer Release](https://github.com/authorizerdev/authorizer/releases)
 binaries are baked with required deployment files and bundled. You can download a specific version of it for the following operating systems:
@@ -93,7 +100,7 @@ binaries are baked with required deployment files and bundled. You can download
 - Mac OSX
 - Linux
 
-### Step 1: Download and unzip bundle
+#### Download and unzip bundle
 
 - Download the Bundle for the specific OS from the [release page](https://github.com/authorizerdev/authorizer/releases)
 
@@ -113,11 +120,7 @@ binaries are baked with required deployment files and bundled. You can download
   cd authorizer
   ```
 
-### Step 2: Configure environment variables
-
-Required environment variables are pre-configured in `.env` file. But based on the production requirements, please configure more environment variables. You can refer to [environment variables docs](/core/env) for more information.
-
-### Step 3: Start Authorizer
+#### Step 3: Start Authorizer
 
 - Run following command to start authorizer
 
@@ -129,20 +132,20 @@ Required environment variables are pre-configured in `.env` file. But based on t
 
 > Note: For mac users, you might have to give binary the permission to execute. Here is the command you can use to grant permission `xattr -d com.apple.quarantine build/server`
 
-Deploy production ready Authorizer instance using one click deployment options available below
+## Step 2: Setup Instance
 
-| **Infra provider** |                                                                                                        **One-click link**                                                                                                        |               **Additional information**               |
-| :----------------: | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------: | :----------------------------------------------------: |
-|    Railway.app     | <a href="https://railway.app/new/template?template=https://github.com/authorizerdev/authorizer-railway&amp;plugins=postgresql,redis"><img src="https://railway.app/button.svg" style="height: 44px" alt="Deploy on Railway"></a> | [docs](https://docs.authorizer.dev/deployment/railway) |
-|       Heroku       |             <a href="https://heroku.com/deploy?template=https://github.com/authorizerdev/authorizer-heroku"><img src="https://www.herokucdn.com/deploy/button.svg" alt="Deploy to Heroku" style="height: 44px;"></a>             | [docs](https://docs.authorizer.dev/deployment/heroku)  |
-|       Render       |                                 [![Deploy to Render](https://render.com/images/deploy-to-render-button.svg)](https://render.com/deploy?repo=https://github.com/authorizerdev/authorizer-render)                                  | [docs](https://docs.authorizer.dev/deployment/render)  |
+- Open authorizer instance endpoint in browser
+- Sign up as an admin with a secure password
+- Configure environment variables from authorizer dashboard. Check env [docs](/core/env) for more information
+
+> Note: `DATABASE_URL`, `DATABASE_TYPE` and `DATABASE_NAME` are only configurable via platform envs
 
 ### Things to consider
 
 - For social logins, you will need respective social platform key and secret
 - For having verified users, you will need an SMTP server with an email address and password using which system can send emails. The system will send a verification link to an email address. Once an email is verified then, only able to access it.
   > Note: One can always disable the email verification to allow open sign up, which is not recommended for production as anyone can use anyone's email address 😅
-- For persisting user sessions, you will need Redis URL (not in case of railway.app). If you do not configure a Redis server, sessions will be persisted until the instance is up or not restarted. For better response time on authorization requests/middleware, we recommend deploying Redis on the same infra/network as your authorizer server.
+- For persisting user sessions, you will need Redis URL (not in case of railway app). If you do not configure a Redis server, sessions will be persisted until the instance is up or not restarted. For better response time on authorization requests/middleware, we recommend deploying Redis on the same infra/network as your authorizer server.
 
 ## Testing
 
@@ -161,8 +164,9 @@ This example demonstrates how you can use [`@authorizerdev/authorizer-js`](/auth
 
 <script type="text/javascript">
 	const authorizerRef = new authorizerdev.Authorizer({
-		authorizerURL: `AUTHORIZER_URL`,
+		authorizerURL: `YOUR_AUTHORIZER_INSTANCE_URL`,
 		redirectURL: window.location.origin,
+		clientID: 'YOUR_CLIENT_ID', // obtain your client id from authorizer dashboard
 	});
 
 	// use the button selector as per your application
@@ -173,15 +177,19 @@ This example demonstrates how you can use [`@authorizerdev/authorizer-js`](/auth
 	});
 
 	async function onLoad() {
-		const res = await authorizerRef.browserLogin();
-		if (res && res.user) {
+		const res = await authorizerRef.authorize({
+			response_type: 'code',
+			use_refresh_token: false,
+		});
+		if (res && res.access_token) {
 			// you can use user information here, eg:
-			/**
-      const userSection = document.getElementById('user');
-      const logoutSection = document.getElementById('logout-section');
-      logoutSection.classList.toggle('hide');
-      userSection.innerHTML = `Welcome, ${res.user.email}`;
-      */
+			const user = await authorizerRef.getProfile({
+				Authorization: `Bearer ${res.access_token}`,
+			});
+			const userSection = document.getElementById('user');
+			const logoutSection = document.getElementById('logout-section');
+			logoutSection.classList.toggle('hide');
+			userSection.innerHTML = `Welcome, ${user.email}`;
 		}
 	}
 	onLoad();

app/package-lock.json

@@ -9,7 +9,7 @@
 			"version": "1.0.0",
 			"license": "ISC",
 			"dependencies": {
-				"@authorizerdev/authorizer-react": "latest",
+				"@authorizerdev/authorizer-react": "^0.17.0",
 				"@types/react": "^17.0.15",
 				"@types/react-dom": "^17.0.9",
 				"esbuild": "^0.12.17",
@@ -17,16 +17,18 @@
 				"react-dom": "^17.0.2",
 				"react-is": "^17.0.2",
 				"react-router-dom": "^5.2.0",
+				"styled-components": "^5.3.0",
 				"typescript": "^4.3.5"
 			},
 			"devDependencies": {
-				"@types/react-router-dom": "^5.1.8"
+				"@types/react-router-dom": "^5.1.8",
+				"@types/styled-components": "^5.1.11"
 			}
 		},
 		"node_modules/@authorizerdev/authorizer-js": {
-			"version": "0.2.1",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-0.2.1.tgz",
-			"integrity": "sha512-5lQlh+nc5xTsPongfTyCSX24A1WESu/BjhmZwUNuScEOGady0qPoDHE3RBf46dpi5v05wbHCDN1IFEalX5zssQ==",
+			"version": "0.10.0",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-0.10.0.tgz",
+			"integrity": "sha512-REM8FLD/Ej9gzA2zDGDAke6QFss33ubePlTDmLDmIYUuQmpHFlO5mCCS6nVsKkN7F/Bcwkmp+eUNQjkdGCaKLg==",
 			"dependencies": {
 				"node-fetch": "^2.6.1"
 			},
@@ -35,11 +37,11 @@
 			}
 		},
 		"node_modules/@authorizerdev/authorizer-react": {
-			"version": "0.4.3",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.4.3.tgz",
-			"integrity": "sha512-o/wWe9zZ3ARYdjbDfhGfvOxe1YQrE1YQ+UN9pcq85YSDkbfBkOfcnJ4YxlxWdL0Obd/ErDIeQ3vskyrfvRf3sA==",
+			"version": "0.17.0",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.17.0.tgz",
+			"integrity": "sha512-7WcNCU7hDFkVfFb8LcJXFwWiLYd8aY78z1AbNPxCa2Cw5G85PaRkzjKybP6h01ITVOHO6M03lLwPj8p6Sr6fEg==",
 			"dependencies": {
-				"@authorizerdev/authorizer-js": "^0.2.1",
+				"@authorizerdev/authorizer-js": "^0.10.0",
 				"final-form": "^4.20.2",
 				"react-final-form": "^6.5.3",
 				"styled-components": "^5.3.0"
@@ -271,6 +273,16 @@
 			"integrity": "sha512-MUc6zSmU3tEVnkQ78q0peeEjKWPUADMlC/t++2bI8WnAG2tvYRPIgHG8lWkXwqc8MsUF6Z2MOf+Mh5sazOmhiQ==",
 			"dev": true
 		},
+		"node_modules/@types/hoist-non-react-statics": {
+			"version": "3.3.1",
+			"resolved": "https://registry.npmjs.org/@types/hoist-non-react-statics/-/hoist-non-react-statics-3.3.1.tgz",
+			"integrity": "sha512-iMIqiko6ooLrTh1joXodJK5X9xeEALT1kM5G3ZLhD3hszxBdIEd5C75U834D9mLcINgD4OyZf5uQXjkuYydWvA==",
+			"dev": true,
+			"dependencies": {
+				"@types/react": "*",
+				"hoist-non-react-statics": "^3.3.0"
+			}
+		},
 		"node_modules/@types/prop-types": {
 			"version": "15.7.4",
 			"resolved": "https://registry.npmjs.org/@types/prop-types/-/prop-types-15.7.4.tgz",
@@ -320,6 +332,17 @@
 			"resolved": "https://registry.npmjs.org/@types/scheduler/-/scheduler-0.16.2.tgz",
 			"integrity": "sha512-hppQEBDmlwhFAXKJX2KnWLYu5yMfi91yazPb2l+lbJiwW+wdo1gNeRA+3RgNSO39WYX2euey41KEwnqesU2Jew=="
 		},
+		"node_modules/@types/styled-components": {
+			"version": "5.1.25",
+			"resolved": "https://registry.npmjs.org/@types/styled-components/-/styled-components-5.1.25.tgz",
+			"integrity": "sha512-fgwl+0Pa8pdkwXRoVPP9JbqF0Ivo9llnmsm+7TCI330kbPIFd9qv1Lrhr37shf4tnxCOSu+/IgqM7uJXLWZZNQ==",
+			"dev": true,
+			"dependencies": {
+				"@types/hoist-non-react-statics": "*",
+				"@types/react": "*",
+				"csstype": "^3.0.2"
+			}
+		},
 		"node_modules/ansi-styles": {
 			"version": "3.2.1",
 			"resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
@@ -829,19 +852,19 @@
 	},
 	"dependencies": {
 		"@authorizerdev/authorizer-js": {
-			"version": "0.2.1",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-0.2.1.tgz",
-			"integrity": "sha512-5lQlh+nc5xTsPongfTyCSX24A1WESu/BjhmZwUNuScEOGady0qPoDHE3RBf46dpi5v05wbHCDN1IFEalX5zssQ==",
+			"version": "0.10.0",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-0.10.0.tgz",
+			"integrity": "sha512-REM8FLD/Ej9gzA2zDGDAke6QFss33ubePlTDmLDmIYUuQmpHFlO5mCCS6nVsKkN7F/Bcwkmp+eUNQjkdGCaKLg==",
 			"requires": {
 				"node-fetch": "^2.6.1"
 			}
 		},
 		"@authorizerdev/authorizer-react": {
-			"version": "0.4.3",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.4.3.tgz",
-			"integrity": "sha512-o/wWe9zZ3ARYdjbDfhGfvOxe1YQrE1YQ+UN9pcq85YSDkbfBkOfcnJ4YxlxWdL0Obd/ErDIeQ3vskyrfvRf3sA==",
+			"version": "0.17.0",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.17.0.tgz",
+			"integrity": "sha512-7WcNCU7hDFkVfFb8LcJXFwWiLYd8aY78z1AbNPxCa2Cw5G85PaRkzjKybP6h01ITVOHO6M03lLwPj8p6Sr6fEg==",
 			"requires": {
-				"@authorizerdev/authorizer-js": "^0.2.1",
+				"@authorizerdev/authorizer-js": "^0.10.0",
 				"final-form": "^4.20.2",
 				"react-final-form": "^6.5.3",
 				"styled-components": "^5.3.0"
@@ -1016,6 +1039,16 @@
 			"integrity": "sha512-MUc6zSmU3tEVnkQ78q0peeEjKWPUADMlC/t++2bI8WnAG2tvYRPIgHG8lWkXwqc8MsUF6Z2MOf+Mh5sazOmhiQ==",
 			"dev": true
 		},
+		"@types/hoist-non-react-statics": {
+			"version": "3.3.1",
+			"resolved": "https://registry.npmjs.org/@types/hoist-non-react-statics/-/hoist-non-react-statics-3.3.1.tgz",
+			"integrity": "sha512-iMIqiko6ooLrTh1joXodJK5X9xeEALT1kM5G3ZLhD3hszxBdIEd5C75U834D9mLcINgD4OyZf5uQXjkuYydWvA==",
+			"dev": true,
+			"requires": {
+				"@types/react": "*",
+				"hoist-non-react-statics": "^3.3.0"
+			}
+		},
 		"@types/prop-types": {
 			"version": "15.7.4",
 			"resolved": "https://registry.npmjs.org/@types/prop-types/-/prop-types-15.7.4.tgz",
@@ -1065,6 +1098,17 @@
 			"resolved": "https://registry.npmjs.org/@types/scheduler/-/scheduler-0.16.2.tgz",
 			"integrity": "sha512-hppQEBDmlwhFAXKJX2KnWLYu5yMfi91yazPb2l+lbJiwW+wdo1gNeRA+3RgNSO39WYX2euey41KEwnqesU2Jew=="
 		},
+		"@types/styled-components": {
+			"version": "5.1.25",
+			"resolved": "https://registry.npmjs.org/@types/styled-components/-/styled-components-5.1.25.tgz",
+			"integrity": "sha512-fgwl+0Pa8pdkwXRoVPP9JbqF0Ivo9llnmsm+7TCI330kbPIFd9qv1Lrhr37shf4tnxCOSu+/IgqM7uJXLWZZNQ==",
+			"dev": true,
+			"requires": {
+				"@types/hoist-non-react-statics": "*",
+				"@types/react": "*",
+				"csstype": "^3.0.2"
+			}
+		},
 		"ansi-styles": {
 			"version": "3.2.1",
 			"resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",

app/package.json

@@ -11,7 +11,7 @@
 	"author": "Lakhan Samani",
 	"license": "ISC",
 	"dependencies": {
-		"@authorizerdev/authorizer-react": "latest",
+		"@authorizerdev/authorizer-react": "^0.17.0",
 		"@types/react": "^17.0.15",
 		"@types/react-dom": "^17.0.9",
 		"esbuild": "^0.12.17",
@@ -19,9 +19,11 @@
 		"react-dom": "^17.0.2",
 		"react-is": "^17.0.2",
 		"react-router-dom": "^5.2.0",
-		"typescript": "^4.3.5"
+		"typescript": "^4.3.5",
+		"styled-components": "^5.3.0"
 	},
 	"devDependencies": {
-		"@types/react-router-dom": "^5.1.8"
+		"@types/react-router-dom": "^5.1.8",
+		"@types/styled-components": "^5.1.11"
 	}
 }

app/src/App.tsx

@@ -2,10 +2,33 @@ import React from 'react';
 import { BrowserRouter } from 'react-router-dom';
 import { AuthorizerProvider } from '@authorizerdev/authorizer-react';
 import Root from './Root';
+import { createRandomString } from './utils/common';
 
 export default function App() {
-	// @ts-ignore
-	const globalState: Record<string, string> = window['__authorizer__'];
+	const searchParams = new URLSearchParams(window.location.search);
+	const state = searchParams.get('state') || createRandomString();
+	const scope = searchParams.get('scope')
+		? searchParams.get('scope')?.toString().split(' ')
+		: `openid profile email`;
+
+	const urlProps: Record<string, any> = {
+		state,
+		scope,
+	};
+
+	const redirectURL =
+		searchParams.get('redirect_uri') || searchParams.get('redirectURL');
+	if (redirectURL) {
+		urlProps.redirectURL = redirectURL;
+	} else {
+		urlProps.redirectURL = window.location.origin + '/app';
+	}
+	const globalState: Record<string, string> = {
+		// @ts-ignore
+		...window['__authorizer__'],
+		...urlProps,
+	};
+
 	return (
 		<div
 			style={{
@@ -30,15 +53,7 @@ export default function App() {
 				/>
 				<h1>{globalState.organizationName}</h1>
 			</div>
-			<div
-				style={{
-					width: 400,
-					margin: `10px auto`,
-					border: `1px solid #D1D5DB`,
-					padding: `25px 20px`,
-					borderRadius: 5,
-				}}
-			>
+			<div className="container">
 				<BrowserRouter>
 					<AuthorizerProvider
 						config={{
@@ -46,7 +61,7 @@ export default function App() {
 							redirectURL: globalState.redirectURL,
 						}}
 					>
-						<Root />
+						<Root globalState={globalState} />
 					</AuthorizerProvider>
 				</BrowserRouter>
 			</div>

app/src/Root.tsx

@@ -1,19 +1,76 @@
 import React, { useEffect, lazy, Suspense } from 'react';
 import { Switch, Route } from 'react-router-dom';
 import { useAuthorizer } from '@authorizerdev/authorizer-react';
+import styled, { ThemeProvider } from 'styled-components';
+import SetupPassword from './pages/setup-password';
+import { hasWindow, createRandomString } from './utils/common';
+import { theme } from './theme';
 
 const ResetPassword = lazy(() => import('./pages/rest-password'));
 const Login = lazy(() => import('./pages/login'));
 const Dashboard = lazy(() => import('./pages/dashboard'));
+const SignUp = lazy(() => import('./pages/signup'));
 
-export default function Root() {
+const Wrapper = styled.div`
+	font-family: ${(props) => props.theme.fonts.fontStack};
+	color: ${(props) => props.theme.colors.textColor};
+	font-size: ${(props) => props.theme.fonts.mediumText};
+	box-sizing: border-box;
+
+	*,
+	*:before,
+	*:after {
+		box-sizing: inherit;
+	}
+`;
+
+export default function Root({
+	globalState,
+}: {
+	globalState: Record<string, string>;
+}) {
 	const { token, loading, config } = useAuthorizer();
 
+	const searchParams = new URLSearchParams(
+		hasWindow() ? window.location.search : ``
+	);
+	const state = searchParams.get('state') || createRandomString();
+	const scope = searchParams.get('scope')
+		? searchParams.get('scope')?.toString().split(' ')
+		: ['openid', 'profile', 'email'];
+
+	const urlProps: Record<string, any> = {
+		state,
+		scope,
+	};
+
+	const redirectURL =
+		searchParams.get('redirect_uri') || searchParams.get('redirectURL');
+	if (redirectURL) {
+		urlProps.redirectURL = redirectURL;
+	} else {
+		urlProps.redirectURL = hasWindow() ? window.location.origin : redirectURL;
+	}
+
+	urlProps.redirect_uri = urlProps.redirectURL;
+
 	useEffect(() => {
 		if (token) {
-			const url = new URL(config.redirectURL || '/app');
+			let redirectURL = config.redirectURL || '/app';
+			let params = `access_token=${token.access_token}&id_token=${token.id_token}&expires_in=${token.expires_in}&state=${globalState.state}`;
+			if (token.refresh_token) {
+				params += `&refresh_token=${token.refresh_token}`;
+			}
+			const url = new URL(redirectURL);
+			if (redirectURL.includes('?')) {
+				redirectURL = `${redirectURL}&${params}`;
+			} else {
+				redirectURL = `${redirectURL}?${params}`;
+			}
+
 			if (url.origin !== window.location.origin) {
-				window.location.href = config.redirectURL || '/app';
+				sessionStorage.removeItem('authorizer_state');
+				window.location.replace(redirectURL);
 			}
 		}
 		return () => {};
@@ -37,14 +94,24 @@ export default function Root() {
 
 	return (
 		<Suspense fallback={<></>}>
-			<Switch>
-				<Route path="/app" exact>
-					<Login />
-				</Route>
-				<Route path="/app/reset-password">
-					<ResetPassword />
-				</Route>
-			</Switch>
+			<ThemeProvider theme={theme}>
+				<Wrapper>
+					<Switch>
+						<Route path="/app" exact>
+							<Login urlProps={urlProps} />
+						</Route>
+						<Route path="/app/signup" exact>
+							<SignUp urlProps={urlProps} />
+						</Route>
+						<Route path="/app/reset-password">
+							<ResetPassword />
+						</Route>
+						<Route path="/app/setup-password">
+							<SetupPassword />
+						</Route>
+					</Switch>
+				</Wrapper>
+			</ThemeProvider>
 		</Suspense>
 	);
 }

app/src/index.css

@@ -1,5 +1,5 @@
 body {
-	margin: 0;
+	margin: 10;
 	font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', 'Roboto', 'Oxygen',
 		'Ubuntu', 'Cantarell', 'Fira Sans', 'Droid Sans', 'Helvetica Neue',
 		sans-serif;
@@ -14,3 +14,17 @@ body {
 *:after {
 	box-sizing: inherit;
 }
+
+.container {
+	box-sizing: content-box;
+	border: 1px solid #d1d5db;
+	padding: 25px 20px;
+	border-radius: 5px;
+}
+
+@media only screen and (min-width: 768px) {
+	.container {
+		width: 400px;
+		margin: 0 auto;
+	}
+}

app/src/pages/login.tsx

@@ -1,10 +1,82 @@
-import React, { Fragment } from 'react';
-import { Authorizer } from '@authorizerdev/authorizer-react';
+import React, { Fragment, useState } from 'react';
+import {
+	AuthorizerBasicAuthLogin,
+	AuthorizerForgotPassword,
+	AuthorizerMagicLinkLogin,
+	AuthorizerSocialLogin,
+	useAuthorizer,
+} from '@authorizerdev/authorizer-react';
+import styled from 'styled-components';
+import { Link } from 'react-router-dom';
 
-export default function Login() {
+const enum VIEW_TYPES {
+	LOGIN = 'login',
+	FORGOT_PASSWORD = 'forgot-password',
+}
+
+const Footer = styled.div`
+	display: flex;
+	flex-direction: column;
+	justify-content: center;
+	align-items: center;
+	margin-top: 15px;
+`;
+
+const FooterContent = styled.div`
+	display: flex;
+	justify-content: center;
+	align-items: center;
+	margin-top: 10px;
+`;
+
+export default function Login({ urlProps }: { urlProps: Record<string, any> }) {
+	const { config } = useAuthorizer();
+	const [view, setView] = useState<VIEW_TYPES>(VIEW_TYPES.LOGIN);
 	return (
 		<Fragment>
-			<Authorizer />
+			{view === VIEW_TYPES.LOGIN && (
+				<Fragment>
+					<h1 style={{ textAlign: 'center' }}>Login</h1>
+					<br />
+					<AuthorizerSocialLogin urlProps={urlProps} />
+					{config.is_basic_authentication_enabled &&
+						!config.is_magic_link_login_enabled && (
+							<AuthorizerBasicAuthLogin urlProps={urlProps} />
+						)}
+					{config.is_magic_link_login_enabled && (
+						<AuthorizerMagicLinkLogin urlProps={urlProps} />
+					)}
+					<Footer>
+						<Link
+							to="#"
+							onClick={() => setView(VIEW_TYPES.FORGOT_PASSWORD)}
+							style={{ marginBottom: 10 }}
+						>
+							Forgot Password?
+						</Link>
+					</Footer>
+				</Fragment>
+			)}
+			{view === VIEW_TYPES.FORGOT_PASSWORD && (
+				<Fragment>
+					<h1 style={{ textAlign: 'center' }}>Forgot Password</h1>
+					<AuthorizerForgotPassword urlProps={urlProps} />
+					<Footer>
+						<Link
+							to="#"
+							onClick={() => setView(VIEW_TYPES.LOGIN)}
+							style={{ marginBottom: 10 }}
+						>
+							Back
+						</Link>
+					</Footer>
+				</Fragment>
+			)}
+			{config.is_sign_up_enabled && (
+				<FooterContent>
+					Don't have an account? <Link to="/app/signup"> Sign Up</Link>
+				</FooterContent>
+			)}
 		</Fragment>
 	);
 }

app/src/pages/setup-password.tsx

@@ -0,0 +1,12 @@
+import React, { Fragment } from 'react';
+import { AuthorizerResetPassword } from '@authorizerdev/authorizer-react';
+
+export default function SetupPassword() {
+	return (
+		<Fragment>
+			<h1 style={{ textAlign: 'center' }}>Setup new Password</h1>
+			<br />
+			<AuthorizerResetPassword />
+		</Fragment>
+	);
+}

app/src/pages/signup.tsx

@@ -0,0 +1,28 @@
+import React, { Fragment } from 'react';
+import { AuthorizerSignup } from '@authorizerdev/authorizer-react';
+import styled from 'styled-components';
+import { Link } from 'react-router-dom';
+
+const FooterContent = styled.div`
+	display: flex;
+	justify-content: center;
+	align-items: center;
+	margin-top: 20px;
+`;
+
+export default function SignUp({
+	urlProps,
+}: {
+	urlProps: Record<string, any>;
+}) {
+	return (
+		<Fragment>
+			<h1 style={{ textAlign: 'center' }}>Sign Up</h1>
+			<br />
+			<AuthorizerSignup urlProps={urlProps} />
+			<FooterContent>
+				Already have an account? <Link to="/app"> Login</Link>
+			</FooterContent>
+		</Fragment>
+	);
+}

app/src/theme.ts

@@ -0,0 +1,28 @@
+// colors: https://tailwindcss.com/docs/customizing-colors
+
+export const theme = {
+  colors: {
+    primary: '#3B82F6',
+    primaryDisabled: '#60A5FA',
+    gray: '#D1D5DB',
+    danger: '#DC2626',
+    success: '#10B981',
+    textColor: '#374151',
+  },
+  fonts: {
+    // typography
+    fontStack: '-apple-system, system-ui, sans-serif',
+
+    // font sizes
+    largeText: '18px',
+    mediumText: '14px',
+    smallText: '12px',
+    tinyText: '10px',
+  },
+
+  radius: {
+    card: '5px',
+    button: '5px',
+    input: '5px',
+  },
+};

app/src/utils/common.ts

@@ -0,0 +1,24 @@
+export const getCrypto = () => {
+	//ie 11.x uses msCrypto
+	return (window.crypto || (window as any).msCrypto) as Crypto;
+};
+
+export const createRandomString = () => {
+	const charset =
+		'0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_~.';
+	let random = '';
+	const randomValues = Array.from(
+		getCrypto().getRandomValues(new Uint8Array(43))
+	);
+	randomValues.forEach((v) => (random += charset[v % charset.length]));
+	return random;
+};
+
+export const createQueryParams = (params: any) => {
+	return Object.keys(params)
+		.filter((k) => typeof params[k] !== 'undefined')
+		.map((k) => encodeURIComponent(k) + '=' + encodeURIComponent(params[k]))
+		.join('&');
+};
+
+export const hasWindow = (): boolean => typeof window !== 'undefined';

dashboard/package-lock.json

@@ -10,6 +10,7 @@
 			"license": "ISC",
 			"dependencies": {
 				"@chakra-ui/react": "^1.7.3",
+				"@emotion/core": "^11.0.0",
 				"@emotion/react": "^11.7.1",
 				"@emotion/styled": "^11.6.0",
 				"@types/react": "^17.0.38",
@@ -17,11 +18,13 @@
 				"@types/react-router-dom": "^5.3.2",
 				"dayjs": "^1.10.7",
 				"esbuild": "^0.14.9",
+				"focus-visible": "^5.2.0",
 				"framer-motion": "^5.5.5",
 				"graphql": "^16.2.0",
 				"lodash": "^4.17.21",
 				"react": "^17.0.2",
 				"react-dom": "^17.0.2",
+				"react-dropzone": "^12.0.4",
 				"react-icons": "^4.3.1",
 				"react-router-dom": "^6.2.1",
 				"typescript": "^4.5.4",
@@ -977,6 +980,11 @@
 				"stylis": "4.0.13"
 			}
 		},
+		"node_modules/@emotion/core": {
+			"version": "11.0.0",
+			"resolved": "https://registry.npmjs.org/@emotion/core/-/core-11.0.0.tgz",
+			"integrity": "sha512-w4sE3AmHmyG6RDKf6mIbtHpgJUSJ2uGvPQb8VXFL7hFjMPibE8IiehG8cMX3Ztm4svfCQV6KqusQbeIOkurBcA=="
+		},
 		"node_modules/@emotion/hash": {
 			"version": "0.8.0",
 			"resolved": "https://registry.npmjs.org/@emotion/hash/-/hash-0.8.0.tgz",
@@ -1251,6 +1259,14 @@
 			"resolved": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz",
 			"integrity": "sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg=="
 		},
+		"node_modules/attr-accept": {
+			"version": "2.2.2",
+			"resolved": "https://registry.npmjs.org/attr-accept/-/attr-accept-2.2.2.tgz",
+			"integrity": "sha512-7prDjvt9HmqiZ0cl5CRjtS84sEyhsHP2coDkaZKRKVfCDo9s7iw7ChVmar78Gu9pC4SoR/28wFu/G5JJhTnqEg==",
+			"engines": {
+				"node": ">=4"
+			}
+		},
 		"node_modules/babel-plugin-macros": {
 			"version": "2.8.0",
 			"resolved": "https://registry.npmjs.org/babel-plugin-macros/-/babel-plugin-macros-2.8.0.tgz",
@@ -1631,6 +1647,17 @@
 				"url": "https://github.com/sponsors/sindresorhus"
 			}
 		},
+		"node_modules/file-selector": {
+			"version": "0.4.0",
+			"resolved": "https://registry.npmjs.org/file-selector/-/file-selector-0.4.0.tgz",
+			"integrity": "sha512-iACCiXeMYOvZqlF1kTiYINzgepRBymz1wwjiuup9u9nayhb6g4fSwiyJ/6adli+EPwrWtpgQAh2PoS7HukEGEg==",
+			"dependencies": {
+				"tslib": "^2.0.3"
+			},
+			"engines": {
+				"node": ">= 10"
+			}
+		},
 		"node_modules/find-root": {
 			"version": "1.1.0",
 			"resolved": "https://registry.npmjs.org/find-root/-/find-root-1.1.0.tgz",
@@ -1647,6 +1674,11 @@
 				"node": ">=10"
 			}
 		},
+		"node_modules/focus-visible": {
+			"version": "5.2.0",
+			"resolved": "https://registry.npmjs.org/focus-visible/-/focus-visible-5.2.0.tgz",
+			"integrity": "sha512-Rwix9pBtC1Nuy5wysTmKy+UjbDJpIfg8eHjw0rjZ1mX4GNLz1Bmd16uDpI3Gk1i70Fgcs8Csg2lPm8HULFg9DQ=="
+		},
 		"node_modules/framer-motion": {
 			"version": "5.5.5",
 			"resolved": "https://registry.npmjs.org/framer-motion/-/framer-motion-5.5.5.tgz",
@@ -1914,9 +1946,9 @@
 			}
 		},
 		"node_modules/prop-types": {
-			"version": "15.8.0",
-			"resolved": "https://registry.npmjs.org/prop-types/-/prop-types-15.8.0.tgz",
-			"integrity": "sha512-fDGekdaHh65eI3lMi5OnErU6a8Ighg2KjcjQxO7m8VHyWjcPyj5kiOgV1LQDOOOgVy3+5FgjXvdSSX7B8/5/4g==",
+			"version": "15.8.1",
+			"resolved": "https://registry.npmjs.org/prop-types/-/prop-types-15.8.1.tgz",
+			"integrity": "sha512-oj87CgZICdulUohogVAR7AjlC0327U4el4L6eAvOqCeudMDVU0NThNaV+b9Df4dXgSP1gXMTnPdhfe/2qDH5cg==",
 			"dependencies": {
 				"loose-envify": "^1.4.0",
 				"object-assign": "^4.1.1",
@@ -1959,6 +1991,22 @@
 				"react": "17.0.2"
 			}
 		},
+		"node_modules/react-dropzone": {
+			"version": "12.0.4",
+			"resolved": "https://registry.npmjs.org/react-dropzone/-/react-dropzone-12.0.4.tgz",
+			"integrity": "sha512-fcqHEYe1MzAghU6/Hz86lHDlBNsA+lO48nAcm7/wA+kIzwS6uuJbUG33tBZjksj7GAZ1iUQ6NHwjUURPmSGang==",
+			"dependencies": {
+				"attr-accept": "^2.2.2",
+				"file-selector": "^0.4.0",
+				"prop-types": "^15.8.1"
+			},
+			"engines": {
+				"node": ">= 10.13"
+			},
+			"peerDependencies": {
+				"react": ">= 16.8"
+			}
+		},
 		"node_modules/react-fast-compare": {
 			"version": "3.2.0",
 			"resolved": "https://registry.npmjs.org/react-fast-compare/-/react-fast-compare-3.2.0.tgz",
@@ -2481,8 +2529,7 @@
 		"@chakra-ui/css-reset": {
 			"version": "1.1.1",
 			"resolved": "https://registry.npmjs.org/@chakra-ui/css-reset/-/css-reset-1.1.1.tgz",
-			"integrity": "sha512-+KNNHL4OWqeKia5SL858K3Qbd8WxMij9mWIilBzLD4j2KFrl/+aWFw8syMKth3NmgIibrjsljo+PU3fy2o50dg==",
-			"requires": {}
+			"integrity": "sha512-+KNNHL4OWqeKia5SL858K3Qbd8WxMij9mWIilBzLD4j2KFrl/+aWFw8syMKth3NmgIibrjsljo+PU3fy2o50dg=="
 		},
 		"@chakra-ui/descendant": {
 			"version": "2.1.1",
@@ -3002,6 +3049,11 @@
 				"stylis": "4.0.13"
 			}
 		},
+		"@emotion/core": {
+			"version": "11.0.0",
+			"resolved": "https://registry.npmjs.org/@emotion/core/-/core-11.0.0.tgz",
+			"integrity": "sha512-w4sE3AmHmyG6RDKf6mIbtHpgJUSJ2uGvPQb8VXFL7hFjMPibE8IiehG8cMX3Ztm4svfCQV6KqusQbeIOkurBcA=="
+		},
 		"@emotion/hash": {
 			"version": "0.8.0",
 			"resolved": "https://registry.npmjs.org/@emotion/hash/-/hash-0.8.0.tgz",
@@ -3081,8 +3133,7 @@
 		"@graphql-typed-document-node/core": {
 			"version": "3.1.1",
 			"resolved": "https://registry.npmjs.org/@graphql-typed-document-node/core/-/core-3.1.1.tgz",
-			"integrity": "sha512-NQ17ii0rK1b34VZonlmT2QMJFI70m0TRwbknO/ihlbatXyaktDhN/98vBiUU6kNBPljqGqyIrl2T4nY2RpFANg==",
-			"requires": {}
+			"integrity": "sha512-NQ17ii0rK1b34VZonlmT2QMJFI70m0TRwbknO/ihlbatXyaktDhN/98vBiUU6kNBPljqGqyIrl2T4nY2RpFANg=="
 		},
 		"@popperjs/core": {
 			"version": "2.11.0",
@@ -3226,6 +3277,11 @@
 				}
 			}
 		},
+		"attr-accept": {
+			"version": "2.2.2",
+			"resolved": "https://registry.npmjs.org/attr-accept/-/attr-accept-2.2.2.tgz",
+			"integrity": "sha512-7prDjvt9HmqiZ0cl5CRjtS84sEyhsHP2coDkaZKRKVfCDo9s7iw7ChVmar78Gu9pC4SoR/28wFu/G5JJhTnqEg=="
+		},
 		"babel-plugin-macros": {
 			"version": "2.8.0",
 			"resolved": "https://registry.npmjs.org/babel-plugin-macros/-/babel-plugin-macros-2.8.0.tgz",
@@ -3478,6 +3534,14 @@
 			"resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz",
 			"integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA=="
 		},
+		"file-selector": {
+			"version": "0.4.0",
+			"resolved": "https://registry.npmjs.org/file-selector/-/file-selector-0.4.0.tgz",
+			"integrity": "sha512-iACCiXeMYOvZqlF1kTiYINzgepRBymz1wwjiuup9u9nayhb6g4fSwiyJ/6adli+EPwrWtpgQAh2PoS7HukEGEg==",
+			"requires": {
+				"tslib": "^2.0.3"
+			}
+		},
 		"find-root": {
 			"version": "1.1.0",
 			"resolved": "https://registry.npmjs.org/find-root/-/find-root-1.1.0.tgz",
@@ -3491,6 +3555,11 @@
 				"tslib": "^2.0.3"
 			}
 		},
+		"focus-visible": {
+			"version": "5.2.0",
+			"resolved": "https://registry.npmjs.org/focus-visible/-/focus-visible-5.2.0.tgz",
+			"integrity": "sha512-Rwix9pBtC1Nuy5wysTmKy+UjbDJpIfg8eHjw0rjZ1mX4GNLz1Bmd16uDpI3Gk1i70Fgcs8Csg2lPm8HULFg9DQ=="
+		},
 		"framer-motion": {
 			"version": "5.5.5",
 			"resolved": "https://registry.npmjs.org/framer-motion/-/framer-motion-5.5.5.tgz",
@@ -3707,9 +3776,9 @@
 			}
 		},
 		"prop-types": {
-			"version": "15.8.0",
-			"resolved": "https://registry.npmjs.org/prop-types/-/prop-types-15.8.0.tgz",
-			"integrity": "sha512-fDGekdaHh65eI3lMi5OnErU6a8Ighg2KjcjQxO7m8VHyWjcPyj5kiOgV1LQDOOOgVy3+5FgjXvdSSX7B8/5/4g==",
+			"version": "15.8.1",
+			"resolved": "https://registry.npmjs.org/prop-types/-/prop-types-15.8.1.tgz",
+			"integrity": "sha512-oj87CgZICdulUohogVAR7AjlC0327U4el4L6eAvOqCeudMDVU0NThNaV+b9Df4dXgSP1gXMTnPdhfe/2qDH5cg==",
 			"requires": {
 				"loose-envify": "^1.4.0",
 				"object-assign": "^4.1.1",
@@ -3743,6 +3812,16 @@
 				"scheduler": "^0.20.2"
 			}
 		},
+		"react-dropzone": {
+			"version": "12.0.4",
+			"resolved": "https://registry.npmjs.org/react-dropzone/-/react-dropzone-12.0.4.tgz",
+			"integrity": "sha512-fcqHEYe1MzAghU6/Hz86lHDlBNsA+lO48nAcm7/wA+kIzwS6uuJbUG33tBZjksj7GAZ1iUQ6NHwjUURPmSGang==",
+			"requires": {
+				"attr-accept": "^2.2.2",
+				"file-selector": "^0.4.0",
+				"prop-types": "^15.8.1"
+			}
+		},
 		"react-fast-compare": {
 			"version": "3.2.0",
 			"resolved": "https://registry.npmjs.org/react-fast-compare/-/react-fast-compare-3.2.0.tgz",
@@ -3764,8 +3843,7 @@
 		"react-icons": {
 			"version": "4.3.1",
 			"resolved": "https://registry.npmjs.org/react-icons/-/react-icons-4.3.1.tgz",
-			"integrity": "sha512-cB10MXLTs3gVuXimblAdI71jrJx8njrJZmNMEMC+sQu5B/BIOmlsAjskdqpn81y8UBVEGuHODd7/ci5DvoSzTQ==",
-			"requires": {}
+			"integrity": "sha512-cB10MXLTs3gVuXimblAdI71jrJx8njrJZmNMEMC+sQu5B/BIOmlsAjskdqpn81y8UBVEGuHODd7/ci5DvoSzTQ=="
 		},
 		"react-is": {
 			"version": "16.13.1",
@@ -3951,8 +4029,7 @@
 		"use-callback-ref": {
 			"version": "1.2.5",
 			"resolved": "https://registry.npmjs.org/use-callback-ref/-/use-callback-ref-1.2.5.tgz",
-			"integrity": "sha512-gN3vgMISAgacF7sqsLPByqoePooY3n2emTH59Ur5d/M8eg4WTWu1xp8i8DHjohftIyEx0S08RiYxbffr4j8Peg==",
-			"requires": {}
+			"integrity": "sha512-gN3vgMISAgacF7sqsLPByqoePooY3n2emTH59Ur5d/M8eg4WTWu1xp8i8DHjohftIyEx0S08RiYxbffr4j8Peg=="
 		},
 		"use-sidecar": {
 			"version": "1.0.5",

dashboard/package.json

@@ -12,6 +12,7 @@
 	"license": "ISC",
 	"dependencies": {
 		"@chakra-ui/react": "^1.7.3",
+		"@emotion/core": "^11.0.0",
 		"@emotion/react": "^11.7.1",
 		"@emotion/styled": "^11.6.0",
 		"@types/react": "^17.0.38",
@@ -19,11 +20,13 @@
 		"@types/react-router-dom": "^5.3.2",
 		"dayjs": "^1.10.7",
 		"esbuild": "^0.14.9",
+		"focus-visible": "^5.2.0",
 		"framer-motion": "^5.5.5",
 		"graphql": "^16.2.0",
 		"lodash": "^4.17.21",
 		"react": "^17.0.2",
 		"react-dom": "^17.0.2",
+		"react-dropzone": "^12.0.4",
 		"react-icons": "^4.3.1",
 		"react-router-dom": "^6.2.1",
 		"typescript": "^4.5.4",

dashboard/public/sample.csv

@@ -0,0 +1 @@
+foo@bar.com,test@authorizer.dev

dashboard/src/App.tsx

@@ -1,4 +1,5 @@
 import * as React from 'react';
+import { Fragment } from 'react';
 import { ChakraProvider, extendTheme } from '@chakra-ui/react';
 import { BrowserRouter } from 'react-router-dom';
 import { createClient, Provider } from 'urql';
@@ -10,6 +11,9 @@ const queryClient = createClient({
 	fetchOptions: () => {
 		return {
 			credentials: 'include',
+			headers: {
+				'x-authorizer-url': window.location.origin,
+			},
 		};
 	},
 	requestPolicy: 'network-only',
@@ -19,8 +23,8 @@ const theme = extendTheme({
 	styles: {
 		global: {
 			'html, body, #root': {
-				fontFamily: 'Avenir, Helvetica, Arial, sans-serif',
 				height: '100%',
+				outline: 'none',
 			},
 		},
 	},
@@ -33,14 +37,16 @@ const theme = extendTheme({
 
 export default function App() {
 	return (
-		<ChakraProvider theme={theme}>
-			<Provider value={queryClient}>
-				<BrowserRouter basename="/dashboard">
-					<AuthContextProvider>
-						<AppRoutes />
-					</AuthContextProvider>
-				</BrowserRouter>
-			</Provider>
-		</ChakraProvider>
+		<Fragment>
+			<ChakraProvider theme={theme}>
+				<Provider value={queryClient}>
+					<BrowserRouter basename="/dashboard">
+						<AuthContextProvider>
+							<AppRoutes />
+						</AuthContextProvider>
+					</BrowserRouter>
+				</Provider>
+			</ChakraProvider>
+		</Fragment>
 	);
 }

dashboard/src/components/EnvComponents/AccessToken.tsx

@@ -0,0 +1,65 @@
+import React from "react";
+import { Flex, Stack, Text, useMediaQuery } from "@chakra-ui/react";
+import InputField from "../../components/InputField";
+import { TextInputType, TextAreaInputType } from "../../constants";
+
+const AccessToken = ({ variables, setVariables }: any) => {
+  const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
+  return (
+    <div>
+      {" "}
+      <Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
+        Access Token
+      </Text>
+      <Stack spacing={6} padding="2% 0%">
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex
+            w={isNotSmallerScreen ? "30%" : "50%"}
+            justifyContent="start"
+            alignItems="center"
+          >
+            <Text fontSize="sm">Access Token Expiry Time:</Text>
+          </Flex>
+          <Flex
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "3"}
+          >
+            <InputField
+              borderRadius={5}
+              variables={variables}
+              setVariables={setVariables}
+              inputType={TextInputType.ACCESS_TOKEN_EXPIRY_TIME}
+              placeholder="0h15m0s"
+            />
+          </Flex>
+        </Flex>
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex
+            w={isNotSmallerScreen ? "30%" : "60%"}
+            justifyContent="start"
+            direction="column"
+          >
+            <Text fontSize="sm">Custom Scripts:</Text>
+            <Text fontSize="xs" color="blackAlpha.500">
+              (Used to add custom fields in ID token)
+            </Text>
+          </Flex>
+          <Flex
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "3"}
+          >
+            <InputField
+              variables={variables}
+              setVariables={setVariables}
+              inputType={TextAreaInputType.CUSTOM_ACCESS_TOKEN_SCRIPT}
+              placeholder="Add script here"
+              minH="25vh"
+            />
+          </Flex>
+        </Flex>
+      </Stack>
+    </div>
+  );
+};
+
+export default AccessToken;

dashboard/src/components/EnvComponents/DatabaseCredentials.tsx

@@ -0,0 +1,88 @@
+import React from "react";
+import { Flex, Stack, Center, Text, useMediaQuery } from "@chakra-ui/react";
+
+import InputField from "../../components/InputField";
+import { TextInputType } from "../../constants";
+
+const DatabaseCredentials = ({ variables, setVariables }: any) => {
+  const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
+  return (
+    <div>
+      {" "}
+      <Text fontSize="md" paddingTop="2%" fontWeight="bold">
+        Database Credentials
+      </Text>
+      <Stack spacing={6} padding="3% 0">
+        <Text fontStyle="italic" fontSize="sm" color="blackAlpha.500" mt={3}>
+          Note: Database related environment variables cannot be updated from
+          dashboard :(
+        </Text>
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex
+            w={isNotSmallerScreen ? "30%" : "40%"}
+            justifyContent="start"
+            alignItems="center"
+          >
+            <Text fontSize="sm">DataBase Name:</Text>
+          </Flex>
+          <Center
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "3"}
+          >
+            <InputField
+              borderRadius={5}
+              variables={variables}
+              setVariables={setVariables}
+              inputType={TextInputType.DATABASE_NAME}
+              isDisabled={true}
+            />
+          </Center>
+        </Flex>
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex
+            w={isNotSmallerScreen ? "30%" : "40%"}
+            justifyContent="start"
+            alignItems="center"
+          >
+            <Text fontSize="sm">DataBase Type:</Text>
+          </Flex>
+          <Center
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "3"}
+          >
+            <InputField
+              borderRadius={5}
+              variables={variables}
+              setVariables={setVariables}
+              inputType={TextInputType.DATABASE_TYPE}
+              isDisabled={true}
+            />
+          </Center>
+        </Flex>
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex
+            w={isNotSmallerScreen ? "30%" : "40%"}
+            justifyContent="start"
+            alignItems="center"
+          >
+            <Text fontSize="sm">DataBase URL:</Text>
+          </Flex>
+          <Center
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "3"}
+          >
+            <InputField
+              borderRadius={5}
+              variables={variables}
+              setVariables={setVariables}
+              inputType={TextInputType.DATABASE_URL}
+              isDisabled={true}
+            />
+          </Center>
+        </Flex>
+      </Stack>
+    </div>
+  );
+};
+
+export default DatabaseCredentials;

dashboard/src/components/EnvComponents/DomainWhitelisting.tsx

@@ -0,0 +1,35 @@
+import React from "react";
+import { Flex, Stack, Center, Text, useMediaQuery } from "@chakra-ui/react";
+import InputField from "../../components/InputField";
+import { ArrayInputType} from "../../constants";
+
+const DomainWhiteListing = ({ variables, setVariables }: any) => {
+  const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
+  return (
+    <div>
+      {" "}
+      <Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
+        Domain White Listing
+      </Text>
+      <Stack spacing={6} padding="2% 0%">
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex w="30%" justifyContent="start" alignItems="center">
+            <Text fontSize="sm">Allowed Origins:</Text>
+          </Flex>
+          <Center
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "3"}
+          >
+            <InputField
+              variables={variables}
+              setVariables={setVariables}
+              inputType={ArrayInputType.ALLOWED_ORIGINS}
+            />
+          </Center>
+        </Flex>
+      </Stack>
+    </div>
+  );
+};
+
+export default DomainWhiteListing;

dashboard/src/components/EnvComponents/EmailConfiguration.tsx

@@ -0,0 +1,114 @@
+import React from "react";
+import { Flex, Stack, Center, Text, useMediaQuery } from "@chakra-ui/react";
+import InputField from "../../components/InputField";
+import { TextInputType, HiddenInputType} from "../../constants";
+const EmailConfigurations = ({
+  variables,
+  setVariables,
+  fieldVisibility,
+  setFieldVisibility,
+}: any) => {
+  const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
+  return (
+    <div>
+      {" "}
+      <Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
+        Email Configurations
+      </Text>
+      <Stack spacing={6} padding="2% 0%">
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex w="30%" justifyContent="start" alignItems="center">
+            <Text fontSize="sm">SMTP Host:</Text>
+          </Flex>
+          <Center
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "3"}
+          >
+            <InputField
+              borderRadius={5}
+              variables={variables}
+              setVariables={setVariables}
+              inputType={TextInputType.SMTP_HOST}
+            />
+          </Center>
+        </Flex>
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex w="30%" justifyContent="start" alignItems="center">
+            <Text fontSize="sm">SMTP Port:</Text>
+          </Flex>
+          <Center
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "3"}
+          >
+            <InputField
+              borderRadius={5}
+              variables={variables}
+              setVariables={setVariables}
+              inputType={TextInputType.SMTP_PORT}
+            />
+          </Center>
+        </Flex>
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex
+            w={isNotSmallerScreen ? "30%" : "40%"}
+            justifyContent="start"
+            alignItems="center"
+          >
+            <Text fontSize="sm">SMTP Username:</Text>
+          </Flex>
+          <Center
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "3"}
+          >
+            <InputField
+              borderRadius={5}
+              variables={variables}
+              setVariables={setVariables}
+              inputType={TextInputType.SMTP_USERNAME}
+            />
+          </Center>
+        </Flex>
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex
+            w={isNotSmallerScreen ? "30%" : "40%"}
+            justifyContent="start"
+            alignItems="center"
+          >
+            <Text fontSize="sm">SMTP Password:</Text>
+          </Flex>
+          <Center
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "3"}
+          >
+            <InputField
+              borderRadius={5}
+              variables={variables}
+              setVariables={setVariables}
+              fieldVisibility={fieldVisibility}
+              setFieldVisibility={setFieldVisibility}
+              inputType={HiddenInputType.SMTP_PASSWORD}
+            />
+          </Center>
+        </Flex>
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex w="30%" justifyContent="start" alignItems="center">
+            <Text fontSize="sm">From Email:</Text>
+          </Flex>
+          <Center
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "3"}
+          >
+            <InputField
+              borderRadius={5}
+              variables={variables}
+              setVariables={setVariables}
+              inputType={TextInputType.SENDER_EMAIL}
+            />
+          </Center>
+        </Flex>
+      </Stack>
+    </div>
+  );
+};
+
+export default EmailConfigurations;

dashboard/src/components/EnvComponents/JWTConfiguration.tsx

@@ -0,0 +1,154 @@
+import React from "react";
+import { Flex, Stack, Center, Text, useMediaQuery } from "@chakra-ui/react";
+import {
+  HiddenInputType,
+  TextInputType,
+  TextAreaInputType,
+} from "../../constants";
+import GenerateKeysModal from "../GenerateKeysModal";
+import InputField from "../InputField";
+
+const JSTConfigurations = ({
+  variables,
+  setVariables,
+  fieldVisibility,
+  setFieldVisibility,
+  SelectInputType,
+  getData,
+  HMACEncryptionType,
+  RSAEncryptionType,
+  ECDSAEncryptionType,
+}: any) => {
+  const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
+
+  return (
+    <div>
+      {" "}
+      <Flex
+        borderRadius={5}
+        width="100%"
+        justifyContent="space-between"
+        alignItems="center"
+        paddingTop="2%"
+      >
+        <Text
+          fontSize={isNotSmallerScreen ? "md" : "sm"}
+          fontWeight="bold"
+          mb={5}
+        >
+          JWT (JSON Web Tokens) Configurations
+        </Text>
+        <Flex mb={7}>
+          <GenerateKeysModal jwtType={variables.JWT_TYPE} getData={getData} />
+        </Flex>
+      </Flex>
+      <Stack spacing={6} padding="2% 0%">
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex w="30%" justifyContent="start" alignItems="center">
+            <Text fontSize="sm">JWT Type:</Text>
+          </Flex>
+          <Flex
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "2"}
+          >
+            <InputField
+              borderRadius={5}
+              variables={variables}
+              setVariables={setVariables}
+              inputType={SelectInputType}
+              value={SelectInputType}
+              options={{
+                ...HMACEncryptionType,
+                ...RSAEncryptionType,
+                ...ECDSAEncryptionType,
+              }}
+            />
+          </Flex>
+        </Flex>
+        {Object.values(HMACEncryptionType).includes(variables.JWT_TYPE) ? (
+          <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+            <Flex w="30%" justifyContent="start" alignItems="center">
+              <Text fontSize="sm">JWT Secret</Text>
+            </Flex>
+            <Center
+              w={isNotSmallerScreen ? "70%" : "100%"}
+              mt={isNotSmallerScreen ? "0" : "2"}
+            >
+              <InputField
+                borderRadius={5}
+                variables={variables}
+                setVariables={setVariables}
+                fieldVisibility={fieldVisibility}
+                setFieldVisibility={setFieldVisibility}
+                inputType={HiddenInputType.JWT_SECRET}
+              />
+            </Center>
+          </Flex>
+        ) : (
+          <>
+            <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+              <Flex w="30%" justifyContent="start" alignItems="center">
+                <Text fontSize="sm">Public Key</Text>
+              </Flex>
+              <Center
+                w={isNotSmallerScreen ? "70%" : "100%"}
+                mt={isNotSmallerScreen ? "0" : "2"}
+              >
+                <InputField
+                  borderRadius={5}
+                  variables={variables}
+                  setVariables={setVariables}
+                  inputType={TextAreaInputType.JWT_PUBLIC_KEY}
+                  placeholder="Add public key here"
+                  minH="25vh"
+                />
+              </Center>
+            </Flex>
+            <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+              <Flex w="30%" justifyContent="start" alignItems="center">
+                <Text fontSize="sm">Private Key</Text>
+              </Flex>
+              <Center
+                w={isNotSmallerScreen ? "70%" : "100%"}
+                mt={isNotSmallerScreen ? "0" : "2"}
+              >
+                <InputField
+                  borderRadius={5}
+                  variables={variables}
+                  setVariables={setVariables}
+                  inputType={TextAreaInputType.JWT_PRIVATE_KEY}
+                  placeholder="Add private key here"
+                  minH="25vh"
+                />
+              </Center>
+            </Flex>
+          </>
+        )}
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex
+            w={isNotSmallerScreen ? "30%" : "40%"}
+            justifyContent="start"
+            alignItems="center"
+          >
+            <Text fontSize="sm" orientation="vertical">
+              JWT Role Claim:
+            </Text>
+          </Flex>
+          <Center
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "2"}
+          >
+            <InputField
+              borderRadius={5}
+              variables={variables}
+              setVariables={setVariables}
+              inputType={TextInputType.JWT_ROLE_CLAIM}
+            />
+          </Center>
+        </Flex>
+      </Stack>
+    </div>
+  );
+};
+
+export default JSTConfigurations;

dashboard/src/components/EnvComponents/OAuthConfig.tsx

@@ -0,0 +1,191 @@
+import React from 'react';
+import InputField from '../InputField';
+import {
+	Flex,
+	Stack,
+	Center,
+	Text,
+	Box,
+	Divider,
+	useMediaQuery,
+} from '@chakra-ui/react';
+import { FaGoogle, FaGithub, FaFacebookF } from 'react-icons/fa';
+import { TextInputType, HiddenInputType } from '../../constants';
+
+const OAuthConfig = ({
+	envVariables,
+	setVariables,
+	fieldVisibility,
+	setFieldVisibility,
+}: any) => {
+	const [isNotSmallerScreen] = useMediaQuery('(min-width:667px)');
+	return (
+		<div>
+			<Box>
+				<Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={6}>
+					Authorizer Config
+				</Text>
+				<Stack spacing={6} padding="2% 0%">
+					<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
+						<Flex w="30%" justifyContent="start" alignItems="center">
+							<Text fontSize="sm">Client ID</Text>
+						</Flex>
+						<Center
+							w={isNotSmallerScreen ? '70%' : '100%'}
+							mt={isNotSmallerScreen ? '0' : '3'}
+						>
+							<InputField
+								variables={envVariables}
+								setVariables={() => {}}
+								inputType={TextInputType.CLIENT_ID}
+								placeholder="Client ID"
+								readOnly={true}
+							/>
+						</Center>
+					</Flex>
+					<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
+						<Flex w="30%" justifyContent="start" alignItems="center">
+							<Text fontSize="sm">Client Secret</Text>
+						</Flex>
+						<Center
+							w={isNotSmallerScreen ? '70%' : '100%'}
+							mt={isNotSmallerScreen ? '0' : '3'}
+						>
+							<InputField
+								variables={envVariables}
+								setVariables={setVariables}
+								fieldVisibility={fieldVisibility}
+								setFieldVisibility={setFieldVisibility}
+								inputType={HiddenInputType.CLIENT_SECRET}
+								placeholder="Client Secret"
+								readOnly={true}
+							/>
+						</Center>
+					</Flex>
+				</Stack>
+				<Divider mt={5} mb={2} color="blackAlpha.700" />
+				<Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={4}>
+					Social Media Logins
+				</Text>
+				<Stack spacing={6} padding="2% 0%">
+					<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
+						<Center
+							w={isNotSmallerScreen ? '55px' : '35px'}
+							h="35px"
+							marginRight="1.5%"
+							border="1px solid #ff3e30"
+							borderRadius="5px"
+						>
+							<FaGoogle style={{ color: '#ff3e30' }} />
+						</Center>
+						<Center
+							w={isNotSmallerScreen ? '70%' : '100%'}
+							mt={isNotSmallerScreen ? '0' : '3'}
+							marginRight="1.5%"
+						>
+							<InputField
+								borderRadius={5}
+								variables={envVariables}
+								setVariables={setVariables}
+								inputType={TextInputType.GOOGLE_CLIENT_ID}
+								placeholder="Google Client ID"
+							/>
+						</Center>
+						<Center
+							w={isNotSmallerScreen ? '70%' : '100%'}
+							mt={isNotSmallerScreen ? '0' : '3'}
+						>
+							<InputField
+								borderRadius={5}
+								variables={envVariables}
+								setVariables={setVariables}
+								fieldVisibility={fieldVisibility}
+								setFieldVisibility={setFieldVisibility}
+								inputType={HiddenInputType.GOOGLE_CLIENT_SECRET}
+								placeholder="Google Secret"
+							/>
+						</Center>
+					</Flex>
+					<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
+						<Center
+							w={isNotSmallerScreen ? '55px' : '35px'}
+							h="35px"
+							marginRight="1.5%"
+							border="1px solid #171515"
+							borderRadius="5px"
+						>
+							<FaGithub style={{ color: '#171515' }} />
+						</Center>
+						<Center
+							w={isNotSmallerScreen ? '70%' : '100%'}
+							mt={isNotSmallerScreen ? '0' : '3'}
+							marginRight="1.5%"
+						>
+							<InputField
+								borderRadius={5}
+								variables={envVariables}
+								setVariables={setVariables}
+								inputType={TextInputType.GITHUB_CLIENT_ID}
+								placeholder="Github Client ID"
+							/>
+						</Center>
+						<Center
+							w={isNotSmallerScreen ? '70%' : '100%'}
+							mt={isNotSmallerScreen ? '0' : '3'}
+						>
+							<InputField
+								borderRadius={5}
+								variables={envVariables}
+								setVariables={setVariables}
+								fieldVisibility={fieldVisibility}
+								setFieldVisibility={setFieldVisibility}
+								inputType={HiddenInputType.GITHUB_CLIENT_SECRET}
+								placeholder="Github Secret"
+							/>
+						</Center>
+					</Flex>
+					<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
+						<Center
+							w={isNotSmallerScreen ? '55px' : '35px'}
+							h="35px"
+							marginRight="1.5%"
+							border="1px solid #3b5998"
+							borderRadius="5px"
+						>
+							<FaFacebookF style={{ color: '#3b5998' }} />
+						</Center>
+						<Center
+							w={isNotSmallerScreen ? '70%' : '100%'}
+							mt={isNotSmallerScreen ? '0' : '3'}
+							marginRight="1.5%"
+						>
+							<InputField
+								borderRadius={5}
+								variables={envVariables}
+								setVariables={setVariables}
+								inputType={TextInputType.FACEBOOK_CLIENT_ID}
+								placeholder="Facebook Client ID"
+							/>
+						</Center>
+						<Center
+							w={isNotSmallerScreen ? '70%' : '100%'}
+							mt={isNotSmallerScreen ? '0' : '3'}
+						>
+							<InputField
+								borderRadius={5}
+								variables={envVariables}
+								setVariables={setVariables}
+								fieldVisibility={fieldVisibility}
+								setFieldVisibility={setFieldVisibility}
+								inputType={HiddenInputType.FACEBOOK_CLIENT_SECRET}
+								placeholder="Facebook Secret"
+							/>
+						</Center>
+					</Flex>
+				</Stack>
+			</Box>
+		</div>
+	);
+};
+
+export default OAuthConfig;

dashboard/src/components/EnvComponents/OrganizationInfo.tsx

@@ -0,0 +1,60 @@
+import React from "react";
+import { Flex, Stack, Center, Text, useMediaQuery } from "@chakra-ui/react";
+import InputField from "../InputField";
+import { TextInputType } from "../../constants";
+
+const OrganizationInfo = ({ variables, setVariables }: any) => {
+  const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
+  return (
+    <div>
+      {" "}
+      <Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
+        Organization Information
+      </Text>
+      <Stack spacing={6} padding="2% 0%">
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex
+            w={isNotSmallerScreen ? "30%" : "40%"}
+            justifyContent="start"
+            alignItems="center"
+          >
+            <Text fontSize="sm">Organization Name:</Text>
+          </Flex>
+          <Center
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "3"}
+          >
+            <InputField
+              borderRadius={5}
+              variables={variables}
+              setVariables={setVariables}
+              inputType={TextInputType.ORGANIZATION_NAME}
+            />
+          </Center>
+        </Flex>
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex
+            w={isNotSmallerScreen ? "30%" : "40%"}
+            justifyContent="start"
+            alignItems="center"
+          >
+            <Text fontSize="sm">Organization Logo:</Text>
+          </Flex>
+          <Center
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "3"}
+          >
+            <InputField
+              borderRadius={5}
+              variables={variables}
+              setVariables={setVariables}
+              inputType={TextInputType.ORGANIZATION_LOGO}
+            />
+          </Center>
+        </Flex>
+      </Stack>
+    </div>
+  );
+};
+
+export default OrganizationInfo;

dashboard/src/components/EnvComponents/Roles.tsx

@@ -0,0 +1,67 @@
+import React from "react";
+import { Flex, Stack, Center, Text, useMediaQuery } from "@chakra-ui/react";
+import { ArrayInputType } from "../../constants";
+import InputField from "../InputField";
+
+const Roles = ({ variables, setVariables }: any) => {
+  const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
+  return (
+    <div>
+      {" "}
+      <Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
+        Roles
+      </Text>
+      <Stack spacing={6} padding="2% 0%">
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex w="30%" justifyContent="start" alignItems="center">
+            <Text fontSize="sm">Roles:</Text>
+          </Flex>
+          <Center
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "2"}
+            overflow="hidden"
+          >
+            <InputField
+              borderRadius={7}
+              variables={variables}
+              setVariables={setVariables}
+              inputType={ArrayInputType.ROLES}
+            />
+          </Center>
+        </Flex>
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex w="30%" justifyContent="start" alignItems="center">
+            <Text fontSize="sm">Default Roles:</Text>
+          </Flex>
+          <Center
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "2"}
+          >
+            <InputField
+              variables={variables}
+              setVariables={setVariables}
+              inputType={ArrayInputType.DEFAULT_ROLES}
+            />
+          </Center>
+        </Flex>
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex w="30%" justifyContent="start" alignItems="center">
+            <Text fontSize="sm">Protected Roles:</Text>
+          </Flex>
+          <Center
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "2"}
+          >
+            <InputField
+              variables={variables}
+              setVariables={setVariables}
+              inputType={ArrayInputType.PROTECTED_ROLES}
+            />
+          </Center>
+        </Flex>
+      </Stack>
+    </div>
+  );
+};
+
+export default Roles;

dashboard/src/components/EnvComponents/SecurityAdminSecret.tsx

@@ -0,0 +1,138 @@
+import React from "react";
+import {
+  Flex,
+  Stack,
+  Center,
+  Text,
+  Input,
+  InputGroup,
+  InputRightElement,
+  useMediaQuery,
+} from "@chakra-ui/react";
+import { FaRegEyeSlash, FaRegEye } from "react-icons/fa";
+import InputField from "../InputField";
+import { HiddenInputType } from "../../constants";
+const SecurityAdminSecret = ({
+  variables,
+  setVariables,
+  fieldVisibility,
+  setFieldVisibility,
+  validateAdminSecretHandler,
+  adminSecret,
+}: any) => {
+  const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
+  return (
+    <div>
+      {" "}
+      <Text fontSize="md" paddingTop="2%" fontWeight="bold">
+        Security (Admin Secret)
+      </Text>
+      <Stack
+        spacing={6}
+        padding="0 5%"
+        marginTop="3%"
+        border="1px solid #ff7875"
+        borderRadius="5px"
+      >
+        <Flex
+          marginTop={isNotSmallerScreen ? "3%" : "5%"}
+          direction={isNotSmallerScreen ? "row" : "column"}
+        >
+          <Flex
+            mt={3}
+            w={isNotSmallerScreen ? "30%" : "40%"}
+            justifyContent="start"
+            alignItems="center"
+          >
+            <Text fontSize="sm">Old Admin Secret:</Text>
+          </Flex>
+          <Center
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "3"}
+          >
+            <InputGroup size="sm">
+              <Input
+                borderRadius={5}
+                size="sm"
+                placeholder="Enter Old Admin Secret"
+                value={adminSecret.value as string}
+                onChange={(event: any) => validateAdminSecretHandler(event)}
+                type={
+                  !fieldVisibility[HiddenInputType.OLD_ADMIN_SECRET]
+                    ? "password"
+                    : "text"
+                }
+              />
+              <InputRightElement
+                right="5px"
+                children={
+                  <Flex>
+                    {fieldVisibility[HiddenInputType.OLD_ADMIN_SECRET] ? (
+                      <Center
+                        w="25px"
+                        margin="0 1.5%"
+                        cursor="pointer"
+                        onClick={() =>
+                          setFieldVisibility({
+                            ...fieldVisibility,
+                            [HiddenInputType.OLD_ADMIN_SECRET]: false,
+                          })
+                        }
+                      >
+                        <FaRegEyeSlash color="#bfbfbf" />
+                      </Center>
+                    ) : (
+                      <Center
+                        w="25px"
+                        margin="0 1.5%"
+                        cursor="pointer"
+                        onClick={() =>
+                          setFieldVisibility({
+                            ...fieldVisibility,
+                            [HiddenInputType.OLD_ADMIN_SECRET]: true,
+                          })
+                        }
+                      >
+                        <FaRegEye color="#bfbfbf" />
+                      </Center>
+                    )}
+                  </Flex>
+                }
+              />
+            </InputGroup>
+          </Center>
+        </Flex>
+        <Flex
+          paddingBottom="3%"
+          direction={isNotSmallerScreen ? "row" : "column"}
+        >
+          <Flex
+            w={isNotSmallerScreen ? "30%" : "50%"}
+            justifyContent="start"
+            alignItems="center"
+          >
+            <Text fontSize="sm">New Admin Secret:</Text>
+          </Flex>
+          <Center
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "3"}
+          >
+            <InputField
+              borderRadius={5}
+              mb={3}
+              variables={variables}
+              setVariables={setVariables}
+              inputType={HiddenInputType.ADMIN_SECRET}
+              fieldVisibility={fieldVisibility}
+              setFieldVisibility={setFieldVisibility}
+              isDisabled={adminSecret.disableInputField}
+              placeholder="Enter New Admin Secret"
+            />
+          </Center>
+        </Flex>
+      </Stack>
+    </div>
+  );
+};
+
+export default SecurityAdminSecret;

dashboard/src/components/EnvComponents/SessionStorage.tsx

@@ -0,0 +1,36 @@
+import React from "react";
+import { Flex, Stack, Center, Text, useMediaQuery } from "@chakra-ui/react";
+import InputField from "../InputField";
+
+const SessionStorage = ({ variables, setVariables, RedisURL }: any) => {
+  const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
+  return (
+    <div>
+      {" "}
+      <Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
+        Session Storage
+      </Text>
+      <Stack spacing={6} padding="2% 0%">
+        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+          <Flex w="30%" justifyContent="start" alignItems="center">
+            <Text fontSize="sm">Redis URL:</Text>
+          </Flex>
+          <Center
+            w={isNotSmallerScreen ? "70%" : "100%"}
+            mt={isNotSmallerScreen ? "0" : "3"}
+          >
+            <InputField
+              borderRadius={5}
+              variables={variables}
+              setVariables={setVariables}
+              inputType={RedisURL}
+              placeholder="Redis URL"
+            />
+          </Center>
+        </Flex>
+      </Stack>
+    </div>
+  );
+};
+
+export default SessionStorage;

dashboard/src/components/EnvComponents/UICustomization.tsx

@@ -0,0 +1,79 @@
+import React from 'react';
+import { Flex, Stack, Text } from '@chakra-ui/react';
+import InputField from '../InputField';
+import { SwitchInputType } from '../../constants';
+
+const UICustomization = ({ variables, setVariables }: any) => {
+	return (
+		<div>
+			{' '}
+			<Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
+				Disable Features
+			</Text>
+			<Stack spacing={6} padding="2% 0%">
+				<Flex>
+					<Flex w="100%" justifyContent="start" alignItems="center">
+						<Text fontSize="sm">Disable Login Page:</Text>
+					</Flex>
+					<Flex justifyContent="start">
+						<InputField
+							variables={variables}
+							setVariables={setVariables}
+							inputType={SwitchInputType.DISABLE_LOGIN_PAGE}
+						/>
+					</Flex>
+				</Flex>
+				<Flex>
+					<Flex w="100%" justifyContent="start" alignItems="center">
+						<Text fontSize="sm">Disable Email Verification:</Text>
+					</Flex>
+					<Flex justifyContent="start">
+						<InputField
+							variables={variables}
+							setVariables={setVariables}
+							inputType={SwitchInputType.DISABLE_EMAIL_VERIFICATION}
+						/>
+					</Flex>
+				</Flex>
+				<Flex>
+					<Flex w="100%" justifyContent="start" alignItems="center">
+						<Text fontSize="sm">Disable Magic Login Link:</Text>
+					</Flex>
+					<Flex justifyContent="start">
+						<InputField
+							variables={variables}
+							setVariables={setVariables}
+							inputType={SwitchInputType.DISABLE_MAGIC_LINK_LOGIN}
+						/>
+					</Flex>
+				</Flex>
+				<Flex>
+					<Flex w="100%" justifyContent="start" alignItems="center">
+						<Text fontSize="sm">Disable Basic Authentication:</Text>
+					</Flex>
+					<Flex justifyContent="start">
+						<InputField
+							variables={variables}
+							setVariables={setVariables}
+							inputType={SwitchInputType.DISABLE_BASIC_AUTHENTICATION}
+						/>
+					</Flex>
+				</Flex>
+				<Flex>
+					<Flex w="100%" justifyContent="start" alignItems="center">
+						<Text fontSize="sm">Disable Sign Up:</Text>
+					</Flex>
+					<Flex justifyContent="start" mb={3}>
+						<InputField
+							variables={variables}
+							setVariables={setVariables}
+							inputType={SwitchInputType.DISABLE_SIGN_UP}
+						/>
+					</Flex>
+				</Flex>
+			</Stack>
+		</div>
+	);
+};
+
+export default UICustomization;

dashboard/src/components/GenerateKeysModal.tsx

@@ -0,0 +1,247 @@
+import React from 'react';
+import {
+	Button,
+	Center,
+	Flex,
+	Modal,
+	ModalBody,
+	ModalCloseButton,
+	ModalContent,
+	ModalFooter,
+	ModalHeader,
+	ModalOverlay,
+	useDisclosure,
+	Text,
+	useToast,
+	Input,
+	Spinner,
+} from '@chakra-ui/react';
+import { useClient } from 'urql';
+import { FaSave } from 'react-icons/fa';
+import {
+	ECDSAEncryptionType,
+	HMACEncryptionType,
+	RSAEncryptionType,
+	SelectInputType,
+	TextAreaInputType,
+} from '../constants';
+import InputField from './InputField';
+import { GenerateKeys, UpdateEnvVariables } from '../graphql/mutation';
+
+interface propTypes {
+	jwtType: string;
+	getData: Function;
+}
+
+interface stateVarTypes {
+	JWT_TYPE: string;
+	JWT_SECRET: string;
+	JWT_PRIVATE_KEY: string;
+	JWT_PUBLIC_KEY: string;
+}
+
+const initState: stateVarTypes = {
+	JWT_TYPE: '',
+	JWT_SECRET: '',
+	JWT_PRIVATE_KEY: '',
+	JWT_PUBLIC_KEY: '',
+};
+
+const GenerateKeysModal = ({ jwtType, getData }: propTypes) => {
+	const client = useClient();
+	const toast = useToast();
+	const { isOpen, onOpen, onClose } = useDisclosure();
+	const [stateVariables, setStateVariables] = React.useState<stateVarTypes>({
+		...initState,
+	});
+	const [isLoading, setIsLoading] = React.useState(false);
+
+	React.useEffect(() => {
+		if (isOpen) {
+			setStateVariables({ ...initState, JWT_TYPE: jwtType });
+		}
+	}, [isOpen]);
+
+	const fetchKeys = async () => {
+		setIsLoading(true);
+		try {
+			const res = await client
+				.mutation(GenerateKeys, { params: { type: stateVariables.JWT_TYPE } })
+				.toPromise();
+			if (res?.error) {
+				toast({
+					title: 'Error occurred generating jwt keys',
+					isClosable: true,
+					status: 'error',
+					position: 'bottom-right',
+				});
+				closeHandler();
+			} else {
+				setStateVariables({
+					...stateVariables,
+					JWT_SECRET: res?.data?._generate_jwt_keys?.secret || '',
+					JWT_PRIVATE_KEY: res?.data?._generate_jwt_keys?.private_key || '',
+					JWT_PUBLIC_KEY: res?.data?._generate_jwt_keys?.public_key || '',
+				});
+			}
+		} catch (error) {
+			console.log(error);
+		} finally {
+			setIsLoading(false);
+		}
+	};
+
+	React.useEffect(() => {
+		if (isOpen && stateVariables.JWT_TYPE) {
+			fetchKeys();
+		}
+	}, [stateVariables.JWT_TYPE]);
+
+	const saveHandler = async () => {
+		const res = await client
+			.mutation(UpdateEnvVariables, { params: { ...stateVariables } })
+			.toPromise();
+
+		if (res.error) {
+			toast({
+				title: 'Error occurred setting jwt keys',
+				isClosable: true,
+				status: 'error',
+				position: 'bottom-right',
+			});
+
+			return;
+		}
+		toast({
+			title: 'JWT keys updated successfully',
+			isClosable: true,
+			status: 'success',
+			position: 'bottom-right',
+		});
+		closeHandler();
+	};
+
+	const closeHandler = () => {
+		setStateVariables({ ...initState });
+		getData();
+		onClose();
+	};
+
+	return (
+		<>
+			<Button
+				colorScheme="blue"
+				h="1.75rem"
+				size="sm"
+				variant="ghost"
+				onClick={onOpen}
+			>
+				Generate new keys
+			</Button>
+			<Modal isOpen={isOpen} onClose={closeHandler}>
+				<ModalOverlay />
+				<ModalContent>
+					<ModalHeader>New JWT keys</ModalHeader>
+					<ModalCloseButton />
+					<ModalBody>
+						<Flex>
+							<Flex w="30%" justifyContent="start" alignItems="center">
+								<Text fontSize="sm">JWT Type:</Text>
+							</Flex>
+							<InputField
+								variables={stateVariables}
+								setVariables={setStateVariables}
+								inputType={SelectInputType.JWT_TYPE}
+								value={SelectInputType.JWT_TYPE}
+								options={{
+									...HMACEncryptionType,
+									...RSAEncryptionType,
+									...ECDSAEncryptionType,
+								}}
+							/>
+						</Flex>
+						{isLoading ? (
+							<Center minH="25vh">
+								<Spinner />
+							</Center>
+						) : (
+							<>
+								{Object.values(HMACEncryptionType).includes(
+									stateVariables.JWT_TYPE
+								) ? (
+									<Flex marginTop="8">
+										<Flex w="23%" justifyContent="start" alignItems="center">
+											<Text fontSize="sm">JWT Secret</Text>
+										</Flex>
+										<Center w="77%">
+											<Input
+												size="sm"
+												value={stateVariables.JWT_SECRET}
+												onChange={(event: any) =>
+													setStateVariables({
+														...stateVariables,
+														JWT_SECRET: event.target.value,
+													})
+												}
+												readOnly
+											/>
+										</Center>
+									</Flex>
+								) : (
+									<>
+										<Flex marginTop="8">
+											<Flex w="23%" justifyContent="start" alignItems="center">
+												<Text fontSize="sm">Public Key</Text>
+											</Flex>
+											<Center w="77%">
+												<InputField
+													variables={stateVariables}
+													setVariables={setStateVariables}
+													inputType={TextAreaInputType.JWT_PUBLIC_KEY}
+													placeholder="Add public key here"
+													minH="25vh"
+													readOnly
+												/>
+											</Center>
+										</Flex>
+										<Flex marginTop="8">
+											<Flex w="23%" justifyContent="start" alignItems="center">
+												<Text fontSize="sm">Private Key</Text>
+											</Flex>
+											<Center w="77%">
+												<InputField
+													variables={stateVariables}
+													setVariables={setStateVariables}
+													inputType={TextAreaInputType.JWT_PRIVATE_KEY}
+													placeholder="Add private key here"
+													minH="25vh"
+													readOnly
+												/>
+											</Center>
+										</Flex>
+									</>
+								)}
+							</>
+						)}
+					</ModalBody>
+
+					<ModalFooter>
+						<Button
+							leftIcon={<FaSave />}
+							colorScheme="blue"
+							variant="solid"
+							onClick={saveHandler}
+							isDisabled={isLoading}
+						>
+							<Center h="100%" pt="5%">
+								Apply
+							</Center>
+						</Button>
+					</ModalFooter>
+				</ModalContent>
+			</Modal>
+		</>
+	);
+};
+
+export default GenerateKeysModal;

dashboard/src/components/InputField.tsx

@@ -13,6 +13,7 @@ import {
 	Textarea,
 	Switch,
 	Code,
+	Text,
 } from '@chakra-ui/react';
 import {
 	FaRegClone,
@@ -116,7 +117,7 @@ const InputField = ({
 			<InputGroup size="sm">
 				<Input
 					{...props}
-					value={variables[inputType]}
+					value={variables[inputType] ?? ''}
 					onChange={(
 						event: Event & {
 							target: HTMLInputElement;
@@ -181,8 +182,9 @@ const InputField = ({
 			<Flex
 				border="1px solid #e2e8f0"
 				w="100%"
+				borderRadius={5}
 				paddingTop="0.5%"
-				overflowX="scroll"
+				overflowX={variables[inputType].length > 3 ? 'scroll' : 'hidden'}
 				overflowY="hidden"
 				justifyContent="start"
 				alignItems="center"
@@ -220,7 +222,7 @@ const InputField = ({
 							size="xs"
 							minW="150px"
 							placeholder="add a new value"
-							value={inputData[inputType]}
+							value={inputData[inputType] ?? ''}
 							onChange={(e: any) => {
 								setInputData({ ...inputData, [inputType]: e.target.value });
 							}}
@@ -259,17 +261,6 @@ const InputField = ({
 		);
 	}
 	if (Object.values(SelectInputType).includes(inputType)) {
-		if (inputType === SelectInputType.JWT_TYPE) {
-			return (
-				<Select size="sm" {...props}>
-					{[variables[inputType]].map((value: string) => (
-						<option value="value" key={value}>
-							{value}
-						</option>
-					))}
-				</Select>
-			);
-		}
 		const { options, ...rest } = props;
 		return (
 			<Select
@@ -293,17 +284,27 @@ const InputField = ({
 			<Textarea
 				{...props}
 				size="lg"
-				value={inputData[inputType]}
-				onChange={(e: any) => {
-					setInputData({ ...inputData, [inputType]: e.target.value });
-				}}
+				fontSize={14}
+				value={variables[inputType] ? variables[inputType] : ''}
+				onChange={(
+					event: Event & {
+						target: HTMLInputElement;
+					}
+				) =>
+					setVariables({
+						...variables,
+						[inputType]: event.target.value,
+					})
+				}
 			/>
 		);
 	}
 	if (Object.values(SwitchInputType).includes(inputType)) {
 		return (
 			<Flex w="25%" justifyContent="space-between">
-				<Code h="75%">Off</Code>
+				<Text h="75%" fontWeight="bold" marginRight="2">
+					Off
+				</Text>
 				<Switch
 					size="md"
 					isChecked={variables[inputType]}
@@ -314,7 +315,9 @@ const InputField = ({
 						});
 					}}
 				/>
-				<Code h="75%">On</Code>
+				<Text h="75%" fontWeight="bold" marginLeft="2">
+					On
+				</Text>
 			</Flex>
 		);
 	}

dashboard/src/components/InviteMembersModal.tsx

@@ -0,0 +1,385 @@
+import React, { useState, useCallback, useEffect } from 'react';
+import {
+	Button,
+	Center,
+	Flex,
+	Modal,
+	ModalBody,
+	ModalCloseButton,
+	ModalContent,
+	ModalFooter,
+	ModalHeader,
+	ModalOverlay,
+	useDisclosure,
+	useToast,
+	Tabs,
+	TabList,
+	Tab,
+	TabPanels,
+	TabPanel,
+	InputGroup,
+	Input,
+	InputRightElement,
+	Text,
+	Link,
+	Tooltip
+} from '@chakra-ui/react';
+import { useClient } from 'urql';
+import { FaUserPlus, FaMinusCircle, FaPlus, FaUpload } from 'react-icons/fa';
+import { useDropzone } from 'react-dropzone';
+import { validateEmail, validateURI } from '../utils';
+import { InviteMembers } from '../graphql/mutation';
+import { ArrayInputOperations } from '../constants';
+import parseCSV from '../utils/parseCSV';
+
+interface stateDataTypes {
+	value: string;
+	isInvalid: boolean;
+}
+
+interface requestParamTypes {
+	emails: string[];
+	redirect_uri?: string;
+}
+
+const initData: stateDataTypes = {
+	value: '',
+	isInvalid: false,
+};
+
+const InviteMembersModal = ({
+	updateUserList,
+	disabled = true,
+}: {
+	updateUserList: Function;
+	disabled: boolean;
+}) => {
+	const client = useClient();
+	const toast = useToast();
+	const { isOpen, onOpen, onClose } = useDisclosure();
+	const [tabIndex, setTabIndex] = useState<number>(0);
+	const [redirectURI, setRedirectURI] = useState<stateDataTypes>({
+		...initData,
+	});
+	const [emails, setEmails] = useState<stateDataTypes[]>([{ ...initData }]);
+	const [disableSendButton, setDisableSendButton] = useState<boolean>(false);
+	const [loading, setLoading] = React.useState<boolean>(false);
+	useEffect(() => {
+		if (redirectURI.isInvalid) {
+			setDisableSendButton(true);
+		} else if (emails.some((emailData) => emailData.isInvalid)) {
+			setDisableSendButton(true);
+		} else {
+			setDisableSendButton(false);
+		}
+	}, [redirectURI, emails]);
+	useEffect(() => {
+		return () => {
+			setRedirectURI({ ...initData });
+			setEmails([{ ...initData }]);
+		};
+	}, []);
+	const sendInviteHandler = async () => {
+		setLoading(true);
+		try {
+			const emailList = emails
+				.filter((emailData) => !emailData.isInvalid)
+				.map((emailData) => emailData.value);
+			const params: requestParamTypes = {
+				emails: emailList,
+			};
+			if (redirectURI.value !== '' && !redirectURI.isInvalid) {
+				params.redirect_uri = redirectURI.value;
+			}
+			if (emailList.length > 0) {
+				const res = await client
+					.mutation(InviteMembers, {
+						params,
+					})
+					.toPromise();
+				if (res.error) {
+					throw new Error('Internal server error');
+					return;
+				}
+				toast({
+					title: 'Invites sent successfully!',
+					isClosable: true,
+					status: 'success',
+					position: 'bottom-right',
+				});
+				setLoading(false);
+				updateUserList();
+			} else {
+				throw new Error('Please add emails');
+			}
+		} catch (error: any) {
+			toast({
+				title: error?.message || 'Error occurred, try again!',
+				isClosable: true,
+				status: 'error',
+				position: 'bottom-right',
+			});
+			setLoading(false);
+		}
+		closeModalHandler();
+	};
+	const updateEmailListHandler = (operation: string, index: number = 0) => {
+		switch (operation) {
+			case ArrayInputOperations.APPEND:
+				setEmails([...emails, { ...initData }]);
+				break;
+			case ArrayInputOperations.REMOVE:
+				const updatedEmailList = [...emails];
+				updatedEmailList.splice(index, 1);
+				setEmails(updatedEmailList);
+				break;
+			default:
+				break;
+		}
+	};
+	const inputChangeHandler = (value: string, index: number) => {
+		const updatedEmailList = [...emails];
+		updatedEmailList[index].value = value;
+		updatedEmailList[index].isInvalid = !validateEmail(value);
+		setEmails(updatedEmailList);
+	};
+	const changeTabsHandler = (index: number) => {
+		setTabIndex(index);
+	};
+	const onDrop = useCallback(async (acceptedFiles) => {
+		const result = await parseCSV(acceptedFiles[0], ',');
+		setEmails(result);
+		changeTabsHandler(0);
+	}, []);
+	const setRedirectURIHandler = (value: string) => {
+		const updatedRedirectURI: stateDataTypes = {
+			value: '',
+			isInvalid: false,
+		};
+		updatedRedirectURI.value = value;
+		updatedRedirectURI.isInvalid = !validateURI(value);
+		setRedirectURI(updatedRedirectURI);
+	};
+	const { getRootProps, getInputProps, isDragActive } = useDropzone({
+		onDrop,
+		accept: 'text/csv',
+	});
+	const closeModalHandler = () => {
+		setRedirectURI({
+			value: '',
+			isInvalid: false,
+		});
+		setEmails([
+			{
+				value: '',
+				isInvalid: false,
+			},
+		]);
+		onClose();
+	};
+	return (
+		<>
+			<Button
+				leftIcon={<FaUserPlus />}
+				colorScheme="blue"
+				variant="solid"
+				onClick={onOpen}
+				isDisabled={disabled}
+				size="sm"
+			>
+				 <Center h="100%">
+                   {disabled ? (
+                      <Tooltip
+                        mr={8}
+                        mt={1}
+                        hasArrow
+                        bg="gray.300"
+                        color="black"
+                        label="Email verification is disabled, refer to 'UI Customization' tab within 'Environment' to enable it."
+                      >
+                      Invite Members
+                      </Tooltip>
+                    ) : (
+                    "Invite Members"
+                    )}
+                  </Center>{" "}
+			</Button>
+			<Modal isOpen={isOpen} onClose={closeModalHandler} size="xl">
+				<ModalOverlay />
+				<ModalContent>
+					<ModalHeader>Invite Members</ModalHeader>
+					<ModalCloseButton />
+					<ModalBody>
+						<Tabs
+							isFitted
+							variant="enclosed"
+							index={tabIndex}
+							onChange={changeTabsHandler}
+						>
+							<TabList>
+								<Tab>Enter emails</Tab>
+								<Tab>Upload CSV</Tab>
+							</TabList>
+							<TabPanels
+								border="1px"
+								borderTop="0"
+								borderBottomRadius="5px"
+								borderColor="inherit"
+							>
+								<TabPanel>
+									<Flex flexDirection="column">
+										<Flex
+											width="100%"
+											justifyContent="start"
+											alignItems="center"
+											marginBottom="2%"
+										>
+											<Flex marginLeft="2.5%">Redirect URI</Flex>
+										</Flex>
+										<Flex
+											width="100%"
+											justifyContent="space-between"
+											alignItems="center"
+											marginBottom="2%"
+										>
+											<InputGroup size="md" marginBottom="2.5%">
+												<Input
+													pr="4.5rem"
+													type="text"
+													placeholder="https://domain.com/sign-up"
+													value={redirectURI.value}
+													isInvalid={redirectURI.isInvalid}
+													onChange={(e) =>
+														setRedirectURIHandler(e.currentTarget.value)
+													}
+												/>
+											</InputGroup>
+										</Flex>
+										<Flex
+											width="100%"
+											justifyContent="space-between"
+											alignItems="center"
+											marginBottom="2%"
+										>
+											<Flex marginLeft="2.5%">Emails</Flex>
+											<Flex>
+												<Button
+													leftIcon={<FaPlus />}
+													colorScheme="blue"
+													h="1.75rem"
+													size="sm"
+													variant="ghost"
+													onClick={() =>
+														updateEmailListHandler(ArrayInputOperations.APPEND)
+													}
+												>
+													Add more emails
+												</Button>
+											</Flex>
+										</Flex>
+										<Flex flexDirection="column" maxH={250} overflowY="scroll">
+											{emails.map((emailData, index) => (
+												<Flex
+													key={`email-data-${index}`}
+													justifyContent="center"
+													alignItems="center"
+												>
+													<InputGroup size="md" marginBottom="2.5%">
+														<Input
+															pr="4.5rem"
+															type="text"
+															placeholder="name@domain.com"
+															value={emailData.value}
+															isInvalid={emailData.isInvalid}
+															onChange={(e) =>
+																inputChangeHandler(e.currentTarget.value, index)
+															}
+														/>
+														<InputRightElement width="3rem">
+															<Button
+																h="1.75rem"
+																size="sm"
+																colorScheme="blackAlpha"
+																variant="ghost"
+																onClick={() =>
+																	updateEmailListHandler(
+																		ArrayInputOperations.REMOVE,
+																		index
+																	)
+																}
+															>
+																<FaMinusCircle />
+															</Button>
+														</InputRightElement>
+													</InputGroup>
+												</Flex>
+											))}
+										</Flex>
+									</Flex>
+								</TabPanel>
+								<TabPanel>
+									<Flex
+										justify="center"
+										align="center"
+										textAlign="center"
+										bg="#f0f0f0"
+										h={230}
+										p={50}
+										m={2}
+										borderRadius={5}
+										{...getRootProps()}
+									>
+										<input {...getInputProps()} />
+										{isDragActive ? (
+											<Text>Drop the files here...</Text>
+										) : (
+											<Flex
+												flexDirection="column"
+												justifyContent="center"
+												alignItems="center"
+											>
+												<Center boxSize="20" color="blackAlpha.500">
+													<FaUpload fontSize="40" />
+												</Center>
+												<Text>
+													Drag 'n' drop the csv file here, or click to select.
+												</Text>
+												<Text size="xs">
+													Download{' '}
+													<Link
+														href={`/dashboard/public/sample.csv`}
+														download="sample.csv"
+														color="blue.600"
+														onClick={(e) => e.stopPropagation()}
+													>
+														{' '}
+														sample.csv
+													</Link>{' '}
+													and modify it.{' '}
+												</Text>
+											</Flex>
+										)}
+									</Flex>
+								</TabPanel>
+							</TabPanels>
+						</Tabs>
+					</ModalBody>
+					<ModalFooter>
+						<Button
+							colorScheme="blue"
+							variant="solid"
+							onClick={sendInviteHandler}
+							isDisabled={disableSendButton || loading}
+						>
+							<Center h="100%" pt="5%">
+								Send
+							</Center>
+						</Button>
+					</ModalFooter>
+				</ModalContent>
+			</Modal>
+		</>
+	);
+};
+
+export default InviteMembersModal;

dashboard/src/components/Menu.tsx

@@ -1,4 +1,4 @@
-import React, { ReactNode } from 'react';
+import React, { Fragment, ReactNode } from 'react';
 import {
 	IconButton,
 	Box,
@@ -17,32 +17,100 @@ import {
 	MenuButton,
 	MenuItem,
 	MenuList,
+	Accordion,
+	AccordionButton,
+	AccordionPanel,
+	AccordionItem,
+	useMediaQuery,
 } from '@chakra-ui/react';
 import {
-	FiHome,
+	FiUser,
 	FiCode,
 	FiSettings,
 	FiMenu,
-	FiUser,
 	FiUsers,
 	FiChevronDown,
 } from 'react-icons/fi';
+import { BiCustomize } from 'react-icons/bi';
+import { AiOutlineKey } from 'react-icons/ai';
+import { SiOpenaccess, SiJsonwebtokens } from 'react-icons/si';
+import { MdSecurity } from 'react-icons/md';
+import { RiDatabase2Line } from 'react-icons/ri';
+import { BsCheck2Circle } from 'react-icons/bs';
+import { HiOutlineMail, HiOutlineOfficeBuilding } from 'react-icons/hi';
 import { IconType } from 'react-icons';
 import { ReactText } from 'react';
-import { useMutation } from 'urql';
+import { useMutation, useQuery } from 'urql';
 import { NavLink, useNavigate, useLocation } from 'react-router-dom';
 import { useAuthContext } from '../contexts/AuthContext';
 import { AdminLogout } from '../graphql/mutation';
+import { MetaQuery } from '../graphql/queries';
+
+interface SubRoutes {
+	name: string;
+	icon: IconType;
+	route: string;
+}
 
 interface LinkItemProps {
 	name: string;
 	icon: IconType;
 	route: string;
+	subRoutes?: SubRoutes[];
 }
 const LinkItems: Array<LinkItemProps> = [
-	{ name: 'Home', icon: FiHome, route: '/' },
+	{
+		name: 'Environment ',
+		icon: FiSettings,
+		route: '/',
+		subRoutes: [
+			{
+				name: 'OAuth Config',
+				icon: AiOutlineKey,
+				route: '/oauth-setting',
+			},
+
+			{ name: 'Roles', icon: FiUser, route: '/roles' },
+			{
+				name: 'JWT Secrets',
+				icon: SiJsonwebtokens,
+				route: '/jwt-config',
+			},
+			{
+				name: 'Session Storage',
+				icon: RiDatabase2Line,
+				route: '/session-storage',
+			},
+			{
+				name: 'Email Configurations',
+				icon: HiOutlineMail,
+				route: '/email-config',
+			},
+			{
+				name: 'Domain White Listing',
+				icon: BsCheck2Circle,
+				route: '/whitelist-variables',
+			},
+			{
+				name: 'Organization Info',
+				icon: HiOutlineOfficeBuilding,
+				route: '/organization-info',
+			},
+			{ name: 'Access Token', icon: SiOpenaccess, route: '/access-token' },
+			{
+				name: 'UI Customization',
+				icon: BiCustomize,
+				route: '/ui-customization',
+			},
+			{ name: 'Database', icon: RiDatabase2Line, route: '/db-cred' },
+			{
+				name: ' Security',
+				icon: MdSecurity,
+				route: '/admin-secret',
+			},
+		],
+	},
 	{ name: 'Users', icon: FiUsers, route: '/users' },
-	{ name: 'Environment Variables', icon: FiSettings, route: '/environment' },
 ];
 
 interface SidebarProps extends BoxProps {
@@ -51,20 +119,28 @@ interface SidebarProps extends BoxProps {
 
 export const Sidebar = ({ onClose, ...rest }: SidebarProps) => {
 	const { pathname } = useLocation();
+	const [{ data }] = useQuery({ query: MetaQuery });
+	const [isNotSmallerScreen] = useMediaQuery('(min-width:600px)');
 	return (
 		<Box
 			transition="3s ease"
 			bg={useColorModeValue('white', 'gray.900')}
 			borderRight="1px"
 			borderRightColor={useColorModeValue('gray.200', 'gray.700')}
-			w={{ base: 'full', md: 60 }}
+			w={{ base: 'full', md: '64' }}
 			pos="fixed"
 			h="full"
 			{...rest}
 		>
-			<Flex h="20" alignItems="center" mx="8" justifyContent="space-between">
+			<Flex
+				h="20"
+				alignItems="center"
+				mx="18"
+				justifyContent="space-between"
+				flexDirection="row"
+			>
 				<NavLink to="/">
-					<Flex alignItems="center">
+					<Flex alignItems="center" mt="6">
 						<Image
 							src="https://authorizer.dev/images/logo.png"
 							alt="logo"
@@ -77,34 +153,104 @@ export const Sidebar = ({ onClose, ...rest }: SidebarProps) => {
 				</NavLink>
 				<CloseButton display={{ base: 'flex', md: 'none' }} onClick={onClose} />
 			</Flex>
-			{LinkItems.map((link) => (
-				<NavLink key={link.name} to={link.route}>
-					<NavItem
-						icon={link.icon}
-						color={pathname === link.route ? 'blue.500' : ''}
-					>
-						{link.name}
-					</NavItem>
-				</NavLink>
-			))}
 
-			<Link
-				href="/playground"
-				target="_blank"
-				style={{
-					textDecoration: 'none',
-				}}
-				_focus={{ _boxShadow: 'none' }}
-			>
-				<NavItem icon={FiCode}>API Playground</NavItem>
-			</Link>
+			<Accordion defaultIndex={[0]} allowMultiple>
+				<AccordionItem textAlign="center" border="none" w="100%">
+					{LinkItems.map((link) =>
+						link?.subRoutes ? (
+							<div key={link.name}>
+								<AccordionButton _focus={{ boxShadow: 'none' }}>
+									<Text as="div" fontSize="md">
+										<NavItem
+											icon={link.icon}
+											color={pathname === link.route ? 'blue.500' : ''}
+											style={{ outline: 'unset' }}
+											height={12}
+											ml={-1}
+											mb={isNotSmallerScreen ? -1 : -4}
+											w={isNotSmallerScreen ? '100%' : '310%'}
+										>
+											<Fragment>
+												{link.name}
+												<Box display={{ base: 'none', md: 'flex' }} ml={12}>
+													<FiChevronDown />
+												</Box>
+											</Fragment>
+										</NavItem>
+									</Text>
+								</AccordionButton>
+								<AccordionPanel>
+									{link.subRoutes?.map((sublink) => (
+										<NavLink
+											key={sublink.name}
+											to={sublink.route}
+											onClick={onClose}
+										>
+											{' '}
+											<Text as="div" fontSize="xs" ml={2}>
+												<NavItem
+													icon={sublink.icon}
+													color={pathname === sublink.route ? 'blue.500' : ''}
+													height={8}
+												>
+													{sublink.name}
+												</NavItem>{' '}
+											</Text>
+										</NavLink>
+									))}
+								</AccordionPanel>
+							</div>
+						) : (
+							<NavLink key={link.name} to={link.route}>
+								{' '}
+								<Text as="div" fontSize="md" w="100%" mt={-2}>
+									<NavItem
+										icon={link.icon}
+										color={pathname === link.route ? 'blue.500' : ''}
+										height={12}
+										onClick={onClose}
+									>
+										{link.name}
+									</NavItem>{' '}
+								</Text>
+							</NavLink>
+						)
+					)}
+					<Link
+						href="/playground"
+						target="_blank"
+						style={{
+							textDecoration: 'none',
+						}}
+						_focus={{ _boxShadow: 'none' }}
+					>
+						<NavItem icon={FiCode}>API Playground</NavItem>
+					</Link>
+				</AccordionItem>
+			</Accordion>
+
+			{data?.meta?.version && (
+				<Flex alignContent="center">
+					{' '}
+					<Text
+						color="gray.400"
+						fontSize="sm"
+						textAlign="center"
+						position="absolute"
+						bottom="5"
+						left="7"
+					>
+						Current Version: {data.meta.version}
+					</Text>
+				</Flex>
+			)}
 		</Box>
 	);
 };
 
 interface NavItemProps extends FlexProps {
 	icon: IconType;
-	children: ReactText;
+	children: ReactText | JSX.Element | JSX.Element[];
 }
 export const NavItem = ({ icon, children, ...rest }: NavItemProps) => {
 	return (
@@ -152,7 +298,7 @@ export const MobileNav = ({ onOpen, ...rest }: MobileProps) => {
 
 	return (
 		<Flex
-			ml={{ base: 0, md: 60 }}
+			ml={{ base: 0, md: 64 }}
 			px={{ base: 4, md: 4 }}
 			height="20"
 			position="fixed"
@@ -189,7 +335,7 @@ export const MobileNav = ({ onOpen, ...rest }: MobileProps) => {
 							transition="all 0.3s"
 							_focus={{ boxShadow: 'none' }}
 						>
-							<HStack>
+							<HStack mr={5}>
 								<FiUser />
 								<VStack
 									display={{ base: 'none', md: 'flex' }}

dashboard/src/constants.ts

@@ -2,6 +2,8 @@ export const LOGO_URL =
 	'https://user-images.githubusercontent.com/6964334/147834043-fc384cab-e7ca-40f8-9663-38fc25fd5f3a.png';
 
 export const TextInputType = {
+	ACCESS_TOKEN_EXPIRY_TIME: 'ACCESS_TOKEN_EXPIRY_TIME',
+	CLIENT_ID: 'CLIENT_ID',
 	GOOGLE_CLIENT_ID: 'GOOGLE_CLIENT_ID',
 	GITHUB_CLIENT_ID: 'GITHUB_CLIENT_ID',
 	FACEBOOK_CLIENT_ID: 'FACEBOOK_CLIENT_ID',
@@ -25,6 +27,7 @@ export const TextInputType = {
 };
 
 export const HiddenInputType = {
+	CLIENT_SECRET: 'CLIENT_SECRET',
 	GOOGLE_CLIENT_SECRET: 'GOOGLE_CLIENT_SECRET',
 	GITHUB_CLIENT_SECRET: 'GITHUB_CLIENT_SECRET',
 	FACEBOOK_CLIENT_SECRET: 'FACEBOOK_CLIENT_SECRET',
@@ -49,6 +52,8 @@ export const SelectInputType = {
 
 export const TextAreaInputType = {
 	CUSTOM_ACCESS_TOKEN_SCRIPT: 'CUSTOM_ACCESS_TOKEN_SCRIPT',
+	JWT_PRIVATE_KEY: 'JWT_PRIVATE_KEY',
+	JWT_PUBLIC_KEY: 'JWT_PUBLIC_KEY',
 };
 
 export const SwitchInputType = {
@@ -56,6 +61,7 @@ export const SwitchInputType = {
 	DISABLE_MAGIC_LINK_LOGIN: 'DISABLE_MAGIC_LINK_LOGIN',
 	DISABLE_EMAIL_VERIFICATION: 'DISABLE_EMAIL_VERIFICATION',
 	DISABLE_BASIC_AUTHENTICATION: 'DISABLE_BASIC_AUTHENTICATION',
+	DISABLE_SIGN_UP: 'DISABLE_SIGN_UP',
 };
 
 export const DateInputType = {
@@ -66,3 +72,73 @@ export const ArrayInputOperations = {
 	APPEND: 'APPEND',
 	REMOVE: 'REMOVE',
 };
+
+export const HMACEncryptionType = {
+	HS256: 'HS256',
+	HS384: 'HS384',
+	HS512: 'HS512',
+};
+
+export const RSAEncryptionType = {
+	RS256: 'RS256',
+	RS384: 'RS384',
+	RS512: 'RS512',
+};
+
+export const ECDSAEncryptionType = {
+	ES256: 'ES256',
+	ES384: 'ES384',
+	ES512: 'ES512',
+};
+
+export interface envVarTypes {
+	GOOGLE_CLIENT_ID: string;
+	GOOGLE_CLIENT_SECRET: string;
+	GITHUB_CLIENT_ID: string;
+	GITHUB_CLIENT_SECRET: string;
+	FACEBOOK_CLIENT_ID: string;
+	FACEBOOK_CLIENT_SECRET: string;
+	ROLES: [string] | [];
+	DEFAULT_ROLES: [string] | [];
+	PROTECTED_ROLES: [string] | [];
+	JWT_TYPE: string;
+	JWT_SECRET: string;
+	JWT_ROLE_CLAIM: string;
+	JWT_PRIVATE_KEY: string;
+	JWT_PUBLIC_KEY: string;
+	REDIS_URL: string;
+	SMTP_HOST: string;
+	SMTP_PORT: string;
+	SMTP_USERNAME: string;
+	SMTP_PASSWORD: string;
+	SENDER_EMAIL: string;
+	ALLOWED_ORIGINS: [string] | [];
+	ORGANIZATION_NAME: string;
+	ORGANIZATION_LOGO: string;
+	CUSTOM_ACCESS_TOKEN_SCRIPT: string;
+	ADMIN_SECRET: string;
+	DISABLE_LOGIN_PAGE: boolean;
+	DISABLE_MAGIC_LINK_LOGIN: boolean;
+	DISABLE_EMAIL_VERIFICATION: boolean;
+	DISABLE_BASIC_AUTHENTICATION: boolean;
+	DISABLE_SIGN_UP: boolean;
+	OLD_ADMIN_SECRET: string;
+	DATABASE_NAME: string;
+	DATABASE_TYPE: string;
+	DATABASE_URL: string;
+	ACCESS_TOKEN_EXPIRY_TIME: string;
+}
+
+export const envSubViews = {
+	INSTANCE_INFO: 'instance-info',
+	ROLES: 'roles',
+	JWT_CONFIG: 'jwt-config',
+	SESSION_STORAGE: 'session-storage',
+	EMAIL_CONFIG: 'email-config',
+	WHITELIST_VARIABLES: 'whitelist-variables',
+	ORGANIZATION_INFO: 'organization-info',
+	ACCESS_TOKEN: 'access-token',
+	UI_CUSTOMIZATION: 'ui-customization',
+	ADMIN_SECRET: 'admin-secret',
+	DB_CRED: 'db-cred',
+};

dashboard/src/graphql/mutation/index.ts

@@ -45,3 +45,37 @@ export const DeleteUser = `
     }
   }
 `;
+
+export const InviteMembers = `
+  mutation inviteMembers($params: InviteMemberInput!) {
+    _invite_members(params: $params) {
+      message
+    }
+  }
+`;
+
+export const RevokeAccess = `
+  mutation revokeAccess($param: UpdateAccessInput!) {
+    _revoke_access(param: $param) {
+      message
+    }
+  }
+`;
+
+export const EnableAccess = `
+  mutation revokeAccess($param: UpdateAccessInput!) {
+    _enable_access(param: $param) {
+      message
+    }
+  }
+`;
+
+export const GenerateKeys = `
+  mutation generateKeys($params: GenerateJWTKeysInput!) {
+    _generate_jwt_keys(params: $params) {
+      secret
+      public_key
+      private_key
+    }
+  }
+`;

dashboard/src/graphql/queries/index.ts

@@ -1,3 +1,12 @@
+export const MetaQuery = `
+  query MetaQuery {
+    meta {
+      version
+      client_id
+    }
+  }
+`;
+
 export const AdminSessionQuery = `
   query {
     _admin_session{
@@ -9,6 +18,8 @@ export const AdminSessionQuery = `
 export const EnvVariablesQuery = `
   query {
     _env{
+      CLIENT_ID,
+      CLIENT_SECRET,
 	    GOOGLE_CLIENT_ID,
       GOOGLE_CLIENT_SECRET,
       GITHUB_CLIENT_ID,
@@ -21,6 +32,8 @@ export const EnvVariablesQuery = `
       JWT_TYPE,
       JWT_SECRET,
       JWT_ROLE_CLAIM,
+      JWT_PRIVATE_KEY,
+      JWT_PUBLIC_KEY,
       REDIS_URL,
       SMTP_HOST,
       SMTP_PORT,
@@ -35,10 +48,12 @@ export const EnvVariablesQuery = `
       DISABLE_MAGIC_LINK_LOGIN,
       DISABLE_EMAIL_VERIFICATION,
       DISABLE_BASIC_AUTHENTICATION,
+      DISABLE_SIGN_UP,
       CUSTOM_ACCESS_TOKEN_SCRIPT,
       DATABASE_NAME,
       DATABASE_TYPE,
       DATABASE_URL,
+      ACCESS_TOKEN_EXPIRY_TIME,
     }
   }
 `;
@@ -67,7 +82,16 @@ export const UserDetailsQuery = `
         signup_methods
         roles
         created_at
+        revoked_timestamp
       }
     }
   }
 `;
+
+export const EmailVerificationQuery = `
+  query {
+    _env{
+      DISABLE_EMAIL_VERIFICATION
+    }
+  }
+`;

dashboard/src/index.tsx

@@ -2,4 +2,9 @@ import React from 'react';
 import ReactDOM from 'react-dom';
 import App from './App';
 
-ReactDOM.render(<App />, document.getElementById('root'));
+ReactDOM.render(
+	<div>
+		<App />
+	</div>,
+	document.getElementById('root')
+);

dashboard/src/layouts/AuthLayout.tsx

@@ -1,18 +1,28 @@
-import { Box, Center, Flex, Image, Text } from '@chakra-ui/react';
+import {
+	Box,
+	Flex,
+	Image,
+	Text,
+	Spinner,
+	useMediaQuery,
+} from '@chakra-ui/react';
 import React from 'react';
-import { LOGO_URL } from '../constants';
+import { useQuery } from 'urql';
+import { MetaQuery } from '../graphql/queries';
 
 export function AuthLayout({ children }: { children: React.ReactNode }) {
+	const [{ fetching, data }] = useQuery({ query: MetaQuery });
+	const [isNotSmallerScreen] = useMediaQuery('(min-width:600px)');
 	return (
 		<Flex
-			flexWrap="wrap"
-			h="100%"
+			h="100vh"
 			bg="gray.100"
 			alignItems="center"
 			justifyContent="center"
-			flexDirection="column"
+			direction={['column', 'column']}
+			padding={['2%', '2%', '2%', '2%']}
 		>
-			<Flex alignItems="center">
+			<Flex alignItems="center" maxW="100%">
 				<Image
 					src="https://authorizer.dev/images/logo.png"
 					alt="logo"
@@ -23,9 +33,26 @@ export function AuthLayout({ children }: { children: React.ReactNode }) {
 				</Text>
 			</Flex>
 
-			<Box p="6" m="5" rounded="5" bg="white" w="500px" shadow="xl">
-				{children}
-			</Box>
+			{fetching ? (
+				<Spinner />
+			) : (
+				<>
+					<Box
+						p="6"
+						m="5"
+						rounded="5"
+						bg="white"
+						w={isNotSmallerScreen ? '500px' : '450px'}
+						shadow="xl"
+						maxW="100%"
+					>
+						{children}
+					</Box>
+					<Text color="gray.600" fontSize="sm">
+						Current Version: {data.meta.version}
+					</Text>
+				</>
+			)}
 		</Flex>
 	);
 }

dashboard/src/layouts/DashboardLayout.tsx

@@ -31,7 +31,7 @@ export function DashboardLayout({ children }: { children: ReactNode }) {
 			</Drawer>
 			{/* mobilenav */}
 			<MobileNav onOpen={onOpen} />
-			<Box ml={{ base: 0, md: 60 }} p="4" pt="24">
+			<Box ml={{ base: 0, md: '64' }} p="4" pt="24">
 				{children}
 			</Box>
 		</Box>

dashboard/src/pages/Auth.tsx

@@ -6,7 +6,6 @@ import {
 	useToast,
 	VStack,
 	Text,
-	Divider,
 } from '@chakra-ui/react';
 import React, { useEffect } from 'react';
 import { useMutation } from 'urql';
@@ -73,17 +72,25 @@ export default function Auth() {
 				fontWeight="bold"
 				mb="2"
 			>
-				Hi there 👋 <br />
+				Hello Admin 👋 <br />
 			</Text>
 			<Text fontSize="large" textAlign="center" color="gray.500" mb="8">
-				Welcome to Authorizer Administrative Dashboard
+				Welcome to Admin Dashboard
 			</Text>
 			<form onSubmit={handleSubmit}>
 				<VStack spacing="5" justify="space-between">
 					<FormControl isRequired>
-						{/* <FormLabel htmlFor="admin-secret">
-							{isLogin ? 'Enter' : 'Configure'} Admin Secret
-						</FormLabel> */}
+						<FormLabel htmlFor="admin-username">Username</FormLabel>
+						<Input
+							size="lg"
+							id="admin-username"
+							placeholder="Username"
+							disabled
+							value="admin"
+						/>
+					</FormControl>
+					<FormControl isRequired>
+						<FormLabel htmlFor="admin-secret">Password</FormLabel>
 						<Input
 							size="lg"
 							id="admin-secret"
@@ -94,10 +101,10 @@ export default function Auth() {
 					</FormControl>
 					<Button
 						isLoading={signUpResult.fetching || loginResult.fetching}
+						loadingText="Submitting"
 						colorScheme="blue"
 						size="lg"
 						w="100%"
-						d="block"
 						type="submit"
 					>
 						{isLogin ? 'Login' : 'Sign up'}
@@ -111,10 +118,7 @@ export default function Auth() {
 						</Text>
 					) : (
 						<Text color="gray.600" fontSize="sm">
-							<b>Note:</b> You can also configure admin secret by setting{' '}
-							<code>ADMIN_SECRET</code> environment variable. For more
-							information, please refer to the{' '}
-							<a href="https://docs.authorizer.dev/core/env/">documentation</a>.
+							<b>Note:</b> Configure the password to start using your dashboard.
 						</Text>
 					)}
 				</VStack>

dashboard/src/pages/Environment.tsx

@@ -1,75 +1,35 @@
 import React, { useEffect } from 'react';
-import {
-	Box,
-	Divider,
-	Flex,
-	Stack,
-	Center,
-	Text,
-	Button,
-	Input,
-	InputGroup,
-	InputRightElement,
-	useToast,
-} from '@chakra-ui/react';
+import { useParams } from 'react-router-dom';
+import { Box, Flex, Stack, Button, useToast } from '@chakra-ui/react';
 import { useClient } from 'urql';
-import {
-	FaGoogle,
-	FaGithub,
-	FaFacebookF,
-	FaSave,
-	FaRegEyeSlash,
-	FaRegEye,
-} from 'react-icons/fa';
+import { FaSave } from 'react-icons/fa';
 import _ from 'lodash';
-import InputField from '../components/InputField';
 import { EnvVariablesQuery } from '../graphql/queries';
 import {
-	ArrayInputType,
 	SelectInputType,
 	HiddenInputType,
 	TextInputType,
-	TextAreaInputType,
-	SwitchInputType,
+	HMACEncryptionType,
+	RSAEncryptionType,
+	ECDSAEncryptionType,
+	envVarTypes,
+	envSubViews,
 } from '../constants';
 import { UpdateEnvVariables } from '../graphql/mutation';
 import { getObjectDiff, capitalizeFirstLetter } from '../utils';
+import OAuthConfig from '../components/EnvComponents/OAuthConfig';
+import Roles from '../components/EnvComponents/Roles';
+import JWTConfigurations from '../components/EnvComponents/JWTConfiguration';
+import SessionStorage from '../components/EnvComponents/SessionStorage';
+import EmailConfigurations from '../components/EnvComponents/EmailConfiguration';
+import DomainWhiteListing from '../components/EnvComponents/DomainWhitelisting';
+import OrganizationInfo from '../components/EnvComponents/OrganizationInfo';
+import AccessToken from '../components/EnvComponents/AccessToken';
+import UICustomization from '../components/EnvComponents/UICustomization';
+import SecurityAdminSecret from '../components/EnvComponents/SecurityAdminSecret';
+import DatabaseCredentials from '../components/EnvComponents/DatabaseCredentials';
 
-interface envVarTypes {
-	GOOGLE_CLIENT_ID: string;
-	GOOGLE_CLIENT_SECRET: string;
-	GITHUB_CLIENT_ID: string;
-	GITHUB_CLIENT_SECRET: string;
-	FACEBOOK_CLIENT_ID: string;
-	FACEBOOK_CLIENT_SECRET: string;
-	ROLES: [string] | [];
-	DEFAULT_ROLES: [string] | [];
-	PROTECTED_ROLES: [string] | [];
-	JWT_TYPE: string;
-	JWT_SECRET: string;
-	JWT_ROLE_CLAIM: string;
-	REDIS_URL: string;
-	SMTP_HOST: string;
-	SMTP_PORT: string;
-	SMTP_USERNAME: string;
-	SMTP_PASSWORD: string;
-	SENDER_EMAIL: string;
-	ALLOWED_ORIGINS: [string] | [];
-	ORGANIZATION_NAME: string;
-	ORGANIZATION_LOGO: string;
-	CUSTOM_ACCESS_TOKEN_SCRIPT: string;
-	ADMIN_SECRET: string;
-	DISABLE_LOGIN_PAGE: boolean;
-	DISABLE_MAGIC_LINK_LOGIN: boolean;
-	DISABLE_EMAIL_VERIFICATION: boolean;
-	DISABLE_BASIC_AUTHENTICATION: boolean;
-	OLD_ADMIN_SECRET: string;
-	DATABASE_NAME: string;
-	DATABASE_TYPE: string;
-	DATABASE_URL: string;
-}
-
-export default function Environment() {
+const Environment = () => {
 	const client = useClient();
 	const toast = useToast();
 	const [adminSecret, setAdminSecret] = React.useState<
@@ -92,6 +52,8 @@ export default function Environment() {
 		JWT_TYPE: '',
 		JWT_SECRET: '',
 		JWT_ROLE_CLAIM: '',
+		JWT_PRIVATE_KEY: '',
+		JWT_PUBLIC_KEY: '',
 		REDIS_URL: '',
 		SMTP_HOST: '',
 		SMTP_PORT: '',
@@ -107,10 +69,12 @@ export default function Environment() {
 		DISABLE_MAGIC_LINK_LOGIN: false,
 		DISABLE_EMAIL_VERIFICATION: false,
 		DISABLE_BASIC_AUTHENTICATION: false,
+		DISABLE_SIGN_UP: false,
 		OLD_ADMIN_SECRET: '',
 		DATABASE_NAME: '',
 		DATABASE_TYPE: '',
 		DATABASE_URL: '',
+		ACCESS_TOKEN_EXPIRY_TIME: '',
 	});
 
 	const [fieldVisibility, setFieldVisibility] = React.useState<
@@ -125,33 +89,28 @@ export default function Environment() {
 		OLD_ADMIN_SECRET: false,
 	});
 
+	const { sec } = useParams();
+
+	async function getData() {
+		const {
+			data: { _env: envData },
+		} = await client.query(EnvVariablesQuery).toPromise();
+		setLoading(false);
+
+		setEnvVariables({
+			...envData,
+			OLD_ADMIN_SECRET: envData.ADMIN_SECRET,
+			ADMIN_SECRET: '',
+		});
+		setAdminSecret({
+			value: '',
+			disableInputField: true,
+		});
+	}
+
 	useEffect(() => {
-		let isMounted = true;
-		async function getData() {
-			const {
-				data: { _env: envData },
-			} = await client.query(EnvVariablesQuery).toPromise();
-
-			if (isMounted) {
-				setLoading(false);
-				setEnvVariables({
-					...envData,
-					OLD_ADMIN_SECRET: envData.ADMIN_SECRET,
-					ADMIN_SECRET: '',
-				});
-				setAdminSecret({
-					value: '',
-					disableInputField: true,
-				});
-			}
-		}
-
 		getData();
-
-		return () => {
-			isMounted = false;
-		};
-	}, []);
+	}, [sec]);
 
 	const validateAdminSecretHandler = (event: any) => {
 		if (envVariables.OLD_ADMIN_SECRET === event.target.value) {
@@ -177,7 +136,6 @@ export default function Environment() {
 		const {
 			data: { _env: envData },
 		} = await client.query(EnvVariablesQuery).toPromise();
-
 		const diff = getObjectDiff(envVariables, envData);
 		const updatedEnvVariables = diff.reduce(
 			(acc: any, property: string) => ({
@@ -222,6 +180,8 @@ export default function Environment() {
 			disableInputField: true,
 		});
 
+		getData();
+
 		toast({
 			title: `Successfully updated ${
 				Object.keys(updatedEnvVariables).length
@@ -232,530 +192,113 @@ export default function Environment() {
 		});
 	};
 
+	const renderComponent = (tab: any) => {
+		switch (tab) {
+			case envSubViews.INSTANCE_INFO:
+				return (
+					<OAuthConfig
+						envVariables={envVariables}
+						setVariables={setEnvVariables}
+						fieldVisibility={fieldVisibility}
+						setFieldVisibility={setFieldVisibility}
+					/>
+				);
+			case envSubViews.ROLES:
+				return (
+					<Roles variables={envVariables} setVariables={setEnvVariables} />
+				);
+			case envSubViews.JWT_CONFIG:
+				return (
+					<JWTConfigurations
+						variables={envVariables}
+						setVariables={setEnvVariables}
+						fieldVisibility={fieldVisibility}
+						setFieldVisibility={setFieldVisibility}
+						SelectInputType={SelectInputType.JWT_TYPE}
+						HMACEncryptionType={HMACEncryptionType}
+						RSAEncryptionType={RSAEncryptionType}
+						ECDSAEncryptionType={ECDSAEncryptionType}
+						getData={getData}
+					/>
+				);
+			case envSubViews.SESSION_STORAGE:
+				return (
+					<SessionStorage
+						variables={envVariables}
+						setVariables={setEnvVariables}
+						RedisURL={TextInputType.REDIS_URL}
+					/>
+				);
+			case envSubViews.EMAIL_CONFIG:
+				return (
+					<EmailConfigurations
+						variables={envVariables}
+						setVariables={setEnvVariables}
+						fieldVisibility={fieldVisibility}
+						setFieldVisibility={setFieldVisibility}
+					/>
+				);
+			case envSubViews.WHITELIST_VARIABLES:
+				return (
+					<DomainWhiteListing
+						variables={envVariables}
+						setVariables={setEnvVariables}
+					/>
+				);
+			case envSubViews.ORGANIZATION_INFO:
+				return (
+					<OrganizationInfo
+						variables={envVariables}
+						setVariables={setEnvVariables}
+					/>
+				);
+			case envSubViews.ACCESS_TOKEN:
+				return (
+					<AccessToken
+						variables={envVariables}
+						setVariables={setEnvVariables}
+					/>
+				);
+			case envSubViews.UI_CUSTOMIZATION:
+				return (
+					<UICustomization
+						variables={envVariables}
+						setVariables={setEnvVariables}
+					/>
+				);
+			case envSubViews.ADMIN_SECRET:
+				return (
+					<SecurityAdminSecret
+						variables={envVariables}
+						setVariables={setEnvVariables}
+						fieldVisibility={fieldVisibility}
+						setFieldVisibility={setFieldVisibility}
+						validateAdminSecretHandler={validateAdminSecretHandler}
+						adminSecret={adminSecret}
+					/>
+				);
+			case envSubViews.DB_CRED:
+				return (
+					<DatabaseCredentials
+						variables={envVariables}
+						setVariables={setEnvVariables}
+					/>
+				);
+			default:
+				return (
+					<OAuthConfig
+						envVariables={envVariables}
+						setVariables={setEnvVariables}
+						fieldVisibility={fieldVisibility}
+						setFieldVisibility={setFieldVisibility}
+					/>
+				);
+		}
+	};
 	return (
 		<Box m="5" py="5" px="10" bg="white" rounded="md">
-			<Text fontSize="md" paddingTop="2%" fontWeight="bold">
-				Social Media Logins
-			</Text>
-			<Stack spacing={6} padding="2% 0%">
-				<Flex>
-					<Center
-						w="50px"
-						marginRight="1.5%"
-						border="1px solid #e2e8f0"
-						borderRadius="5px"
-					>
-						<FaGoogle style={{ color: '#8c8c8c' }} />
-					</Center>
-					<Center w="45%" marginRight="1.5%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={TextInputType.GOOGLE_CLIENT_ID}
-							placeholder="Google Client ID"
-						/>
-					</Center>
-					<Center w="45%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							fieldVisibility={fieldVisibility}
-							setFieldVisibility={setFieldVisibility}
-							inputType={HiddenInputType.GOOGLE_CLIENT_SECRET}
-							placeholder="Google Secret"
-						/>
-					</Center>
-				</Flex>
-				<Flex>
-					<Center
-						w="50px"
-						marginRight="1.5%"
-						border="1px solid #e2e8f0"
-						borderRadius="5px"
-					>
-						<FaGithub style={{ color: '#8c8c8c' }} />
-					</Center>
-					<Center w="45%" marginRight="1.5%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={TextInputType.GITHUB_CLIENT_ID}
-							placeholder="Github Client ID"
-						/>
-					</Center>
-					<Center w="45%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							fieldVisibility={fieldVisibility}
-							setFieldVisibility={setFieldVisibility}
-							inputType={HiddenInputType.GITHUB_CLIENT_SECRET}
-							placeholder="Github Secret"
-						/>
-					</Center>
-				</Flex>
-				<Flex>
-					<Center
-						w="50px"
-						marginRight="1.5%"
-						border="1px solid #e2e8f0"
-						borderRadius="5px"
-					>
-						<FaFacebookF style={{ color: '#8c8c8c' }} />
-					</Center>
-					<Center w="45%" marginRight="1.5%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={TextInputType.FACEBOOK_CLIENT_ID}
-							placeholder="Facebook Client ID"
-						/>
-					</Center>
-					<Center w="45%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							fieldVisibility={fieldVisibility}
-							setFieldVisibility={setFieldVisibility}
-							inputType={HiddenInputType.FACEBOOK_CLIENT_SECRET}
-							placeholder="Facebook Secret"
-						/>
-					</Center>
-				</Flex>
-			</Stack>
-			<Divider marginTop="2%" marginBottom="2%" />
-			<Text fontSize="md" paddingTop="2%" fontWeight="bold">
-				Roles
-			</Text>
-			<Stack spacing={6} padding="2% 0%">
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Roles:</Text>
-					</Flex>
-					<Center w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={ArrayInputType.ROLES}
-						/>
-					</Center>
-				</Flex>
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Default Roles:</Text>
-					</Flex>
-					<Center w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={ArrayInputType.DEFAULT_ROLES}
-						/>
-					</Center>
-				</Flex>
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Protected Roles:</Text>
-					</Flex>
-					<Center w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={ArrayInputType.PROTECTED_ROLES}
-						/>
-					</Center>
-				</Flex>
-			</Stack>
-			<Divider marginTop="2%" marginBottom="2%" />
-			<Text fontSize="md" paddingTop="2%" fontWeight="bold">
-				JWT (JSON Web Tokens) Configurations
-			</Text>
-			<Stack spacing={6} padding="2% 0%">
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">JWT Type:</Text>
-					</Flex>
-					<Center w="70%">
-						<Flex w="100%" justifyContent="space-between">
-							<Flex flex="2">
-								<InputField
-									variables={envVariables}
-									setVariables={setEnvVariables}
-									inputType={SelectInputType.JWT_TYPE}
-									isDisabled={true}
-									defaultValue={SelectInputType.JWT_TYPE}
-								/>
-							</Flex>
-							<Flex flex="3" justifyContent="center" alignItems="center">
-								<Text fontSize="sm">
-									More JWT types will be enabled in upcoming releases.
-								</Text>
-							</Flex>
-						</Flex>
-					</Center>
-				</Flex>
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">JWT Secret</Text>
-					</Flex>
-					<Center w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							fieldVisibility={fieldVisibility}
-							setFieldVisibility={setFieldVisibility}
-							inputType={HiddenInputType.JWT_SECRET}
-						/>
-					</Center>
-				</Flex>
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">JWT Role Claim:</Text>
-					</Flex>
-					<Center w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={TextInputType.JWT_ROLE_CLAIM}
-						/>
-					</Center>
-				</Flex>
-			</Stack>
-			<Divider marginTop="2%" marginBottom="2%" />
-			<Text fontSize="md" paddingTop="2%" fontWeight="bold">
-				Session Storage
-			</Text>
-			<Stack spacing={6} padding="2% 0%">
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Redis URL:</Text>
-					</Flex>
-					<Center w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={TextInputType.REDIS_URL}
-						/>
-					</Center>
-				</Flex>
-			</Stack>
-			<Divider marginTop="2%" marginBottom="2%" />
-			<Text fontSize="md" paddingTop="2%" fontWeight="bold">
-				Email Configurations
-			</Text>
-			<Stack spacing={6} padding="2% 0%">
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">SMTP Host:</Text>
-					</Flex>
-					<Center w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={TextInputType.SMTP_HOST}
-						/>
-					</Center>
-				</Flex>
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Port:</Text>
-					</Flex>
-					<Center w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={TextInputType.SMTP_PORT}
-						/>
-					</Center>
-				</Flex>
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Username:</Text>
-					</Flex>
-					<Center w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={TextInputType.SMTP_USERNAME}
-						/>
-					</Center>
-				</Flex>
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Password:</Text>
-					</Flex>
-					<Center w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							fieldVisibility={fieldVisibility}
-							setFieldVisibility={setFieldVisibility}
-							inputType={HiddenInputType.SMTP_PASSWORD}
-						/>
-					</Center>
-				</Flex>
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">From Email:</Text>
-					</Flex>
-					<Center w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={TextInputType.SENDER_EMAIL}
-						/>
-					</Center>
-				</Flex>
-			</Stack>
-			<Divider marginTop="2%" marginBottom="2%" />
-			<Text fontSize="md" paddingTop="2%" fontWeight="bold">
-				White Listing
-			</Text>
-			<Stack spacing={6} padding="2% 0%">
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Allowed Origins:</Text>
-					</Flex>
-					<Center w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={ArrayInputType.ALLOWED_ORIGINS}
-						/>
-					</Center>
-				</Flex>
-			</Stack>
-			<Divider marginTop="2%" marginBottom="2%" />
-			<Text fontSize="md" paddingTop="2%" fontWeight="bold">
-				Organization Information
-			</Text>
-			<Stack spacing={6} padding="2% 0%">
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Organization Name:</Text>
-					</Flex>
-					<Center w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={TextInputType.ORGANIZATION_NAME}
-						/>
-					</Center>
-				</Flex>
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Organization Logo:</Text>
-					</Flex>
-					<Center w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={TextInputType.ORGANIZATION_LOGO}
-						/>
-					</Center>
-				</Flex>
-			</Stack>
-			<Divider marginTop="2%" marginBottom="2%" />
-			<Text fontSize="md" paddingTop="2%" fontWeight="bold">
-				Custom Scripts
-			</Text>
-			<Stack spacing={6} padding="2% 0%">
-				<Flex>
-					<Center w="100%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={TextAreaInputType.CUSTOM_ACCESS_TOKEN_SCRIPT}
-							placeholder="Add script here"
-							minH="25vh"
-						/>
-					</Center>
-				</Flex>
-			</Stack>
-			<Divider marginTop="2%" marginBottom="2%" />
-			<Text fontSize="md" paddingTop="2%" fontWeight="bold">
-				Disable Features
-			</Text>
-			<Stack spacing={6} padding="2% 0%">
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Disable Login Page:</Text>
-					</Flex>
-					<Flex justifyContent="start" w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={SwitchInputType.DISABLE_LOGIN_PAGE}
-						/>
-					</Flex>
-				</Flex>
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Disable Email Verification:</Text>
-					</Flex>
-					<Flex justifyContent="start" w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={SwitchInputType.DISABLE_EMAIL_VERIFICATION}
-						/>
-					</Flex>
-				</Flex>
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Disable Magic Login Link:</Text>
-					</Flex>
-					<Flex justifyContent="start" w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={SwitchInputType.DISABLE_MAGIC_LINK_LOGIN}
-						/>
-					</Flex>
-				</Flex>
-				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Disable Basic Authentication:</Text>
-					</Flex>
-					<Flex justifyContent="start" w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={SwitchInputType.DISABLE_BASIC_AUTHENTICATION}
-						/>
-					</Flex>
-				</Flex>
-			</Stack>
-			<Divider marginTop="2%" marginBottom="2%" />
-			<Text fontSize="md" paddingTop="2%" fontWeight="bold">
-				Danger
-			</Text>
-			<Stack
-				spacing={6}
-				padding="0 5%"
-				marginTop="3%"
-				border="1px solid #ff7875"
-				borderRadius="5px"
-			>
-				<Stack spacing={6} padding="3% 0">
-					<Text fontStyle="italic" fontSize="sm" color="gray.600">
-						Note: Database related environment variables cannot be updated from
-						dashboard :(
-					</Text>
-					<Flex>
-						<Flex w="30%" justifyContent="start" alignItems="center">
-							<Text fontSize="sm">DataBase Name:</Text>
-						</Flex>
-						<Center w="70%">
-							<InputField
-								variables={envVariables}
-								setVariables={setEnvVariables}
-								inputType={TextInputType.DATABASE_NAME}
-								isDisabled={true}
-							/>
-						</Center>
-					</Flex>
-					<Flex>
-						<Flex w="30%" justifyContent="start" alignItems="center">
-							<Text fontSize="sm">DataBase Type:</Text>
-						</Flex>
-						<Center w="70%">
-							<InputField
-								variables={envVariables}
-								setVariables={setEnvVariables}
-								inputType={TextInputType.DATABASE_TYPE}
-								isDisabled={true}
-							/>
-						</Center>
-					</Flex>
-					<Flex>
-						<Flex w="30%" justifyContent="start" alignItems="center">
-							<Text fontSize="sm">DataBase URL:</Text>
-						</Flex>
-						<Center w="70%">
-							<InputField
-								variables={envVariables}
-								setVariables={setEnvVariables}
-								inputType={TextInputType.DATABASE_URL}
-								isDisabled={true}
-							/>
-						</Center>
-					</Flex>
-				</Stack>
-				<Flex marginTop="3%">
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Old Admin Secret:</Text>
-					</Flex>
-					<Center w="70%">
-						<InputGroup size="sm">
-							<Input
-								size="sm"
-								placeholder="Enter Old Admin Secret"
-								value={adminSecret.value as string}
-								onChange={(event: any) => validateAdminSecretHandler(event)}
-								type={
-									!fieldVisibility[HiddenInputType.OLD_ADMIN_SECRET]
-										? 'password'
-										: 'text'
-								}
-							/>
-							<InputRightElement
-								right="5px"
-								children={
-									<Flex>
-										{fieldVisibility[HiddenInputType.OLD_ADMIN_SECRET] ? (
-											<Center
-												w="25px"
-												margin="0 1.5%"
-												cursor="pointer"
-												onClick={() =>
-													setFieldVisibility({
-														...fieldVisibility,
-														[HiddenInputType.OLD_ADMIN_SECRET]: false,
-													})
-												}
-											>
-												<FaRegEyeSlash color="#bfbfbf" />
-											</Center>
-										) : (
-											<Center
-												w="25px"
-												margin="0 1.5%"
-												cursor="pointer"
-												onClick={() =>
-													setFieldVisibility({
-														...fieldVisibility,
-														[HiddenInputType.OLD_ADMIN_SECRET]: true,
-													})
-												}
-											>
-												<FaRegEye color="#bfbfbf" />
-											</Center>
-										)}
-									</Flex>
-								}
-							/>
-						</InputGroup>
-					</Center>
-				</Flex>
-				<Flex paddingBottom="3%">
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">New Admin Secret:</Text>
-					</Flex>
-					<Center w="70%">
-						<InputField
-							variables={envVariables}
-							setVariables={setEnvVariables}
-							inputType={HiddenInputType.ADMIN_SECRET}
-							fieldVisibility={fieldVisibility}
-							setFieldVisibility={setFieldVisibility}
-							isDisabled={adminSecret.disableInputField}
-							placeholder="Enter New Admin Secret"
-						/>
-					</Center>
-				</Flex>
-			</Stack>
-			<Divider marginTop="5%" marginBottom="2%" />
-			<Stack spacing={6} padding="1% 0">
+			{renderComponent(sec)}
+			<Stack spacing={6} padding="1% 0" mt={4}>
 				<Flex justifyContent="end" alignItems="center">
 					<Button
 						leftIcon={<FaSave />}
@@ -770,4 +313,6 @@ export default function Environment() {
 			</Stack>
 		</Box>
 	);
-}
+};
+
+export default Environment;

dashboard/src/pages/Users.tsx

@@ -38,10 +38,11 @@ import {
 	FaExclamationCircle,
 	FaAngleDown,
 } from 'react-icons/fa';
-import { UserDetailsQuery } from '../graphql/queries';
-import { UpdateUser } from '../graphql/mutation';
+import { EmailVerificationQuery, UserDetailsQuery } from '../graphql/queries';
+import { EnableAccess, RevokeAccess, UpdateUser } from '../graphql/mutation';
 import EditUserModal from '../components/EditUserModal';
 import DeleteUserModal from '../components/DeleteUserModal';
+import InviteMembersModal from '../components/InviteMembersModal';
 
 interface paginationPropTypes {
 	limit: number;
@@ -66,6 +67,12 @@ interface userDataTypes {
 	signup_methods: string;
 	roles: [string];
 	created_at: number;
+	revoked_timestamp: number;
+}
+
+const enum updateAccessActions {
+	REVOKE = 'REVOKE',
+	ENABLE = 'ENABLE',
 }
 
 const getMaxPages = (pagination: paginationPropTypes) => {
@@ -101,6 +108,8 @@ export default function Users() {
 		});
 	const [userList, setUserList] = React.useState<userDataTypes[]>([]);
 	const [loading, setLoading] = React.useState<boolean>(false);
+	const [disableInviteMembers, setDisableInviteMembers] =
+		React.useState<boolean>(true);
 	const updateUserList = async () => {
 		setLoading(true);
 		const { data } = await client
@@ -132,8 +141,18 @@ export default function Users() {
 		}
 		setLoading(false);
 	};
+	const checkEmailVerification = async () => {
+		setLoading(true);
+		const { data } = await client.query(EmailVerificationQuery).toPromise();
+		if (data?._env) {
+			const { DISABLE_EMAIL_VERIFICATION } = data._env;
+			setDisableInviteMembers(DISABLE_EMAIL_VERIFICATION);
+		}
+		setLoading(false);
+	};
 	React.useEffect(() => {
 		updateUserList();
+		checkEmailVerification();
 	}, []);
 	React.useEffect(() => {
 		updateUserList();
@@ -171,12 +190,77 @@ export default function Users() {
 		}
 		updateUserList();
 	};
+
+	const updateAccessHandler = async (
+		id: string,
+		action: updateAccessActions
+	) => {
+		switch (action) {
+			case updateAccessActions.ENABLE:
+				const enableAccessRes = await client
+					.mutation(EnableAccess, {
+						param: {
+							user_id: id,
+						},
+					})
+					.toPromise();
+				if (enableAccessRes.error) {
+					toast({
+						title: 'User access enable failed',
+						isClosable: true,
+						status: 'error',
+						position: 'bottom-right',
+					});
+				} else {
+					toast({
+						title: 'User access enabled successfully',
+						isClosable: true,
+						status: 'success',
+						position: 'bottom-right',
+					});
+				}
+				updateUserList();
+				break;
+			case updateAccessActions.REVOKE:
+				const revokeAccessRes = await client
+					.mutation(RevokeAccess, {
+						param: {
+							user_id: id,
+						},
+					})
+					.toPromise();
+				if (revokeAccessRes.error) {
+					toast({
+						title: 'User access revoke failed',
+						isClosable: true,
+						status: 'error',
+						position: 'bottom-right',
+					});
+				} else {
+					toast({
+						title: 'User access revoked successfully',
+						isClosable: true,
+						status: 'success',
+						position: 'bottom-right',
+					});
+				}
+				updateUserList();
+				break;
+			default:
+				break;
+		}
+	};
+
 	return (
 		<Box m="5" py="5" px="10" bg="white" rounded="md">
 			<Flex margin="2% 0" justifyContent="space-between" alignItems="center">
 				<Text fontSize="md" fontWeight="bold">
 					Users
 				</Text>
+				<InviteMembersModal
+					disabled={disableInviteMembers}
+					updateUserList={updateUserList}
+				/>
 			</Flex>
 			{!loading ? (
 				userList.length > 0 ? (
@@ -188,6 +272,7 @@ export default function Users() {
 								<Th>Signup Methods</Th>
 								<Th>Roles</Th>
 								<Th>Verified</Th>
+								<Th>Access</Th>
 								<Th>Actions</Th>
 							</Tr>
 						</Thead>
@@ -196,7 +281,7 @@ export default function Users() {
 								const { email_verified, created_at, ...rest }: any = user;
 								return (
 									<Tr key={user.id} style={{ fontSize: 14 }}>
-										<Td>{user.email}</Td>
+										<Td maxW="300">{user.email}</Td>
 										<Td>
 											{dayjs(user.created_at * 1000).format('MMM DD, YYYY')}
 										</Td>
@@ -211,6 +296,15 @@ export default function Users() {
 												{user.email_verified.toString()}
 											</Tag>
 										</Td>
+										<Td>
+											<Tag
+												size="sm"
+												variant="outline"
+												colorScheme={user.revoked_timestamp ? 'red' : 'green'}
+											>
+												{user.revoked_timestamp ? 'Revoked' : 'Enabled'}
+											</Tag>
+										</Td>
 										<Td>
 											<Menu>
 												<MenuButton as={Button} variant="unstyled" size="sm">
@@ -240,6 +334,29 @@ export default function Users() {
 														user={rest}
 														updateUserList={updateUserList}
 													/>
+													{user.revoked_timestamp ? (
+														<MenuItem
+															onClick={() =>
+																updateAccessHandler(
+																	user.id,
+																	updateAccessActions.ENABLE
+																)
+															}
+														>
+															Enable Access
+														</MenuItem>
+													) : (
+														<MenuItem
+															onClick={() =>
+																updateAccessHandler(
+																	user.id,
+																	updateAccessActions.REVOKE
+																)
+															}
+														>
+															Revoke Access
+														</MenuItem>
+													)}
 												</MenuList>
 											</Menu>
 										</Td>

dashboard/src/routes/index.tsx

@@ -14,6 +14,7 @@ export const AppRoutes = () => {
 
 	if (isLoggedIn) {
 		return (
+		<div>
 			<Suspense fallback={<></>}>
 				<Routes>
 					<Route
@@ -23,13 +24,16 @@ export const AppRoutes = () => {
 							</DashboardLayout>
 						}
 					>
-						<Route path="/" element={<Home />} />
-						<Route path="users" element={<Users />} />
-						<Route path="environment" element={<Environment />} />
-						<Route path="*" element={<Home />} />
+						 <Route path="/" element={<Outlet />}>
+              				<Route index element={<Environment />} />
+              				<Route path="/:sec" element={<Environment />} />
+           				 </Route>
+           				 <Route path="users" element={<Users />} />
+         				   <Route path="*" element={<Home />} />
 					</Route>
 				</Routes>
 			</Suspense>
+		</div>
 		);
 	}
 	return (

dashboard/src/utils/index.ts

@@ -64,3 +64,25 @@ export const getObjectDiff = (obj1: any, obj2: any) => {
 
 	return diff;
 };
+
+export const validateEmail = (email: string) => {
+	if (!email || email === '') return true;
+	return email
+		.toLowerCase()
+		.match(
+			/^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/
+		)
+		? true
+		: false;
+};
+
+export const validateURI = (uri: string) => {
+	if (!uri || uri === '') return true;
+	return uri
+		.toLowerCase()
+		.match(
+			/(?:^|\s)((https?:\/\/)?(?:localhost|[\w-]+(?:\.[\w-]+)+)(:\d+)?(\/\S*)?)/
+		)
+		? true
+		: false;
+};

dashboard/src/utils/parseCSV.ts

@@ -0,0 +1,39 @@
+import _flatten from 'lodash/flatten';
+import { validateEmail } from '.';
+
+interface dataTypes {
+	value: string;
+	isInvalid: boolean;
+}
+
+const parseCSV = (file: File, delimiter: string): Promise<dataTypes[]> => {
+	return new Promise((resolve) => {
+		const reader = new FileReader();
+
+		// When the FileReader has loaded the file...
+		reader.onload = (e: any) => {
+			// Split the result to an array of lines
+			const lines = e.target.result.split('\n');
+			// Split the lines themselves by the specified
+			// delimiter, such as a comma
+			let result = lines.map((line: string) => line.split(delimiter));
+			// As the FileReader reads asynchronously,
+			// we can't just return the result; instead,
+			// we're passing it to a callback function
+			result = _flatten(result);
+			resolve(
+				result.map((email: string) => {
+					return {
+						value: email.trim(),
+						isInvalid: !validateEmail(email.trim()),
+					};
+				})
+			);
+		};
+
+		// Read the file content as a single string
+		reader.readAsText(file);
+	});
+};
+
+export default parseCSV;

server/constants/db_types.go

@@ -13,4 +13,10 @@ const (
 	DbTypeArangodb = "arangodb"
 	// DbTypeMongodb is the mongodb database type
 	DbTypeMongodb = "mongodb"
+	// DbTypeYugabyte is the yugabyte database type
+	DbTypeYugabyte = "yugabyte"
+	// DbTypeMariaDB is the mariadb database type
+	DbTypeMariaDB = "mariadb"
+	// DbTypeCassandra is the cassandra database type
+	DbTypeCassandraDB = "cassandradb"
 )

server/constants/env.go

@@ -1,5 +1,7 @@
 package constants
 
+var VERSION = "0.0.1"
+
 const (
 	// Envstore identifier
 	// StringStore string store identifier
@@ -13,14 +15,13 @@ const (
 	EnvKeyEnv = "ENV"
 	// EnvKeyEnvPath key for cli arg variable ENV_PATH
 	EnvKeyEnvPath = "ENV_PATH"
-	// EnvKeyVersion key for build arg version
-	EnvKeyVersion = "VERSION"
 	// EnvKeyAuthorizerURL key for env variable AUTHORIZER_URL
-	// TODO: remove support AUTHORIZER_URL env
 	EnvKeyAuthorizerURL = "AUTHORIZER_URL"
 	// EnvKeyPort key for env variable PORT
 	EnvKeyPort = "PORT"
 
+	// EnvKeyAccessTokenExpiryTime key for env variable ACCESS_TOKEN_EXPIRY_TIME
+	EnvKeyAccessTokenExpiryTime = "ACCESS_TOKEN_EXPIRY_TIME"
 	// EnvKeyAdminSecret key for env variable ADMIN_SECRET
 	EnvKeyAdminSecret = "ADMIN_SECRET"
 	// EnvKeyDatabaseType key for env variable DATABASE_TYPE
@@ -29,6 +30,20 @@ const (
 	EnvKeyDatabaseURL = "DATABASE_URL"
 	// EnvKeyDatabaseName key for env variable DATABASE_NAME
 	EnvKeyDatabaseName = "DATABASE_NAME"
+	// EnvKeyDatabaseUsername key for env variable DATABASE_USERNAME
+	EnvKeyDatabaseUsername = "DATABASE_USERNAME"
+	// EnvKeyDatabasePassword key for env variable DATABASE_PASSWORD
+	EnvKeyDatabasePassword = "DATABASE_PASSWORD"
+	// EnvKeyDatabasePort key for env variable DATABASE_PORT
+	EnvKeyDatabasePort = "DATABASE_PORT"
+	// EnvKeyDatabaseHost key for env variable DATABASE_HOST
+	EnvKeyDatabaseHost = "DATABASE_HOST"
+	// EnvKeyDatabaseCert key for env variable DATABASE_CERT
+	EnvKeyDatabaseCert = "DATABASE_CERT"
+	// EnvKeyDatabaseCertKey key for env variable DATABASE_KEY
+	EnvKeyDatabaseCertKey = "DATABASE_CERT_KEY"
+	// EnvKeyDatabaseCACert key for env variable DATABASE_CA_CERT
+	EnvKeyDatabaseCACert = "DATABASE_CA_CERT"
 	// EnvKeySmtpHost key for env variable SMTP_HOST
 	EnvKeySmtpHost = "SMTP_HOST"
 	// EnvKeySmtpPort key for env variable SMTP_PORT
@@ -43,6 +58,10 @@ const (
 	EnvKeyJwtType = "JWT_TYPE"
 	// EnvKeyJwtSecret key for env variable JWT_SECRET
 	EnvKeyJwtSecret = "JWT_SECRET"
+	// EnvKeyJwtPrivateKey key for env variable JWT_PRIVATE_KEY
+	EnvKeyJwtPrivateKey = "JWT_PRIVATE_KEY"
+	// EnvKeyJwtPublicKey key for env variable JWT_PUBLIC_KEY
+	EnvKeyJwtPublicKey = "JWT_PUBLIC_KEY"
 	// EnvKeyAllowedOrigins key for env variable ALLOWED_ORIGINS
 	EnvKeyAllowedOrigins = "ALLOWED_ORIGINS"
 	// EnvKeyAppURL key for env variable APP_URL
@@ -55,8 +74,6 @@ const (
 	EnvKeyAdminCookieName = "ADMIN_COOKIE_NAME"
 	// EnvKeyResetPasswordURL key for env variable RESET_PASSWORD_URL
 	EnvKeyResetPasswordURL = "RESET_PASSWORD_URL"
-	// EnvKeyEncryptionKey key for env variable ENCRYPTION_KEY
-	EnvKeyEncryptionKey = "ENCRYPTION_KEY"
 	// EnvKeyDisableEmailVerification key for env variable DISABLE_EMAIL_VERIFICATION
 	EnvKeyDisableEmailVerification = "DISABLE_EMAIL_VERIFICATION"
 	// EnvKeyDisableBasicAuthentication key for env variable DISABLE_BASIC_AUTH
@@ -65,6 +82,8 @@ const (
 	EnvKeyDisableMagicLinkLogin = "DISABLE_MAGIC_LINK_LOGIN"
 	// EnvKeyDisableLoginPage key for env variable DISABLE_LOGIN_PAGE
 	EnvKeyDisableLoginPage = "DISABLE_LOGIN_PAGE"
+	// EnvKeyDisableSignUp key for env variable DISABLE_SIGN_UP
+	EnvKeyDisableSignUp = "DISABLE_SIGN_UP"
 	// EnvKeyRoles key for env variable ROLES
 	EnvKeyRoles = "ROLES"
 	// EnvKeyProtectedRoles key for env variable PROTECTED_ROLES
@@ -89,8 +108,18 @@ const (
 	EnvKeyOrganizationName = "ORGANIZATION_NAME"
 	// EnvKeyOrganizationLogo key for env variable ORGANIZATION_LOGO
 	EnvKeyOrganizationLogo = "ORGANIZATION_LOGO"
-	// EnvKeyIsProd key for env variable IS_PROD
-	EnvKeyIsProd = "IS_PROD"
 	// EnvKeyCustomAccessTokenScript key for env variable CUSTOM_ACCESS_TOKEN_SCRIPT
 	EnvKeyCustomAccessTokenScript = "CUSTOM_ACCESS_TOKEN_SCRIPT"
+
+	// Not Exposed Keys
+	// EnvKeyClientID key for env variable CLIENT_ID
+	EnvKeyClientID = "CLIENT_ID"
+	// EnvKeyClientSecret key for env variable CLIENT_SECRET
+	EnvKeyClientSecret = "CLIENT_SECRET"
+	// EnvKeyEncryptionKey key for env variable ENCRYPTION_KEY
+	EnvKeyEncryptionKey = "ENCRYPTION_KEY"
+	// EnvKeyJWK key for env variable JWK
+	EnvKeyJWK = "JWK"
+	// EnvKeyIsProd key for env variable IS_PROD
+	EnvKeyIsProd = "IS_PROD"
 )

server/constants/token_types.go

@@ -5,4 +5,6 @@ const (
 	TokenTypeRefreshToken = "refresh_token"
 	// TokenTypeAccessToken is the access_token token type
 	TokenTypeAccessToken = "access_token"
+	// TokenTypeIdentityToken is the identity_token token type
+	TokenTypeIdentityToken = "id_token"
 )

server/cookie/admin_cookie.go

@@ -16,12 +16,12 @@ func SetAdminCookie(gc *gin.Context, token string) {
 	hostname := utils.GetHost(gc)
 	host, _ := utils.GetHostParts(hostname)
 
-	gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), token, 3600, "/", host, secure, httpOnly)
+	gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), token, 3600, "/", host, secure, httpOnly)
 }
 
 // GetAdminCookie gets the admin cookie from the request
 func GetAdminCookie(gc *gin.Context) (string, error) {
-	cookie, err := gc.Request.Cookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName))
+	cookie, err := gc.Request.Cookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName))
 	if err != nil {
 		return "", err
 	}
@@ -42,5 +42,5 @@ func DeleteAdminCookie(gc *gin.Context) {
 	hostname := utils.GetHost(gc)
 	host, _ := utils.GetHostParts(hostname)
 
-	gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), "", -1, "/", host, secure, httpOnly)
+	gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), "", -1, "/", host, secure, httpOnly)
 }

server/cookie/cookie.go

@@ -10,13 +10,8 @@ import (
 	"github.com/gin-gonic/gin"
 )
 
-// SetCookie sets the cookie in the response. It sets 4 cookies
-// 1 COOKIE_NAME.access_token jwt token for the host (temp.abc.com)
-// 2 COOKIE_NAME.access_token.domain jwt token for the domain (abc.com).
-// 3 COOKIE_NAME.fingerprint fingerprint hash for the refresh token verification.
-// 4 COOKIE_NAME.refresh_token refresh token
-// Note all sites don't allow 2nd type of cookie
-func SetCookie(gc *gin.Context, accessToken, refreshToken, fingerprintHash string) {
+// SetSession sets the session cookie in the response
+func SetSession(gc *gin.Context, sessionID string) {
 	secure := true
 	httpOnly := true
 	hostname := utils.GetHost(gc)
@@ -26,77 +21,45 @@ func SetCookie(gc *gin.Context, accessToken, refreshToken, fingerprintHash strin
 		domain = "." + domain
 	}
 
+	// TODO allow configuring from dashboard
 	year := 60 * 60 * 24 * 365
-	thirtyMin := 60 * 30
 
 	gc.SetSameSite(http.SameSiteNoneMode)
-	// set cookie for host
-	gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token", accessToken, thirtyMin, "/", host, secure, httpOnly)
-
-	// in case of subdomain, set cookie for domain
-	gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token.domain", accessToken, thirtyMin, "/", domain, secure, httpOnly)
-
-	// set finger print cookie (this should be accessed via cookie only)
-	gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".fingerprint", fingerprintHash, year, "/", host, secure, httpOnly)
-
-	// set refresh token cookie (this should be accessed via cookie only)
-	gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".refresh_token", refreshToken, year, "/", host, secure, httpOnly)
+	gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+"_session", sessionID, year, "/", host, secure, httpOnly)
+	gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+"_session_domain", sessionID, year, "/", domain, secure, httpOnly)
 }
 
-// GetAccessTokenCookie to get access token cookie from the request
-func GetAccessTokenCookie(gc *gin.Context) (string, error) {
-	cookie, err := gc.Request.Cookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + ".access_token")
+// DeleteSession sets session cookies to expire
+func DeleteSession(gc *gin.Context) {
+	secure := true
+	httpOnly := true
+	hostname := utils.GetHost(gc)
+	host, _ := utils.GetHostParts(hostname)
+	domain := utils.GetDomainName(hostname)
+	if domain != "localhost" {
+		domain = "." + domain
+	}
+
+	gc.SetSameSite(http.SameSiteNoneMode)
+	gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+"_session", "", -1, "/", host, secure, httpOnly)
+	gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+"_session_domain", "", -1, "/", domain, secure, httpOnly)
+}
+
+// GetSession gets the session cookie from context
+func GetSession(gc *gin.Context) (string, error) {
+	var cookie *http.Cookie
+	var err error
+	cookie, err = gc.Request.Cookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + "_session")
 	if err != nil {
-		cookie, err = gc.Request.Cookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + ".access_token.domain")
+		cookie, err = gc.Request.Cookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + "_session_domain")
 		if err != nil {
 			return "", err
 		}
 	}
 
-	return cookie.Value, nil
-}
-
-// GetRefreshTokenCookie to get refresh token cookie
-func GetRefreshTokenCookie(gc *gin.Context) (string, error) {
-	cookie, err := gc.Request.Cookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + ".refresh_token")
+	decodedValue, err := url.PathUnescape(cookie.Value)
 	if err != nil {
 		return "", err
 	}
-
-	return cookie.Value, nil
-}
-
-// GetFingerPrintCookie to get fingerprint cookie
-func GetFingerPrintCookie(gc *gin.Context) (string, error) {
-	cookie, err := gc.Request.Cookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + ".fingerprint")
-	if err != nil {
-		return "", err
-	}
-
-	// cookie escapes special characters like $
-	// hence we need to unescape before comparing
-	decodedValue, err := url.QueryUnescape(cookie.Value)
-	if err != nil {
-		return "", err
-	}
-
 	return decodedValue, nil
 }
-
-// DeleteCookie sets response cookies to expire
-func DeleteCookie(gc *gin.Context) {
-	secure := true
-	httpOnly := true
-	hostname := utils.GetHost(gc)
-	host, _ := utils.GetHostParts(hostname)
-	domain := utils.GetDomainName(hostname)
-	if domain != "localhost" {
-		domain = "." + domain
-	}
-
-	gc.SetSameSite(http.SameSiteNoneMode)
-	gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token", "", -1, "/", host, secure, httpOnly)
-	gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token.domain", "", -1, "/", domain, secure, httpOnly)
-	gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".fingerprint", "", -1, "/", host, secure, httpOnly)
-	gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".refresh_token", "", -1, "/", host, secure, httpOnly)
-}

server/crypto/aes.go

@@ -1,35 +1,52 @@
-package utils
+package crypto
 
 import (
 	"crypto/aes"
 	"crypto/cipher"
 	"crypto/rand"
-	"encoding/base64"
-	"encoding/json"
 	"io"
 
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/envstore"
-	"golang.org/x/crypto/bcrypt"
 )
 
-// EncryptB64 encrypts data into base64 string
-func EncryptB64(text string) string {
-	return base64.StdEncoding.EncodeToString([]byte(text))
-}
+var bytes = []byte{35, 46, 57, 24, 85, 35, 24, 74, 87, 35, 88, 98, 66, 32, 14, 0o5}
 
-// DecryptB64 decrypts from base64 string to readable string
-func DecryptB64(s string) (string, error) {
-	data, err := base64.StdEncoding.DecodeString(s)
+// EncryptAES method is to encrypt or hide any classified text
+func EncryptAES(text string) (string, error) {
+	key := []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey))
+	block, err := aes.NewCipher(key)
 	if err != nil {
 		return "", err
 	}
-	return string(data), nil
+	plainText := []byte(text)
+	cfb := cipher.NewCFBEncrypter(block, bytes)
+	cipherText := make([]byte, len(plainText))
+	cfb.XORKeyStream(cipherText, plainText)
+	return EncryptB64(string(cipherText)), nil
 }
 
-// EncryptAES encrypts data using AES algorithm
-func EncryptAES(text []byte) ([]byte, error) {
-	key := []byte(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey))
+// DecryptAES method is to extract back the encrypted text
+func DecryptAES(text string) (string, error) {
+	key := []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey))
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return "", err
+	}
+	cipherText, err := DecryptB64(text)
+	if err != nil {
+		return "", err
+	}
+	cfb := cipher.NewCFBDecrypter(block, bytes)
+	plainText := make([]byte, len(cipherText))
+	cfb.XORKeyStream(plainText, []byte(cipherText))
+	return string(plainText), nil
+}
+
+// EncryptAESEnv encrypts data using AES algorithm
+// kept for the backward compatibility of env data encryption
+func EncryptAESEnv(text []byte) ([]byte, error) {
+	key := []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey))
 	c, err := aes.NewCipher(key)
 	var res []byte
 	if err != nil {
@@ -62,8 +79,9 @@ func EncryptAES(text []byte) ([]byte, error) {
 }
 
 // DecryptAES decrypts data using AES algorithm
-func DecryptAES(ciphertext []byte) ([]byte, error) {
-	key := []byte(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey))
+// Kept for the backward compatibility of env data decryption
+func DecryptAESEnv(ciphertext []byte) ([]byte, error) {
+	key := []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey))
 	c, err := aes.NewCipher(key)
 	var res []byte
 	if err != nil {
@@ -88,39 +106,3 @@ func DecryptAES(ciphertext []byte) ([]byte, error) {
 
 	return plaintext, nil
 }
-
-// EncryptEnvData is used to encrypt the env data
-func EncryptEnvData(data envstore.Store) (string, error) {
-	jsonBytes, err := json.Marshal(data)
-	if err != nil {
-		return "", err
-	}
-
-	envStoreObj := envstore.EnvInMemoryStoreObj.GetEnvStoreClone()
-
-	err = json.Unmarshal(jsonBytes, &envStoreObj)
-	if err != nil {
-		return "", err
-	}
-
-	configData, err := json.Marshal(envStoreObj)
-	if err != nil {
-		return "", err
-	}
-	encryptedConfig, err := EncryptAES(configData)
-	if err != nil {
-		return "", err
-	}
-
-	return EncryptB64(string(encryptedConfig)), nil
-}
-
-// EncryptPassword is used for encrypting password
-func EncryptPassword(password string) (string, error) {
-	pw, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
-	if err != nil {
-		return "", err
-	}
-
-	return string(pw), nil
-}

server/crypto/b64.go

@@ -0,0 +1,17 @@
+package crypto
+
+import "encoding/base64"
+
+// EncryptB64 encrypts data into base64 string
+func EncryptB64(text string) string {
+	return base64.StdEncoding.EncodeToString([]byte(text))
+}
+
+// DecryptB64 decrypts from base64 string to readable string
+func DecryptB64(s string) (string, error) {
+	data, err := base64.StdEncoding.DecodeString(s)
+	if err != nil {
+		return "", err
+	}
+	return string(data), nil
+}

server/crypto/common.go

@@ -0,0 +1,114 @@
+package crypto
+
+import (
+	"crypto/x509"
+	"encoding/json"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"golang.org/x/crypto/bcrypt"
+	"gopkg.in/square/go-jose.v2"
+)
+
+// GetPubJWK returns JWK for given keys
+func GetPubJWK(algo, keyID string, publicKey interface{}) (string, error) {
+	jwk := &jose.JSONWebKeySet{
+		Keys: []jose.JSONWebKey{
+			{
+				Algorithm:                   algo,
+				Key:                         publicKey,
+				Use:                         "sig",
+				KeyID:                       keyID,
+				Certificates:                []*x509.Certificate{},
+				CertificateThumbprintSHA1:   []uint8{},
+				CertificateThumbprintSHA256: []uint8{},
+			},
+		},
+	}
+	jwkPublicKey, err := jwk.Keys[0].MarshalJSON()
+	if err != nil {
+		return "", err
+	}
+	return string(jwkPublicKey), nil
+}
+
+// GenerateJWKBasedOnEnv generates JWK based on env
+// make sure clientID, jwtType, jwtSecret / public & private key pair is set
+// this is called while initializing app / when env is updated
+func GenerateJWKBasedOnEnv() (string, error) {
+	jwk := ""
+	algo := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
+	clientID := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID)
+
+	var err error
+	// check if jwt secret is provided
+	if IsHMACA(algo) {
+		jwk, err = GetPubJWK(algo, clientID, []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtSecret)))
+		if err != nil {
+			return "", err
+		}
+	}
+
+	if IsRSA(algo) {
+		publicKeyInstance, err := ParseRsaPublicKeyFromPemStr(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey))
+		if err != nil {
+			return "", err
+		}
+
+		jwk, err = GetPubJWK(algo, clientID, publicKeyInstance)
+		if err != nil {
+			return "", err
+		}
+	}
+
+	if IsECDSA(algo) {
+		publicKeyInstance, err := ParseEcdsaPublicKeyFromPemStr(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey))
+		if err != nil {
+			return "", err
+		}
+
+		jwk, err = GetPubJWK(algo, clientID, publicKeyInstance)
+		if err != nil {
+			return "", err
+		}
+	}
+
+	return jwk, nil
+}
+
+// EncryptEnvData is used to encrypt the env data
+func EncryptEnvData(data envstore.Store) (string, error) {
+	jsonBytes, err := json.Marshal(data)
+	if err != nil {
+		return "", err
+	}
+
+	storeData := envstore.EnvStoreObj.GetEnvStoreClone()
+
+	err = json.Unmarshal(jsonBytes, &storeData)
+	if err != nil {
+		return "", err
+	}
+
+	configData, err := json.Marshal(storeData)
+	if err != nil {
+		return "", err
+	}
+
+	encryptedConfig, err := EncryptAESEnv(configData)
+	if err != nil {
+		return "", err
+	}
+
+	return EncryptB64(string(encryptedConfig)), nil
+}
+
+// EncryptPassword is used for encrypting password
+func EncryptPassword(password string) (string, error) {
+	pw, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
+	if err != nil {
+		return "", err
+	}
+
+	return string(pw), nil
+}

server/crypto/ecdsa.go

@@ -0,0 +1,154 @@
+package crypto
+
+import (
+	"crypto/ecdsa"
+	"crypto/elliptic"
+	"crypto/rand"
+	"crypto/x509"
+	"encoding/pem"
+	"errors"
+)
+
+// NewECDSAKey to generate new ECDSA Key if env is not set
+// returns key instance, private key string, public key string, jwk string, error
+func NewECDSAKey(algo, keyID string) (*ecdsa.PrivateKey, string, string, string, error) {
+	var curve elliptic.Curve
+	switch algo {
+	case "ES256":
+		curve = elliptic.P256()
+	case "ES384":
+		curve = elliptic.P384()
+	case "ES512":
+		curve = elliptic.P521()
+	default:
+		return nil, "", "", "", errors.New("Invalid algo")
+	}
+	key, err := ecdsa.GenerateKey(curve, rand.Reader)
+	if err != nil {
+		return nil, "", "", "", err
+	}
+
+	privateKey, publicKey, err := AsECDSAStr(key, &key.PublicKey)
+	if err != nil {
+		return nil, "", "", "", err
+	}
+
+	jwkPublicKey, err := GetPubJWK(algo, keyID, &key.PublicKey)
+	if err != nil {
+		return nil, "", "", "", err
+	}
+
+	return key, privateKey, publicKey, string(jwkPublicKey), err
+}
+
+// IsECDSA checks if given string is valid ECDSA algo
+func IsECDSA(algo string) bool {
+	switch algo {
+	case "ES256", "ES384", "ES512":
+		return true
+	default:
+		return false
+	}
+}
+
+// ExportEcdsaPrivateKeyAsPemStr to get ECDSA private key as pem string
+func ExportEcdsaPrivateKeyAsPemStr(privkey *ecdsa.PrivateKey) (string, error) {
+	privkeyBytes, err := x509.MarshalECPrivateKey(privkey)
+	if err != nil {
+		return "", err
+	}
+	privkeyPem := pem.EncodeToMemory(
+		&pem.Block{
+			Type:  "ECDSA PRIVATE KEY",
+			Bytes: privkeyBytes,
+		},
+	)
+	return string(privkeyPem), nil
+}
+
+// ExportEcdsaPublicKeyAsPemStr to get ECDSA public key as pem string
+func ExportEcdsaPublicKeyAsPemStr(pubkey *ecdsa.PublicKey) (string, error) {
+	pubkeyBytes, err := x509.MarshalPKIXPublicKey(pubkey)
+	if err != nil {
+		return "", err
+	}
+	pubkeyPem := pem.EncodeToMemory(
+		&pem.Block{
+			Type:  "ECDSA PUBLIC KEY",
+			Bytes: pubkeyBytes,
+		},
+	)
+
+	return string(pubkeyPem), nil
+}
+
+// ParseEcdsaPrivateKeyFromPemStr to parse ECDSA private key from pem string
+func ParseEcdsaPrivateKeyFromPemStr(privPEM string) (*ecdsa.PrivateKey, error) {
+	block, _ := pem.Decode([]byte(privPEM))
+	if block == nil {
+		return nil, errors.New("failed to parse PEM block containing the key")
+	}
+
+	priv, err := x509.ParseECPrivateKey(block.Bytes)
+	if err != nil {
+		return nil, err
+	}
+
+	return priv, nil
+}
+
+// ParseEcdsaPublicKeyFromPemStr to parse ECDSA public key from pem string
+func ParseEcdsaPublicKeyFromPemStr(pubPEM string) (*ecdsa.PublicKey, error) {
+	block, _ := pem.Decode([]byte(pubPEM))
+	if block == nil {
+		return nil, errors.New("failed to parse PEM block containing the key")
+	}
+
+	pub, err := x509.ParsePKIXPublicKey(block.Bytes)
+	if err != nil {
+		return nil, err
+	}
+
+	switch pub := pub.(type) {
+	case *ecdsa.PublicKey:
+		return pub, nil
+	default:
+		break // fall through
+	}
+	return nil, errors.New("Key type is not ECDSA")
+}
+
+// AsECDSAStr returns private, public key string or error
+func AsECDSAStr(privateKey *ecdsa.PrivateKey, publicKey *ecdsa.PublicKey) (string, string, error) {
+	// Export the keys to pem string
+	privPem, err := ExportEcdsaPrivateKeyAsPemStr(privateKey)
+	if err != nil {
+		return "", "", err
+	}
+	pubPem, err := ExportEcdsaPublicKeyAsPemStr(publicKey)
+	if err != nil {
+		return "", "", err
+	}
+
+	// Import the keys from pem string
+	privParsed, err := ParseEcdsaPrivateKeyFromPemStr(privPem)
+	if err != nil {
+		return "", "", err
+	}
+	pubParsed, err := ParseEcdsaPublicKeyFromPemStr(pubPem)
+	if err != nil {
+		return "", "", err
+	}
+
+	// Export the newly imported keys
+	privParsedPem, err := ExportEcdsaPrivateKeyAsPemStr(privParsed)
+	if err != nil {
+		return "", "", err
+	}
+	pubParsedPem, err := ExportEcdsaPublicKeyAsPemStr(pubParsed)
+	if err != nil {
+		return "", "", err
+	}
+
+	return privParsedPem, pubParsedPem, nil
+}

server/crypto/hmac.go

@@ -0,0 +1,26 @@
+package crypto
+
+import (
+	"github.com/google/uuid"
+)
+
+// NewHMAC key returns new key that can be used to ecnrypt data using HMAC algo
+// returns key, string, error
+func NewHMACKey(algo, keyID string) (string, string, error) {
+	key := uuid.New().String()
+	jwkPublicKey, err := GetPubJWK(algo, keyID, []byte(key))
+	if err != nil {
+		return "", "", err
+	}
+	return key, string(jwkPublicKey), nil
+}
+
+// IsHMACValid checks if given string is valid HMCA algo
+func IsHMACA(algo string) bool {
+	switch algo {
+	case "HS256", "HS384", "HS512":
+		return true
+	default:
+		return false
+	}
+}

server/crypto/rsa.go

@@ -0,0 +1,118 @@
+package crypto
+
+import (
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/x509"
+	"encoding/pem"
+	"errors"
+)
+
+// NewRSAKey to generate new RSA Key if env is not set
+// returns key instance, private key string, public key string, jwk string, error
+func NewRSAKey(algo, keyID string) (*rsa.PrivateKey, string, string, string, error) {
+	key, err := rsa.GenerateKey(rand.Reader, 2048)
+	if err != nil {
+		return nil, "", "", "", err
+	}
+
+	privateKey, publicKey, err := AsRSAStr(key, &key.PublicKey)
+	if err != nil {
+		return nil, "", "", "", err
+	}
+
+	jwkPublicKey, err := GetPubJWK(algo, keyID, &key.PublicKey)
+	if err != nil {
+		return nil, "", "", "", err
+	}
+
+	return key, privateKey, publicKey, string(jwkPublicKey), err
+}
+
+// IsRSA checks if given string is valid RSA algo
+func IsRSA(algo string) bool {
+	switch algo {
+	case "RS256", "RS384", "RS512":
+		return true
+	default:
+		return false
+	}
+}
+
+// ExportRsaPrivateKeyAsPemStr to get RSA private key as pem string
+func ExportRsaPrivateKeyAsPemStr(privkey *rsa.PrivateKey) string {
+	privkeyBytes := x509.MarshalPKCS1PrivateKey(privkey)
+	privkeyPem := pem.EncodeToMemory(
+		&pem.Block{
+			Type:  "RSA PRIVATE KEY",
+			Bytes: privkeyBytes,
+		},
+	)
+	return string(privkeyPem)
+}
+
+// ExportRsaPublicKeyAsPemStr to get RSA public key as pem string
+func ExportRsaPublicKeyAsPemStr(pubkey *rsa.PublicKey) string {
+	pubkeyBytes := x509.MarshalPKCS1PublicKey(pubkey)
+	pubkeyPem := pem.EncodeToMemory(
+		&pem.Block{
+			Type:  "RSA PUBLIC KEY",
+			Bytes: pubkeyBytes,
+		},
+	)
+
+	return string(pubkeyPem)
+}
+
+// ParseRsaPrivateKeyFromPemStr to parse RSA private key from pem string
+func ParseRsaPrivateKeyFromPemStr(privPEM string) (*rsa.PrivateKey, error) {
+	block, _ := pem.Decode([]byte(privPEM))
+	if block == nil {
+		return nil, errors.New("failed to parse PEM block containing the key")
+	}
+
+	priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
+	if err != nil {
+		return nil, err
+	}
+
+	return priv, nil
+}
+
+// ParseRsaPublicKeyFromPemStr to parse RSA public key from pem string
+func ParseRsaPublicKeyFromPemStr(pubPEM string) (*rsa.PublicKey, error) {
+	block, _ := pem.Decode([]byte(pubPEM))
+	if block == nil {
+		return nil, errors.New("failed to parse PEM block containing the key")
+	}
+
+	pub, err := x509.ParsePKCS1PublicKey(block.Bytes)
+	if err != nil {
+		return nil, err
+	}
+
+	return pub, nil
+}
+
+// AsRSAStr returns private, public key string or error
+func AsRSAStr(privateKey *rsa.PrivateKey, publickKey *rsa.PublicKey) (string, string, error) {
+	// Export the keys to pem string
+	privPem := ExportRsaPrivateKeyAsPemStr(privateKey)
+	pubPem := ExportRsaPublicKeyAsPemStr(publickKey)
+
+	// Import the keys from pem string
+	privParsed, err := ParseRsaPrivateKeyFromPemStr(privPem)
+	if err != nil {
+		return "", "", err
+	}
+	pubParsed, err := ParseRsaPublicKeyFromPemStr(pubPem)
+	if err != nil {
+		return "", "", err
+	}
+
+	// Export the newly imported keys
+	privParsedPem := ExportRsaPrivateKeyAsPemStr(privParsed)
+	pubParsedPem := ExportRsaPublicKeyAsPemStr(pubParsed)
+
+	return privParsedPem, pubParsedPem, nil
+}

server/db/db.go

@@ -1,11 +1,12 @@
 package db
 
 import (
-	"log"
+	log "github.com/sirupsen/logrus"
 
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db/providers"
 	"github.com/authorizerdev/authorizer/server/db/providers/arangodb"
+	"github.com/authorizerdev/authorizer/server/db/providers/cassandradb"
 	"github.com/authorizerdev/authorizer/server/db/providers/mongodb"
 	"github.com/authorizerdev/authorizer/server/db/providers/sql"
 	"github.com/authorizerdev/authorizer/server/envstore"
@@ -14,31 +15,49 @@ import (
 // Provider returns the current database provider
 var Provider providers.Provider
 
-func InitDB() {
+func InitDB() error {
 	var err error
 
-	isSQL := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) != constants.DbTypeArangodb && envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) != constants.DbTypeMongodb
-	isArangoDB := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) == constants.DbTypeArangodb
-	isMongoDB := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) == constants.DbTypeMongodb
+	isSQL := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) != constants.DbTypeArangodb && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) != constants.DbTypeMongodb && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) != constants.DbTypeCassandraDB
+	isArangoDB := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) == constants.DbTypeArangodb
+	isMongoDB := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) == constants.DbTypeMongodb
+	isCassandra := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) == constants.DbTypeCassandraDB
 
 	if isSQL {
+		log.Info("Initializing SQL Driver for: ", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType))
 		Provider, err = sql.NewProvider()
 		if err != nil {
-			log.Fatal("=> error setting sql provider:", err)
+			log.Fatal("Failed to initialize SQL driver: ", err)
+			return err
 		}
 	}
 
 	if isArangoDB {
+		log.Info("Initializing ArangoDB Driver")
 		Provider, err = arangodb.NewProvider()
 		if err != nil {
-			log.Fatal("=> error setting arangodb provider:", err)
+			log.Fatal("Failed to initialize ArangoDB driver: ", err)
+			return err
 		}
 	}
 
 	if isMongoDB {
+		log.Info("Initializing MongoDB Driver")
 		Provider, err = mongodb.NewProvider()
 		if err != nil {
-			log.Fatal("=> error setting arangodb provider:", err)
+			log.Fatal("Failed to initialize MongoDB driver: ", err)
+			return err
 		}
 	}
+
+	if isCassandra {
+		log.Info("Initializing CassandraDB Driver")
+		Provider, err = cassandradb.NewProvider()
+		if err != nil {
+			log.Fatal("Failed to initialize CassandraDB driver: ", err)
+			return err
+		}
+	}
+
+	return nil
 }

server/db/models/env.go

@@ -1,11 +1,13 @@
 package models
 
+// Note: any change here should be reflected in providers/casandra/provider.go as it does not have model support in collection creation
+
 // Env model for db
 type Env struct {
-	Key       string `json:"_key,omitempty" bson:"_key"` // for arangodb
-	ID        string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id"`
-	EnvData   string `gorm:"type:text" json:"env" bson:"env"`
-	Hash      string `gorm:"type:text" json:"hash" bson:"hash"`
-	UpdatedAt int64  `json:"updated_at" bson:"updated_at"`
-	CreatedAt int64  `json:"created_at" bson:"created_at"`
+	Key       string `json:"_key,omitempty" bson:"_key,omitempty" cql:"_key,omitempty"` // for arangodb
+	ID        string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id" cql:"id"`
+	EnvData   string `gorm:"type:text" json:"env" bson:"env" cql:"env"`
+	Hash      string `gorm:"type:text" json:"hash" bson:"hash" cql:"hash"`
+	UpdatedAt int64  `json:"updated_at" bson:"updated_at" cql:"updated_at"`
+	CreatedAt int64  `json:"created_at" bson:"created_at" cql:"created_at"`
 }

server/db/models/session.go

@@ -1,13 +1,15 @@
 package models
 
+// Note: any change here should be reflected in providers/casandra/provider.go as it does not have model support in collection creation
+
 // Session model for db
 type Session struct {
-	Key       string `json:"_key,omitempty" bson:"_key,omitempty"` // for arangodb
-	ID        string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id"`
-	UserID    string `gorm:"type:char(36),index:" json:"user_id" bson:"user_id"`
-	User      User   `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;" json:"-" bson:"-"`
-	UserAgent string `json:"user_agent" bson:"user_agent"`
-	IP        string `json:"ip" bson:"ip"`
-	CreatedAt int64  `json:"created_at" bson:"created_at"`
-	UpdatedAt int64  `json:"updated_at" bson:"updated_at"`
+	Key       string `json:"_key,omitempty" bson:"_key,omitempty" cql:"_key,omitempty"` // for arangodb
+	ID        string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id" cql:"id"`
+	UserID    string `gorm:"type:char(36),index:" json:"user_id" bson:"user_id" cql:"user_id"`
+	User      User   `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;" json:"-" bson:"-" cql:"-"`
+	UserAgent string `json:"user_agent" bson:"user_agent" cql:"user_agent"`
+	IP        string `json:"ip" bson:"ip" cql:"ip"`
+	CreatedAt int64  `json:"created_at" bson:"created_at" cql:"created_at"`
+	UpdatedAt int64  `json:"updated_at" bson:"updated_at" cql:"updated_at"`
 }

server/db/models/user.go

@@ -6,32 +6,39 @@ import (
 	"github.com/authorizerdev/authorizer/server/graph/model"
 )
 
+// Note: any change here should be reflected in providers/casandra/provider.go as it does not have model support in collection creation
+
 // User model for db
 type User struct {
-	Key string `json:"_key,omitempty" bson:"_key"` // for arangodb
-	ID  string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id"`
+	Key string `json:"_key,omitempty" bson:"_key,omitempty" cql:"_key,omitempty"` // for arangodb
+	ID  string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id" cql:"id"`
 
-	Email                 string  `gorm:"unique" json:"email" bson:"email"`
-	EmailVerifiedAt       *int64  `json:"email_verified_at" bson:"email_verified_at"`
-	Password              *string `gorm:"type:text" json:"password" bson:"password"`
-	SignupMethods         string  `json:"signup_methods" bson:"signup_methods"`
-	GivenName             *string `json:"given_name" bson:"given_name"`
-	FamilyName            *string `json:"family_name" bson:"family_name"`
-	MiddleName            *string `json:"middle_name" bson:"middle_name"`
-	Nickname              *string `json:"nickname" bson:"nickname"`
-	Gender                *string `json:"gender" bson:"gender"`
-	Birthdate             *string `json:"birthdate" bson:"birthdate"`
-	PhoneNumber           *string `gorm:"unique" json:"phone_number" bson:"phone_number"`
-	PhoneNumberVerifiedAt *int64  `json:"phone_number_verified_at" bson:"phone_number_verified_at"`
-	Picture               *string `gorm:"type:text" json:"picture" bson:"picture"`
-	Roles                 string  `json:"roles" bson:"roles"`
-	UpdatedAt             int64   `json:"updated_at" bson:"updated_at"`
-	CreatedAt             int64   `json:"created_at" bson:"created_at"`
+	Email                 string  `gorm:"unique" json:"email" bson:"email" cql:"email"`
+	EmailVerifiedAt       *int64  `json:"email_verified_at" bson:"email_verified_at" cql:"email_verified_at"`
+	Password              *string `gorm:"type:text" json:"password" bson:"password" cql:"password"`
+	SignupMethods         string  `json:"signup_methods" bson:"signup_methods" cql:"signup_methods"`
+	GivenName             *string `json:"given_name" bson:"given_name" cql:"given_name"`
+	FamilyName            *string `json:"family_name" bson:"family_name" cql:"family_name"`
+	MiddleName            *string `json:"middle_name" bson:"middle_name" cql:"middle_name"`
+	Nickname              *string `json:"nickname" bson:"nickname" cql:"nickname"`
+	Gender                *string `json:"gender" bson:"gender" cql:"gender"`
+	Birthdate             *string `json:"birthdate" bson:"birthdate" cql:"birthdate"`
+	PhoneNumber           *string `gorm:"unique" json:"phone_number" bson:"phone_number" cql:"phone_number"`
+	PhoneNumberVerifiedAt *int64  `json:"phone_number_verified_at" bson:"phone_number_verified_at" cql:"phone_number_verified_at"`
+	Picture               *string `gorm:"type:text" json:"picture" bson:"picture" cql:"picture"`
+	Roles                 string  `json:"roles" bson:"roles" cql:"roles"`
+	RevokedTimestamp      *int64  `json:"revoked_timestamp" bson:"revoked_timestamp" cql:"revoked_timestamp"`
+	UpdatedAt             int64   `json:"updated_at" bson:"updated_at" cql:"updated_at"`
+	CreatedAt             int64   `json:"created_at" bson:"created_at" cql:"created_at"`
 }
 
 func (user *User) AsAPIUser() *model.User {
 	isEmailVerified := user.EmailVerifiedAt != nil
 	isPhoneVerified := user.PhoneNumberVerifiedAt != nil
+	email := user.Email
+	createdAt := user.CreatedAt
+	updatedAt := user.UpdatedAt
+	revokedTimestamp := user.RevokedTimestamp
 	return &model.User{
 		ID:                  user.ID,
 		Email:               user.Email,
@@ -41,14 +48,15 @@ func (user *User) AsAPIUser() *model.User {
 		FamilyName:          user.FamilyName,
 		MiddleName:          user.MiddleName,
 		Nickname:            user.Nickname,
-		PreferredUsername:   &user.Email,
+		PreferredUsername:   &email,
 		Gender:              user.Gender,
 		Birthdate:           user.Birthdate,
 		PhoneNumber:         user.PhoneNumber,
 		PhoneNumberVerified: &isPhoneVerified,
 		Picture:             user.Picture,
 		Roles:               strings.Split(user.Roles, ","),
-		CreatedAt:           &user.CreatedAt,
-		UpdatedAt:           &user.UpdatedAt,
+		RevokedTimestamp:    revokedTimestamp,
+		CreatedAt:           &createdAt,
+		UpdatedAt:           &updatedAt,
 	}
 }

server/db/models/verification_requests.go

@@ -2,26 +2,40 @@ package models
 
 import "github.com/authorizerdev/authorizer/server/graph/model"
 
+// Note: any change here should be reflected in providers/casandra/provider.go as it does not have model support in collection creation
+
 // VerificationRequest model for db
 type VerificationRequest struct {
-	Key        string `json:"_key,omitempty" bson:"_key"` // for arangodb
-	ID         string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id"`
-	Token      string `gorm:"type:text" json:"token" bson:"token"`
-	Identifier string `gorm:"uniqueIndex:idx_email_identifier" json:"identifier" bson:"identifier"`
-	ExpiresAt  int64  `json:"expires_at" bson:"expires_at"`
-	CreatedAt  int64  `json:"created_at" bson:"created_at"`
-	UpdatedAt  int64  `json:"updated_at" bson:"updated_at"`
-	Email      string `gorm:"uniqueIndex:idx_email_identifier" json:"email" bson:"email"`
+	Key         string `json:"_key,omitempty" bson:"_key" cql:"_key,omitempty"` // for arangodb
+	ID          string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id" cql:"id"`
+	Token       string `gorm:"type:text" json:"token" bson:"token" cql:"jwt_token"` // token is reserved keyword in cassandra
+	Identifier  string `gorm:"uniqueIndex:idx_email_identifier;type:varchar(64)" json:"identifier" bson:"identifier" cql:"identifier"`
+	ExpiresAt   int64  `json:"expires_at" bson:"expires_at" cql:"expires_at"`
+	Email       string `gorm:"uniqueIndex:idx_email_identifier;type:varchar(256)" json:"email" bson:"email" cql:"email"`
+	Nonce       string `gorm:"type:text" json:"nonce" bson:"nonce" cql:"nonce"`
+	RedirectURI string `gorm:"type:text" json:"redirect_uri" bson:"redirect_uri" cql:"redirect_uri"`
+	CreatedAt   int64  `json:"created_at" bson:"created_at" cql:"created_at"`
+	UpdatedAt   int64  `json:"updated_at" bson:"updated_at" cql:"updated_at"`
 }
 
 func (v *VerificationRequest) AsAPIVerificationRequest() *model.VerificationRequest {
+	token := v.Token
+	createdAt := v.CreatedAt
+	updatedAt := v.UpdatedAt
+	email := v.Email
+	nonce := v.Nonce
+	redirectURI := v.RedirectURI
+	expires := v.ExpiresAt
+	identifier := v.Identifier
 	return &model.VerificationRequest{
-		ID:         v.ID,
-		Token:      &v.Token,
-		Identifier: &v.Identifier,
-		Expires:    &v.ExpiresAt,
-		CreatedAt:  &v.CreatedAt,
-		UpdatedAt:  &v.UpdatedAt,
-		Email:      &v.Email,
+		ID:          v.ID,
+		Token:       &token,
+		Identifier:  &identifier,
+		Expires:     &expires,
+		Email:       &email,
+		Nonce:       &nonce,
+		RedirectURI: &redirectURI,
+		CreatedAt:   &createdAt,
+		UpdatedAt:   &updatedAt,
 	}
 }

server/db/providers/arangodb/env.go

@@ -2,7 +2,6 @@ package arangodb
 
 import (
 	"fmt"
-	"log"
 	"time"
 
 	arangoDriver "github.com/arangodb/go-driver"
@@ -22,7 +21,6 @@ func (p *provider) AddEnv(env models.Env) (models.Env, error) {
 	configCollection, _ := p.db.Collection(nil, models.Collections.Env)
 	meta, err := configCollection.CreateDocument(arangoDriver.WithOverwrite(nil), env)
 	if err != nil {
-		log.Println("error adding config:", err)
 		return env, err
 	}
 	env.Key = meta.Key
@@ -36,7 +34,6 @@ func (p *provider) UpdateEnv(env models.Env) (models.Env, error) {
 	collection, _ := p.db.Collection(nil, models.Collections.Env)
 	meta, err := collection.UpdateDocument(nil, env.Key, env)
 	if err != nil {
-		log.Println("error updating config:", err)
 		return env, err
 	}
 

server/db/providers/arangodb/provider.go

@@ -2,7 +2,6 @@ package arangodb
 
 import (
 	"context"
-	"log"
 
 	"github.com/arangodb/go-driver"
 	arangoDriver "github.com/arangodb/go-driver"
@@ -24,7 +23,7 @@ type provider struct {
 func NewProvider() (*provider, error) {
 	ctx := context.Background()
 	conn, err := http.NewConnection(http.ConnectionConfig{
-		Endpoints: []string{envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)},
+		Endpoints: []string{envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)},
 	})
 	if err != nil {
 		return nil, err
@@ -39,28 +38,25 @@ func NewProvider() (*provider, error) {
 
 	var arangodb driver.Database
 
-	arangodb_exists, err := arangoClient.DatabaseExists(nil, envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName))
+	arangodb_exists, err := arangoClient.DatabaseExists(nil, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName))
 
 	if arangodb_exists {
-		log.Println(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName) + " db exists already")
-		arangodb, err = arangoClient.Database(nil, envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName))
+		arangodb, err = arangoClient.Database(nil, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName))
 		if err != nil {
 			return nil, err
 		}
 	} else {
-		arangodb, err = arangoClient.CreateDatabase(nil, envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName), nil)
+		arangodb, err = arangoClient.CreateDatabase(nil, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName), nil)
 		if err != nil {
 			return nil, err
 		}
 	}
 
 	userCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.User)
-	if userCollectionExists {
-		log.Println(models.Collections.User + " collection exists already")
-	} else {
+	if !userCollectionExists {
 		_, err = arangodb.CreateCollection(ctx, models.Collections.User, nil)
 		if err != nil {
-			log.Println("error creating collection("+models.Collections.User+"):", err)
+			return nil, err
 		}
 	}
 	userCollection, _ := arangodb.Collection(nil, models.Collections.User)
@@ -74,12 +70,10 @@ func NewProvider() (*provider, error) {
 	})
 
 	verificationRequestCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.VerificationRequest)
-	if verificationRequestCollectionExists {
-		log.Println(models.Collections.VerificationRequest + " collection exists already")
-	} else {
+	if !verificationRequestCollectionExists {
 		_, err = arangodb.CreateCollection(ctx, models.Collections.VerificationRequest, nil)
 		if err != nil {
-			log.Println("error creating collection("+models.Collections.VerificationRequest+"):", err)
+			return nil, err
 		}
 	}
 
@@ -93,12 +87,10 @@ func NewProvider() (*provider, error) {
 	})
 
 	sessionCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.Session)
-	if sessionCollectionExists {
-		log.Println(models.Collections.Session + " collection exists already")
-	} else {
+	if !sessionCollectionExists {
 		_, err = arangodb.CreateCollection(ctx, models.Collections.Session, nil)
 		if err != nil {
-			log.Println("error creating collection("+models.Collections.Session+"):", err)
+			return nil, err
 		}
 	}
 
@@ -108,12 +100,10 @@ func NewProvider() (*provider, error) {
 	})
 
 	configCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.Env)
-	if configCollectionExists {
-		log.Println(models.Collections.Env + " collection exists already")
-	} else {
+	if !configCollectionExists {
 		_, err = arangodb.CreateCollection(ctx, models.Collections.Env, nil)
 		if err != nil {
-			log.Println("error creating collection("+models.Collections.Env+"):", err)
+			return nil, err
 		}
 	}
 

server/db/providers/arangodb/session.go

@@ -2,7 +2,6 @@ package arangodb
 
 import (
 	"fmt"
-	"log"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -20,7 +19,6 @@ func (p *provider) AddSession(session models.Session) error {
 	sessionCollection, _ := p.db.Collection(nil, models.Collections.Session)
 	_, err := sessionCollection.CreateDocument(nil, session)
 	if err != nil {
-		log.Println(`error saving session`, err)
 		return err
 	}
 	return nil
@@ -34,7 +32,6 @@ func (p *provider) DeleteSession(userId string) error {
 	}
 	cursor, err := p.db.Query(nil, query, bindVars)
 	if err != nil {
-		log.Println("=> error deleting arangodb session:", err)
 		return err
 	}
 	defer cursor.Close()

server/db/providers/arangodb/user.go

@@ -3,7 +3,6 @@ package arangodb
 import (
 	"context"
 	"fmt"
-	"log"
 	"strings"
 	"time"
 
@@ -23,7 +22,7 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
 	}
 
 	if user.Roles == "" {
-		user.Roles = strings.Join(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
+		user.Roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
 	}
 
 	user.CreatedAt = time.Now().Unix()
@@ -31,7 +30,6 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
 	userCollection, _ := p.db.Collection(nil, models.Collections.User)
 	meta, err := userCollection.CreateDocument(arangoDriver.WithOverwrite(nil), user)
 	if err != nil {
-		log.Println("error adding user:", err)
 		return user, err
 	}
 	user.Key = meta.Key
@@ -46,7 +44,6 @@ func (p *provider) UpdateUser(user models.User) (models.User, error) {
 	collection, _ := p.db.Collection(nil, models.Collections.User)
 	meta, err := collection.UpdateDocument(nil, user.Key, user)
 	if err != nil {
-		log.Println("error updating user:", err)
 		return user, err
 	}
 
@@ -60,7 +57,6 @@ func (p *provider) DeleteUser(user models.User) error {
 	collection, _ := p.db.Collection(nil, models.Collections.User)
 	_, err := collection.RemoveDocument(nil, user.Key)
 	if err != nil {
-		log.Println(`error deleting user:`, err)
 		return err
 	}
 

server/db/providers/arangodb/verification_requests.go

@@ -3,7 +3,6 @@ package arangodb
 import (
 	"context"
 	"fmt"
-	"log"
 	"time"
 
 	"github.com/arangodb/go-driver"
@@ -23,7 +22,6 @@ func (p *provider) AddVerificationRequest(verificationRequest models.Verificatio
 	verificationRequestRequestCollection, _ := p.db.Collection(nil, models.Collections.VerificationRequest)
 	meta, err := verificationRequestRequestCollection.CreateDocument(nil, verificationRequest)
 	if err != nil {
-		log.Println("error saving verificationRequest record:", err)
 		return verificationRequest, err
 	}
 	verificationRequest.Key = meta.Key
@@ -136,7 +134,6 @@ func (p *provider) DeleteVerificationRequest(verificationRequest models.Verifica
 	collection, _ := p.db.Collection(nil, models.Collections.VerificationRequest)
 	_, err := collection.RemoveDocument(nil, verificationRequest.Key)
 	if err != nil {
-		log.Println(`error deleting verification request:`, err)
 		return err
 	}
 	return nil

server/db/providers/cassandradb/env.go

@@ -0,0 +1,52 @@
+package cassandradb
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/gocql/gocql"
+	"github.com/google/uuid"
+)
+
+// AddEnv to save environment information in database
+func (p *provider) AddEnv(env models.Env) (models.Env, error) {
+	if env.ID == "" {
+		env.ID = uuid.New().String()
+	}
+
+	env.CreatedAt = time.Now().Unix()
+	env.UpdatedAt = time.Now().Unix()
+	insertEnvQuery := fmt.Sprintf("INSERT INTO %s (id, env, hash, created_at, updated_at) VALUES ('%s', '%s', '%s', %d, %d)", KeySpace+"."+models.Collections.Env, env.ID, env.EnvData, env.Hash, env.CreatedAt, env.UpdatedAt)
+	err := p.db.Query(insertEnvQuery).Exec()
+	if err != nil {
+		return env, err
+	}
+
+	return env, nil
+}
+
+// UpdateEnv to update environment information in database
+func (p *provider) UpdateEnv(env models.Env) (models.Env, error) {
+	env.UpdatedAt = time.Now().Unix()
+
+	updateEnvQuery := fmt.Sprintf("UPDATE %s SET env = '%s', updated_at = %d WHERE id = '%s'", KeySpace+"."+models.Collections.Env, env.EnvData, env.UpdatedAt, env.ID)
+	err := p.db.Query(updateEnvQuery).Exec()
+	if err != nil {
+		return env, err
+	}
+	return env, nil
+}
+
+// GetEnv to get environment information from database
+func (p *provider) GetEnv() (models.Env, error) {
+	var env models.Env
+
+	query := fmt.Sprintf("SELECT id, env, hash, created_at, updated_at FROM %s LIMIT 1", KeySpace+"."+models.Collections.Env)
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&env.ID, &env.EnvData, &env.Hash, &env.CreatedAt, &env.UpdatedAt)
+	if err != nil {
+		return env, err
+	}
+
+	return env, nil
+}

server/db/providers/cassandradb/provider.go

@@ -0,0 +1,168 @@
+package cassandradb
+
+import (
+	"crypto/tls"
+	"crypto/x509"
+	"fmt"
+	"strings"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/crypto"
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/gocql/gocql"
+	cansandraDriver "github.com/gocql/gocql"
+)
+
+type provider struct {
+	db *cansandraDriver.Session
+}
+
+// KeySpace for the cassandra database
+var KeySpace string
+
+// NewProvider to initialize arangodb connection
+func NewProvider() (*provider, error) {
+	dbURL := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)
+	if dbURL == "" {
+		dbURL = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseHost)
+		if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabasePort) != "" {
+			dbURL = fmt.Sprintf("%s:%s", dbURL, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabasePort))
+		}
+	}
+
+	KeySpace = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName)
+	clusterURL := []string{}
+	if strings.Contains(dbURL, ",") {
+		clusterURL = strings.Split(dbURL, ",")
+	} else {
+		clusterURL = append(clusterURL, dbURL)
+	}
+	cassandraClient := cansandraDriver.NewCluster(clusterURL...)
+	if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseUsername) != "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabasePassword) != "" {
+		cassandraClient.Authenticator = &cansandraDriver.PasswordAuthenticator{
+			Username: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseUsername),
+			Password: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabasePassword),
+		}
+	}
+
+	if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseCert) != "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseCACert) != "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseCertKey) != "" {
+		certString, err := crypto.DecryptB64(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseCert))
+		if err != nil {
+			return nil, err
+		}
+
+		keyString, err := crypto.DecryptB64(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseCertKey))
+		if err != nil {
+			return nil, err
+		}
+
+		caString, err := crypto.DecryptB64(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseCACert))
+		if err != nil {
+			return nil, err
+		}
+
+		cert, err := tls.X509KeyPair([]byte(certString), []byte(keyString))
+		if err != nil {
+			return nil, err
+		}
+
+		caCertPool := x509.NewCertPool()
+		caCertPool.AppendCertsFromPEM([]byte(caString))
+
+		cassandraClient.SslOpts = &cansandraDriver.SslOptions{
+			Config: &tls.Config{
+				Certificates:       []tls.Certificate{cert},
+				RootCAs:            caCertPool,
+				InsecureSkipVerify: true,
+			},
+			EnableHostVerification: false,
+		}
+	}
+
+	cassandraClient.RetryPolicy = &cansandraDriver.SimpleRetryPolicy{
+		NumRetries: 3,
+	}
+	cassandraClient.Consistency = gocql.LocalQuorum
+
+	session, err := cassandraClient.CreateSession()
+	if err != nil {
+		return nil, err
+	}
+
+	// Note for astra keyspaces can only be created from there console
+	// https://docs.datastax.com/en/astra/docs/datastax-astra-faq.html#_i_am_trying_to_create_a_keyspace_in_the_cql_shell_and_i_am_running_into_an_error_how_do_i_fix_this
+	getKeyspaceQuery := fmt.Sprintf("SELECT keyspace_name FROM system_schema.keyspaces;")
+	scanner := session.Query(getKeyspaceQuery).Iter().Scanner()
+	hasAuthorizerKeySpace := false
+	for scanner.Next() {
+		var keySpace string
+		err := scanner.Scan(&keySpace)
+		if err != nil {
+			return nil, err
+		}
+		if keySpace == KeySpace {
+			hasAuthorizerKeySpace = true
+			break
+		}
+	}
+
+	if !hasAuthorizerKeySpace {
+		createKeySpaceQuery := fmt.Sprintf("CREATE KEYSPACE %s WITH REPLICATION = {'class': 'SimpleStrategy', 'replication_factor': 1};", KeySpace)
+		err = session.Query(createKeySpaceQuery).Exec()
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	// make sure collections are present
+	envCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, env text, hash text, updated_at bigint, created_at bigint, PRIMARY KEY (id))",
+		KeySpace, models.Collections.Env)
+	err = session.Query(envCollectionQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
+
+	sessionCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, user_id text, user_agent text, ip text, updated_at bigint, created_at bigint, PRIMARY KEY (id))", KeySpace, models.Collections.Session)
+	err = session.Query(sessionCollectionQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
+
+	userCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, email text, email_verified_at bigint, password text, signup_methods text, given_name text, family_name text, middle_name text, nickname text, gender text, birthdate text, phone_number text, phone_number_verified_at bigint, picture text, roles text, updated_at bigint, created_at bigint, revoked_timestamp bigint, PRIMARY KEY (id))", KeySpace, models.Collections.User)
+	err = session.Query(userCollectionQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
+	userIndexQuery := fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_user_email ON %s.%s (email)", KeySpace, models.Collections.User)
+	err = session.Query(userIndexQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
+
+	// token is reserved keyword in cassandra, hence we need to use jwt_token
+	verificationRequestCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, jwt_token text, identifier text, expires_at bigint, email text, nonce text, redirect_uri text, created_at bigint, updated_at bigint, PRIMARY KEY (id))", KeySpace, models.Collections.VerificationRequest)
+	err = session.Query(verificationRequestCollectionQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
+	verificationRequestIndexQuery := fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_verification_request_email ON %s.%s (email)", KeySpace, models.Collections.VerificationRequest)
+	err = session.Query(verificationRequestIndexQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
+	verificationRequestIndexQuery = fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_verification_request_identifier ON %s.%s (identifier)", KeySpace, models.Collections.VerificationRequest)
+	err = session.Query(verificationRequestIndexQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
+	verificationRequestIndexQuery = fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_verification_request_jwt_token ON %s.%s (jwt_token)", KeySpace, models.Collections.VerificationRequest)
+	err = session.Query(verificationRequestIndexQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
+
+	return &provider{
+		db: session,
+	}, err
+}

server/db/providers/cassandradb/session.go

@@ -0,0 +1,36 @@
+package cassandradb
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/google/uuid"
+)
+
+// AddSession to save session information in database
+func (p *provider) AddSession(session models.Session) error {
+	if session.ID == "" {
+		session.ID = uuid.New().String()
+	}
+
+	session.CreatedAt = time.Now().Unix()
+	session.UpdatedAt = time.Now().Unix()
+
+	insertSessionQuery := fmt.Sprintf("INSERT INTO %s (id, user_id, user_agent, ip, created_at, updated_at) VALUES ('%s', '%s', '%s', '%s', %d, %d)", KeySpace+"."+models.Collections.Session, session.ID, session.UserID, session.UserAgent, session.IP, session.CreatedAt, session.UpdatedAt)
+	err := p.db.Query(insertSessionQuery).Exec()
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+// DeleteSession to delete session information from database
+func (p *provider) DeleteSession(userId string) error {
+	deleteSessionQuery := fmt.Sprintf("DELETE FROM %s WHERE user_id = '%s'", KeySpace+"."+models.Collections.Session, userId)
+	err := p.db.Query(deleteSessionQuery).Exec()
+	if err != nil {
+		return err
+	}
+	return nil
+}

server/db/providers/cassandradb/user.go

@@ -0,0 +1,189 @@
+package cassandradb
+
+import (
+	"encoding/json"
+	"fmt"
+	"reflect"
+	"strings"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/gocql/gocql"
+	"github.com/google/uuid"
+)
+
+// AddUser to save user information in database
+func (p *provider) AddUser(user models.User) (models.User, error) {
+	if user.ID == "" {
+		user.ID = uuid.New().String()
+	}
+
+	if user.Roles == "" {
+		user.Roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
+	}
+
+	user.CreatedAt = time.Now().Unix()
+	user.UpdatedAt = time.Now().Unix()
+
+	bytes, err := json.Marshal(user)
+	if err != nil {
+		return user, err
+	}
+
+	// use decoder instead of json.Unmarshall, because it converts int64 -> float64 after unmarshalling
+	decoder := json.NewDecoder(strings.NewReader(string(bytes)))
+	decoder.UseNumber()
+	userMap := map[string]interface{}{}
+	err = decoder.Decode(&userMap)
+	if err != nil {
+		return user, err
+	}
+
+	fields := "("
+	values := "("
+	for key, value := range userMap {
+		if value != nil {
+			if key == "_id" {
+				fields += "id,"
+			} else {
+				fields += key + ","
+			}
+
+			valueType := reflect.TypeOf(value)
+			if valueType.Name() == "string" {
+				values += fmt.Sprintf("'%s',", value.(string))
+			} else {
+				values += fmt.Sprintf("%v,", value)
+			}
+		}
+	}
+
+	fields = fields[:len(fields)-1] + ")"
+	values = values[:len(values)-1] + ")"
+
+	query := fmt.Sprintf("INSERT INTO %s %s VALUES %s IF NOT EXISTS", KeySpace+"."+models.Collections.User, fields, values)
+
+	err = p.db.Query(query).Exec()
+	if err != nil {
+		return user, err
+	}
+
+	return user, nil
+}
+
+// UpdateUser to update user information in database
+func (p *provider) UpdateUser(user models.User) (models.User, error) {
+	user.UpdatedAt = time.Now().Unix()
+
+	bytes, err := json.Marshal(user)
+	if err != nil {
+		return user, err
+	}
+	// use decoder instead of json.Unmarshall, because it converts int64 -> float64 after unmarshalling
+	decoder := json.NewDecoder(strings.NewReader(string(bytes)))
+	decoder.UseNumber()
+	userMap := map[string]interface{}{}
+	err = decoder.Decode(&userMap)
+	if err != nil {
+		return user, err
+	}
+
+	updateFields := ""
+	for key, value := range userMap {
+		if value != nil && key != "_id" {
+		}
+
+		if key == "_id" {
+			continue
+		}
+
+		if value == nil {
+			updateFields += fmt.Sprintf("%s = null,", key)
+			continue
+		}
+
+		valueType := reflect.TypeOf(value)
+		if valueType.Name() == "string" {
+			updateFields += fmt.Sprintf("%s = '%s', ", key, value.(string))
+		} else {
+			updateFields += fmt.Sprintf("%s = %v, ", key, value)
+		}
+	}
+	updateFields = strings.Trim(updateFields, " ")
+	updateFields = strings.TrimSuffix(updateFields, ",")
+
+	query := fmt.Sprintf("UPDATE %s SET %s WHERE id = '%s'", KeySpace+"."+models.Collections.User, updateFields, user.ID)
+
+	err = p.db.Query(query).Exec()
+	if err != nil {
+		return user, err
+	}
+
+	return user, nil
+}
+
+// DeleteUser to delete user information from database
+func (p *provider) DeleteUser(user models.User) error {
+	query := fmt.Sprintf("DELETE FROM %s WHERE id = '%s'", KeySpace+"."+models.Collections.User, user.ID)
+	err := p.db.Query(query).Exec()
+	return err
+}
+
+// ListUsers to get list of users from database
+func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error) {
+	responseUsers := []*model.User{}
+	paginationClone := pagination
+	totalCountQuery := fmt.Sprintf(`SELECT COUNT(*) FROM %s`, KeySpace+"."+models.Collections.User)
+	err := p.db.Query(totalCountQuery).Consistency(gocql.One).Scan(&paginationClone.Total)
+	if err != nil {
+		return nil, err
+	}
+
+	// there is no offset in cassandra
+	// so we fetch till limit + offset
+	// and return the results from offset to limit
+	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, created_at, updated_at FROM %s LIMIT %d", KeySpace+"."+models.Collections.User, pagination.Limit+pagination.Offset)
+
+	scanner := p.db.Query(query).Iter().Scanner()
+	counter := int64(0)
+	for scanner.Next() {
+		if counter >= pagination.Offset {
+			var user models.User
+			err := scanner.Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.CreatedAt, &user.UpdatedAt)
+			if err != nil {
+				return nil, err
+			}
+			responseUsers = append(responseUsers, user.AsAPIUser())
+		}
+		counter++
+	}
+	return &model.Users{
+		Users:      responseUsers,
+		Pagination: &paginationClone,
+	}, nil
+}
+
+// GetUserByEmail to get user information from database using email address
+func (p *provider) GetUserByEmail(email string) (models.User, error) {
+	var user models.User
+	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, created_at, updated_at FROM %s WHERE email = '%s' LIMIT 1", KeySpace+"."+models.Collections.User, email)
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.CreatedAt, &user.UpdatedAt)
+	if err != nil {
+		return user, err
+	}
+	return user, nil
+}
+
+// GetUserByID to get user information from database using user ID
+func (p *provider) GetUserByID(id string) (models.User, error) {
+	var user models.User
+	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, created_at, updated_at FROM %s WHERE id = '%s' LIMIT 1", KeySpace+"."+models.Collections.User, id)
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.CreatedAt, &user.UpdatedAt)
+	if err != nil {
+		return user, err
+	}
+	return user, nil
+}

server/db/providers/cassandradb/verification_requests.go

@@ -0,0 +1,99 @@
+package cassandradb
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/gocql/gocql"
+	"github.com/google/uuid"
+)
+
+// AddVerification to save verification request in database
+func (p *provider) AddVerificationRequest(verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
+	if verificationRequest.ID == "" {
+		verificationRequest.ID = uuid.New().String()
+	}
+
+	verificationRequest.CreatedAt = time.Now().Unix()
+	verificationRequest.UpdatedAt = time.Now().Unix()
+
+	query := fmt.Sprintf("INSERT INTO %s (id, jwt_token, identifier, expires_at, email, nonce, redirect_uri, created_at, updated_at) VALUES ('%s', '%s', '%s', %d, '%s', '%s', '%s', %d, %d)", KeySpace+"."+models.Collections.VerificationRequest, verificationRequest.ID, verificationRequest.Token, verificationRequest.Identifier, verificationRequest.ExpiresAt, verificationRequest.Email, verificationRequest.Nonce, verificationRequest.RedirectURI, verificationRequest.CreatedAt, verificationRequest.UpdatedAt)
+	err := p.db.Query(query).Exec()
+	if err != nil {
+		return verificationRequest, err
+	}
+	return verificationRequest, nil
+}
+
+// GetVerificationRequestByToken to get verification request from database using token
+func (p *provider) GetVerificationRequestByToken(token string) (models.VerificationRequest, error) {
+	var verificationRequest models.VerificationRequest
+	query := fmt.Sprintf(`SELECT id, jwt_token, identifier, expires_at, email, nonce, redirect_uri, created_at, updated_at FROM %s WHERE jwt_token = '%s' LIMIT 1`, KeySpace+"."+models.Collections.VerificationRequest, token)
+
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&verificationRequest.ID, &verificationRequest.Token, &verificationRequest.Identifier, &verificationRequest.ExpiresAt, &verificationRequest.Email, &verificationRequest.Nonce, &verificationRequest.RedirectURI, &verificationRequest.CreatedAt, &verificationRequest.UpdatedAt)
+	if err != nil {
+		return verificationRequest, err
+	}
+	return verificationRequest, nil
+}
+
+// GetVerificationRequestByEmail to get verification request by email from database
+func (p *provider) GetVerificationRequestByEmail(email string, identifier string) (models.VerificationRequest, error) {
+	var verificationRequest models.VerificationRequest
+	query := fmt.Sprintf(`SELECT id, jwt_token, identifier, expires_at, email, nonce, redirect_uri, created_at, updated_at FROM %s WHERE email = '%s' AND identifier = '%s' LIMIT 1 ALLOW FILTERING`, KeySpace+"."+models.Collections.VerificationRequest, email, identifier)
+
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&verificationRequest.ID, &verificationRequest.Token, &verificationRequest.Identifier, &verificationRequest.ExpiresAt, &verificationRequest.Email, &verificationRequest.Nonce, &verificationRequest.RedirectURI, &verificationRequest.CreatedAt, &verificationRequest.UpdatedAt)
+	if err != nil {
+		return verificationRequest, err
+	}
+
+	return verificationRequest, nil
+}
+
+// ListVerificationRequests to get list of verification requests from database
+func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model.VerificationRequests, error) {
+	var verificationRequests []*model.VerificationRequest
+
+	paginationClone := pagination
+	totalCountQuery := fmt.Sprintf(`SELECT COUNT(*) FROM %s`, KeySpace+"."+models.Collections.VerificationRequest)
+	err := p.db.Query(totalCountQuery).Consistency(gocql.One).Scan(&paginationClone.Total)
+	if err != nil {
+		return nil, err
+	}
+
+	// there is no offset in cassandra
+	// so we fetch till limit + offset
+	// and return the results from offset to limit
+	query := fmt.Sprintf(`SELECT id, jwt_token, identifier, expires_at, email, nonce, redirect_uri, created_at, updated_at FROM %s LIMIT %d`, KeySpace+"."+models.Collections.VerificationRequest, pagination.Limit+pagination.Offset)
+
+	scanner := p.db.Query(query).Iter().Scanner()
+	counter := int64(0)
+	for scanner.Next() {
+		if counter >= pagination.Offset {
+			var verificationRequest models.VerificationRequest
+			err := scanner.Scan(&verificationRequest.ID, &verificationRequest.Token, &verificationRequest.Identifier, &verificationRequest.ExpiresAt, &verificationRequest.Email, &verificationRequest.Nonce, &verificationRequest.RedirectURI, &verificationRequest.CreatedAt, &verificationRequest.UpdatedAt)
+			if err != nil {
+				return nil, err
+			}
+			verificationRequests = append(verificationRequests, verificationRequest.AsAPIVerificationRequest())
+		}
+		counter++
+	}
+
+	return &model.VerificationRequests{
+		VerificationRequests: verificationRequests,
+		Pagination:           &paginationClone,
+	}, nil
+}
+
+// DeleteVerificationRequest to delete verification request from database
+func (p *provider) DeleteVerificationRequest(verificationRequest models.VerificationRequest) error {
+	query := fmt.Sprintf("DELETE FROM %s WHERE id = '%s'", KeySpace+"."+models.Collections.VerificationRequest, verificationRequest.ID)
+	err := p.db.Query(query).Exec()
+	if err != nil {
+		return err
+	}
+	return nil
+}

server/db/providers/mongodb/env.go

@@ -2,7 +2,6 @@ package mongodb
 
 import (
 	"fmt"
-	"log"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -23,7 +22,6 @@ func (p *provider) AddEnv(env models.Env) (models.Env, error) {
 	configCollection := p.db.Collection(models.Collections.Env, options.Collection())
 	_, err := configCollection.InsertOne(nil, env)
 	if err != nil {
-		log.Println("error adding config:", err)
 		return env, err
 	}
 	return env, nil
@@ -35,7 +33,6 @@ func (p *provider) UpdateEnv(env models.Env) (models.Env, error) {
 	configCollection := p.db.Collection(models.Collections.Env, options.Collection())
 	_, err := configCollection.UpdateOne(nil, bson.M{"_id": bson.M{"$eq": env.ID}}, bson.M{"$set": env}, options.MergeUpdateOptions())
 	if err != nil {
-		log.Println("error updating config:", err)
 		return env, err
 	}
 	return env, nil

server/db/providers/mongodb/provider.go

@@ -19,7 +19,7 @@ type provider struct {
 
 // NewProvider to initialize mongodb connection
 func NewProvider() (*provider, error) {
-	mongodbOptions := options.Client().ApplyURI(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL))
+	mongodbOptions := options.Client().ApplyURI(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL))
 	maxWait := time.Duration(5 * time.Second)
 	mongodbOptions.ConnectTimeout = &maxWait
 	mongoClient, err := mongo.NewClient(mongodbOptions)
@@ -37,7 +37,7 @@ func NewProvider() (*provider, error) {
 		return nil, err
 	}
 
-	mongodb := mongoClient.Database(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName), options.Database())
+	mongodb := mongoClient.Database(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName), options.Database())
 
 	mongodb.CreateCollection(ctx, models.Collections.User, options.CreateCollection())
 	userCollection := mongodb.Collection(models.Collections.User, options.Collection())

server/db/providers/mongodb/session.go

@@ -1,7 +1,6 @@
 package mongodb
 
 import (
-	"log"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -22,7 +21,6 @@ func (p *provider) AddSession(session models.Session) error {
 	sessionCollection := p.db.Collection(models.Collections.Session, options.Collection())
 	_, err := sessionCollection.InsertOne(nil, session)
 	if err != nil {
-		log.Println(`error saving session`, err)
 		return err
 	}
 	return nil
@@ -33,7 +31,6 @@ func (p *provider) DeleteSession(userId string) error {
 	sessionCollection := p.db.Collection(models.Collections.Session, options.Collection())
 	_, err := sessionCollection.DeleteMany(nil, bson.M{"user_id": userId}, options.Delete())
 	if err != nil {
-		log.Println("error deleting session:", err)
 		return err
 	}
 	return nil

server/db/providers/mongodb/user.go

@@ -1,7 +1,6 @@
 package mongodb
 
 import (
-	"log"
 	"strings"
 	"time"
 
@@ -21,7 +20,7 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
 	}
 
 	if user.Roles == "" {
-		user.Roles = strings.Join(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
+		user.Roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
 	}
 	user.CreatedAt = time.Now().Unix()
 	user.UpdatedAt = time.Now().Unix()
@@ -29,7 +28,6 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
 	_, err := userCollection.InsertOne(nil, user)
 	if err != nil {
-		log.Println("error adding user:", err)
 		return user, err
 	}
 
@@ -42,7 +40,6 @@ func (p *provider) UpdateUser(user models.User) (models.User, error) {
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
 	_, err := userCollection.UpdateOne(nil, bson.M{"_id": bson.M{"$eq": user.ID}}, bson.M{"$set": user}, options.MergeUpdateOptions())
 	if err != nil {
-		log.Println("error updating user:", err)
 		return user, err
 	}
 	return user, nil
@@ -53,7 +50,6 @@ func (p *provider) DeleteUser(user models.User) error {
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
 	_, err := userCollection.DeleteOne(nil, bson.M{"_id": user.ID}, options.Delete())
 	if err != nil {
-		log.Println("error deleting user:", err)
 		return err
 	}
 
@@ -74,7 +70,6 @@ func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error)
 	userCollection := p.db.Collection(models.Collections.User, options.Collection())
 	count, err := userCollection.CountDocuments(nil, bson.M{}, options.Count())
 	if err != nil {
-		log.Println("error getting total users:", err)
 		return nil, err
 	}
 
@@ -82,7 +77,6 @@ func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error)
 
 	cursor, err := userCollection.Find(nil, bson.M{}, opts)
 	if err != nil {
-		log.Println("error getting users:", err)
 		return nil, err
 	}
 	defer cursor.Close(nil)

server/db/providers/mongodb/verification_requests.go

@@ -1,7 +1,6 @@
 package mongodb
 
 import (
-	"log"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -22,7 +21,6 @@ func (p *provider) AddVerificationRequest(verificationRequest models.Verificatio
 		verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection())
 		_, err := verificationRequestCollection.InsertOne(nil, verificationRequest)
 		if err != nil {
-			log.Println("error saving verification record:", err)
 			return verificationRequest, err
 		}
 	}
@@ -73,7 +71,6 @@ func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model
 
 	cursor, err := verificationRequestCollection.Find(nil, bson.M{}, opts)
 	if err != nil {
-		log.Println("error getting verification requests:", err)
 		return nil, err
 	}
 	defer cursor.Close(nil)
@@ -98,7 +95,6 @@ func (p *provider) DeleteVerificationRequest(verificationRequest models.Verifica
 	verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection())
 	_, err := verificationRequestCollection.DeleteOne(nil, bson.M{"_id": verificationRequest.ID}, options.Delete())
 	if err != nil {
-		log.Println("error deleting verification request::", err)
 		return err
 	}
 

server/db/providers/provider_template/env.go

@@ -0,0 +1,32 @@
+package provider_template
+
+import (
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/google/uuid"
+)
+
+// AddEnv to save environment information in database
+func (p *provider) AddEnv(env models.Env) (models.Env, error) {
+	if env.ID == "" {
+		env.ID = uuid.New().String()
+	}
+
+	env.CreatedAt = time.Now().Unix()
+	env.UpdatedAt = time.Now().Unix()
+	return env, nil
+}
+
+// UpdateEnv to update environment information in database
+func (p *provider) UpdateEnv(env models.Env) (models.Env, error) {
+	env.UpdatedAt = time.Now().Unix()
+	return env, nil
+}
+
+// GetEnv to get environment information from database
+func (p *provider) GetEnv() (models.Env, error) {
+	var env models.Env
+
+	return env, nil
+}

server/db/providers/provider_template/provider.go

@@ -0,0 +1,20 @@
+package provider_template
+
+import (
+	"gorm.io/gorm"
+)
+
+// TODO change following provider to new db provider
+type provider struct {
+	db *gorm.DB
+}
+
+// NewProvider returns a new SQL provider
+// TODO change following provider to new db provider
+func NewProvider() (*provider, error) {
+	var sqlDB *gorm.DB
+
+	return &provider{
+		db: sqlDB,
+	}, nil
+}

server/db/providers/provider_template/session.go

@@ -0,0 +1,24 @@
+package provider_template
+
+import (
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/google/uuid"
+)
+
+// AddSession to save session information in database
+func (p *provider) AddSession(session models.Session) error {
+	if session.ID == "" {
+		session.ID = uuid.New().String()
+	}
+
+	session.CreatedAt = time.Now().Unix()
+	session.UpdatedAt = time.Now().Unix()
+	return nil
+}
+
+// DeleteSession to delete session information from database
+func (p *provider) DeleteSession(userId string) error {
+	return nil
+}

server/db/providers/provider_template/user.go

@@ -0,0 +1,58 @@
+package provider_template
+
+import (
+	"strings"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/google/uuid"
+)
+
+// AddUser to save user information in database
+func (p *provider) AddUser(user models.User) (models.User, error) {
+	if user.ID == "" {
+		user.ID = uuid.New().String()
+	}
+
+	if user.Roles == "" {
+		user.Roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
+	}
+
+	user.CreatedAt = time.Now().Unix()
+	user.UpdatedAt = time.Now().Unix()
+
+	return user, nil
+}
+
+// UpdateUser to update user information in database
+func (p *provider) UpdateUser(user models.User) (models.User, error) {
+	user.UpdatedAt = time.Now().Unix()
+	return user, nil
+}
+
+// DeleteUser to delete user information from database
+func (p *provider) DeleteUser(user models.User) error {
+	return nil
+}
+
+// ListUsers to get list of users from database
+func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error) {
+	return nil, nil
+}
+
+// GetUserByEmail to get user information from database using email address
+func (p *provider) GetUserByEmail(email string) (models.User, error) {
+	var user models.User
+
+	return user, nil
+}
+
+// GetUserByID to get user information from database using user ID
+func (p *provider) GetUserByID(id string) (models.User, error) {
+	var user models.User
+
+	return user, nil
+}

server/db/providers/provider_template/verification_requests.go

@@ -0,0 +1,45 @@
+package provider_template
+
+import (
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/google/uuid"
+)
+
+// AddVerification to save verification request in database
+func (p *provider) AddVerificationRequest(verificationRequest models.VerificationRequest) (models.VerificationRequest, error) {
+	if verificationRequest.ID == "" {
+		verificationRequest.ID = uuid.New().String()
+	}
+
+	verificationRequest.CreatedAt = time.Now().Unix()
+	verificationRequest.UpdatedAt = time.Now().Unix()
+
+	return verificationRequest, nil
+}
+
+// GetVerificationRequestByToken to get verification request from database using token
+func (p *provider) GetVerificationRequestByToken(token string) (models.VerificationRequest, error) {
+	var verificationRequest models.VerificationRequest
+
+	return verificationRequest, nil
+}
+
+// GetVerificationRequestByEmail to get verification request by email from database
+func (p *provider) GetVerificationRequestByEmail(email string, identifier string) (models.VerificationRequest, error) {
+	var verificationRequest models.VerificationRequest
+
+	return verificationRequest, nil
+}
+
+// ListVerificationRequests to get list of verification requests from database
+func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model.VerificationRequests, error) {
+	return nil, nil
+}
+
+// DeleteVerificationRequest to delete verification request from database
+func (p *provider) DeleteVerificationRequest(verificationRequest models.VerificationRequest) error {
+	return nil
+}

server/db/providers/sql/env.go

@@ -1,7 +1,6 @@
 package sql
 
 import (
-	"log"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -20,7 +19,6 @@ func (p *provider) AddEnv(env models.Env) (models.Env, error) {
 
 	result := p.db.Create(&env)
 	if result.Error != nil {
-		log.Println("error adding config:", result.Error)
 		return env, result.Error
 	}
 	return env, nil
@@ -32,7 +30,6 @@ func (p *provider) UpdateEnv(env models.Env) (models.Env, error) {
 	result := p.db.Save(&env)
 
 	if result.Error != nil {
-		log.Println("error updating config:", result.Error)
 		return env, result.Error
 	}
 	return env, nil

server/db/providers/sql/provider.go

@@ -0,0 +1,66 @@
+package sql
+
+import (
+	"log"
+	"os"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"gorm.io/driver/mysql"
+	"gorm.io/driver/postgres"
+	"gorm.io/driver/sqlite"
+	"gorm.io/driver/sqlserver"
+	"gorm.io/gorm"
+	"gorm.io/gorm/logger"
+	"gorm.io/gorm/schema"
+)
+
+type provider struct {
+	db *gorm.DB
+}
+
+// NewProvider returns a new SQL provider
+func NewProvider() (*provider, error) {
+	var sqlDB *gorm.DB
+	var err error
+	customLogger := logger.New(
+		log.New(os.Stdout, "\r\n", log.LstdFlags), // io writer
+		logger.Config{
+			SlowThreshold:             time.Second,   // Slow SQL threshold
+			LogLevel:                  logger.Silent, // Log level
+			IgnoreRecordNotFoundError: true,          // Ignore ErrRecordNotFound error for logger
+			Colorful:                  false,         // Disable color
+		},
+	)
+
+	ormConfig := &gorm.Config{
+		Logger: customLogger,
+		NamingStrategy: schema.NamingStrategy{
+			TablePrefix: models.Prefix,
+		},
+	}
+	switch envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) {
+	case constants.DbTypePostgres, constants.DbTypeYugabyte:
+		sqlDB, err = gorm.Open(postgres.Open(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
+	case constants.DbTypeSqlite:
+		sqlDB, err = gorm.Open(sqlite.Open(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
+	case constants.DbTypeMysql, constants.DbTypeMariaDB:
+		sqlDB, err = gorm.Open(mysql.Open(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
+	case constants.DbTypeSqlserver:
+		sqlDB, err = gorm.Open(sqlserver.Open(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
+	}
+
+	if err != nil {
+		return nil, err
+	}
+
+	err = sqlDB.AutoMigrate(&models.User{}, &models.VerificationRequest{}, &models.Session{}, &models.Env{})
+	if err != nil {
+		return nil, err
+	}
+	return &provider{
+		db: sqlDB,
+	}, nil
+}

server/db/providers/sql/session.go

@@ -1,7 +1,6 @@
 package sql
 
 import (
-	"log"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -23,7 +22,6 @@ func (p *provider) AddSession(session models.Session) error {
 			DoNothing: true,
 		}).Create(&session)
 	if res.Error != nil {
-		log.Println(`error saving session`, res.Error)
 		return res.Error
 	}
 	return nil
@@ -34,7 +32,6 @@ func (p *provider) DeleteSession(userId string) error {
 	result := p.db.Where("user_id = ?", userId).Delete(&models.Session{})
 
 	if result.Error != nil {
-		log.Println(`error deleting session:`, result.Error)
 		return result.Error
 	}
 	return nil

server/db/providers/sql/sql.go

@@ -1,53 +0,0 @@
-package sql
-
-import (
-	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/db/models"
-	"github.com/authorizerdev/authorizer/server/envstore"
-	"gorm.io/driver/mysql"
-	"gorm.io/driver/postgres"
-	"gorm.io/driver/sqlite"
-	"gorm.io/driver/sqlserver"
-	"gorm.io/gorm"
-	"gorm.io/gorm/schema"
-)
-
-type provider struct {
-	db *gorm.DB
-}
-
-// NewProvider returns a new SQL provider
-func NewProvider() (*provider, error) {
-	var sqlDB *gorm.DB
-	var err error
-
-	ormConfig := &gorm.Config{
-		NamingStrategy: schema.NamingStrategy{
-			TablePrefix: models.Prefix,
-		},
-	}
-
-	switch envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) {
-	case constants.DbTypePostgres:
-		sqlDB, err = gorm.Open(postgres.Open(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
-		break
-	case constants.DbTypeSqlite:
-		sqlDB, err = gorm.Open(sqlite.Open(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
-		break
-	case constants.DbTypeMysql:
-		sqlDB, err = gorm.Open(mysql.Open(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
-		break
-	case constants.DbTypeSqlserver:
-		sqlDB, err = gorm.Open(sqlserver.Open(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
-		break
-	}
-
-	if err != nil {
-		return nil, err
-	}
-
-	sqlDB.AutoMigrate(&models.User{}, &models.VerificationRequest{}, &models.Session{}, &models.Env{})
-	return &provider{
-		db: sqlDB,
-	}, nil
-}

server/db/providers/sql/user.go

@@ -1,7 +1,6 @@
 package sql
 
 import (
-	"log"
 	"strings"
 	"time"
 
@@ -20,7 +19,7 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
 	}
 
 	if user.Roles == "" {
-		user.Roles = strings.Join(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
+		user.Roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
 	}
 
 	user.CreatedAt = time.Now().Unix()
@@ -33,7 +32,6 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
 		}).Create(&user)
 
 	if result.Error != nil {
-		log.Println("error adding user:", result.Error)
 		return user, result.Error
 	}
 
@@ -47,7 +45,6 @@ func (p *provider) UpdateUser(user models.User) (models.User, error) {
 	result := p.db.Save(&user)
 
 	if result.Error != nil {
-		log.Println("error updating user:", result.Error)
 		return user, result.Error
 	}
 
@@ -59,7 +56,6 @@ func (p *provider) DeleteUser(user models.User) error {
 	result := p.db.Delete(&user)
 
 	if result.Error != nil {
-		log.Println(`error deleting user:`, result.Error)
 		return result.Error
 	}
 
@@ -71,7 +67,6 @@ func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error)
 	var users []models.User
 	result := p.db.Limit(int(pagination.Limit)).Offset(int(pagination.Offset)).Order("created_at DESC").Find(&users)
 	if result.Error != nil {
-		log.Println("error getting users:", result.Error)
 		return nil, result.Error
 	}
 

server/db/providers/sql/verification_requests.go

@@ -1,7 +1,6 @@
 package sql
 
 import (
-	"log"
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/db/models"
@@ -21,11 +20,10 @@ func (p *provider) AddVerificationRequest(verificationRequest models.Verificatio
 	verificationRequest.UpdatedAt = time.Now().Unix()
 	result := p.db.Clauses(clause.OnConflict{
 		Columns:   []clause.Column{{Name: "email"}, {Name: "identifier"}},
-		DoUpdates: clause.AssignmentColumns([]string{"token", "expires_at"}),
+		DoUpdates: clause.AssignmentColumns([]string{"token", "expires_at", "nonce", "redirect_uri"}),
 	}).Create(&verificationRequest)
 
 	if result.Error != nil {
-		log.Println(`error saving verification request record`, result.Error)
 		return verificationRequest, result.Error
 	}
 
@@ -38,7 +36,6 @@ func (p *provider) GetVerificationRequestByToken(token string) (models.Verificat
 	result := p.db.Where("token = ?", token).First(&verificationRequest)
 
 	if result.Error != nil {
-		log.Println(`error getting verification request:`, result.Error)
 		return verificationRequest, result.Error
 	}
 
@@ -52,7 +49,6 @@ func (p *provider) GetVerificationRequestByEmail(email string, identifier string
 	result := p.db.Where("email = ? AND identifier = ?", email, identifier).First(&verificationRequest)
 
 	if result.Error != nil {
-		log.Println(`error getting verification token:`, result.Error)
 		return verificationRequest, result.Error
 	}
 
@@ -65,7 +61,6 @@ func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model
 
 	result := p.db.Limit(int(pagination.Limit)).Offset(int(pagination.Offset)).Order("created_at DESC").Find(&verificationRequests)
 	if result.Error != nil {
-		log.Println("error getting verification requests:", result.Error)
 		return nil, result.Error
 	}
 
@@ -94,7 +89,6 @@ func (p *provider) DeleteVerificationRequest(verificationRequest models.Verifica
 	result := p.db.Delete(&verificationRequest)
 
 	if result.Error != nil {
-		log.Println(`error deleting verification request:`, result.Error)
 		return result.Error
 	}
 

server/email/email.go

@@ -4,13 +4,14 @@ import (
 	"bytes"
 	"crypto/tls"
 	"encoding/json"
-	"log"
 	"strconv"
 	"text/template"
 
+	log "github.com/sirupsen/logrus"
+	gomail "gopkg.in/mail.v2"
+
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/envstore"
-	gomail "gopkg.in/mail.v2"
 )
 
 // addEmailTemplate is used to add html template in email body
@@ -31,18 +32,22 @@ func addEmailTemplate(a string, b map[string]interface{}, templateName string) s
 
 // SendMail function to send mail
 func SendMail(to []string, Subject, bodyMessage string) error {
+	// dont trigger email sending in case of test
+	if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEnv) == "test" {
+		return nil
+	}
 	m := gomail.NewMessage()
-	m.SetHeader("From", envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeySenderEmail))
+	m.SetHeader("From", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySenderEmail))
 	m.SetHeader("To", to...)
 	m.SetHeader("Subject", Subject)
 	m.SetBody("text/html", bodyMessage)
-	port, _ := strconv.Atoi(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpPort))
-	d := gomail.NewDialer(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpHost), port, envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpUsername), envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpPassword))
-	if envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEnv) == "development" {
+	port, _ := strconv.Atoi(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpPort))
+	d := gomail.NewDialer(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpHost), port, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpUsername), envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpPassword))
+	if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEnv) == "development" {
 		d.TLSConfig = &tls.Config{InsecureSkipVerify: true}
 	}
 	if err := d.DialAndSend(m); err != nil {
-		log.Printf("smtp error: %s", err)
+		log.Debug("SMTP Failed: ", err)
 		return err
 	}
 	return nil

server/email/forgot_password_email.go

@@ -7,9 +7,9 @@ import (
 
 // SendForgotPasswordMail to send forgot password email
 func SendForgotPasswordMail(toEmail, token, hostname string) error {
-	resetPasswordUrl := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyResetPasswordURL)
+	resetPasswordUrl := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyResetPasswordURL)
 	if resetPasswordUrl == "" {
-		envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyResetPasswordURL, hostname+"/app/reset-password")
+		envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyResetPasswordURL, hostname+"/app/reset-password")
 	}
 
 	// The receiver needs to be in slice as the receive supports multiple receiver
@@ -103,8 +103,8 @@ func SendForgotPasswordMail(toEmail, token, hostname string) error {
 	`
 
 	data := make(map[string]interface{}, 3)
-	data["org_logo"] = envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
-	data["org_name"] = envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
+	data["org_logo"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
+	data["org_name"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
 	data["verification_url"] = resetPasswordUrl + "?token=" + token
 	message = addEmailTemplate(message, data, "reset_password_email.tmpl")
 

server/email/invite_email.go

@@ -0,0 +1,113 @@
+package email
+
+import (
+	log "github.com/sirupsen/logrus"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/envstore"
+)
+
+// InviteEmail to send invite email
+func InviteEmail(toEmail, token, verificationURL, redirectURI string) error {
+	// The receiver needs to be in slice as the receive supports multiple receiver
+	Receiver := []string{toEmail}
+
+	Subject := "Please accept the invitation"
+	message := `
+	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+    <html xmlns="http://www.w3.org/1999/xhtml" xmlns:o="urn:schemas-microsoft-com:office:office">
+        <head>
+            <meta charset="UTF-8">
+            <meta content="width=device-width, initial-scale=1" name="viewport">
+            <meta name="x-apple-disable-message-reformatting">
+            <meta http-equiv="X-UA-Compatible" content="IE=edge">
+            <meta content="telephone=no" name="format-detection">
+            <title></title>
+            <!--[if (mso 16)]>
+            <style type="text/css">
+            a {}
+            </style>
+            <![endif]-->
+            <!--[if gte mso 9]><style>sup { font-size: 100%% !important; }</style><![endif]-->
+            <!--[if gte mso 9]>
+        <xml>
+            <o:OfficeDocumentSettings>
+            <o:AllowPNG></o:AllowPNG>
+            <o:PixelsPerInch>96</o:PixelsPerInch>
+            </o:OfficeDocumentSettings>
+        </xml>
+        <![endif]-->
+        </head>
+        <body style="font-family: sans-serif;">
+            <div class="es-wrapper-color">
+                <!--[if gte mso 9]>
+                    <v:background xmlns:v="urn:schemas-microsoft-com:vml" fill="t">
+                        <v:fill type="tile" color="#ffffff"></v:fill>
+                    </v:background>
+                <![endif]-->
+                <table class="es-wrapper" width="100%%" cellspacing="0" cellpadding="0">
+                    <tbody>
+                        <tr>
+                            <td class="esd-email-paddings" valign="top">
+                                <table class="es-content esd-footer-popover" cellspacing="0" cellpadding="0" align="center">
+                                    <tbody>
+                                        <tr>
+                                            <td class="esd-stripe" align="center">
+                                                <table class="es-content-body" style="border-left:1px solid transparent;border-right:1px solid transparent;border-top:1px solid transparent;border-bottom:1px solid transparent;padding:20px 0px;" width="600" cellspacing="0" cellpadding="0" bgcolor="#ffffff" align="center">
+                                                    <tbody>
+                                                        <tr>
+                                                            <td class="esd-structure es-p20t es-p40b es-p40r es-p40l" esd-custom-block-id="8537" align="left">
+                                                                <table width="100%%" cellspacing="0" cellpadding="0">
+                                                                    <tbody>
+                                                                        <tr>
+                                                                            <td class="esd-container-frame" width="518" align="left">
+                                                                                <table width="100%%" cellspacing="0" cellpadding="0">
+                                                                                    <tbody>
+                                                                                        <tr>
+                                                                                            <td class="esd-block-image es-m-txt-c es-p5b" style="font-size:0;padding:10px" align="center"><a target="_blank" clicktracking="off"><img src="{{.org_logo}}" alt="icon" style="display: block;" title="icon" width="30"></a></td>
+                                                                                        </tr>
+                                                                                        
+                                                                                        <tr style="background: rgb(249,250,251);padding: 10px;margin-bottom:10px;border-radius:5px;">
+                                                                                            <td class="esd-block-text es-m-txt-c es-p15t" align="center" style="padding:10px;padding-bottom:30px;">
+                                                                                                <p>Hi there 👋</p>
+                                                                                                <p>Join us! You are invited to sign-up for <b>{{.org_name}}</b>. Please accept the invitation by clicking the clicking the button below.</p> <br/>
+                                                                                                <a 
+                                                                                                clicktracking="off" href="{{.verification_url}}" class="es-button" target="_blank" style="text-decoration: none;padding:10px 15px;background-color: rgba(59,130,246,1);color: #fff;font-size: 1em;border-radius:5px;">Get Started</a>
+                                                                                            </td>
+                                                                                        </tr>
+                                                                                    </tbody>
+                                                                                </table>
+                                                                            </td>
+                                                                        </tr>
+                                                                    </tbody>
+                                                                </table>
+                                                            </td>
+                                                        </tr>
+                                                    </tbody>
+                                                </table>
+                                            </td>
+                                        </tr>
+                                    </tbody>
+                                </table>
+                            </td>
+                        </tr>
+                    </tbody>
+                </table>
+            </div>
+            <div style="position: absolute; left: -9999px; top: -9999px; margin: 0px;"></div>
+        </body>
+    </html>
+	`
+	data := make(map[string]interface{}, 3)
+	data["org_logo"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
+	data["org_name"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
+	data["verification_url"] = verificationURL + "?token=" + token + "&redirect_uri=" + redirectURI
+	message = addEmailTemplate(message, data, "invite_email.tmpl")
+	// bodyMessage := sender.WriteHTMLEmail(Receiver, Subject, message)
+
+	err := SendMail(Receiver, Subject, message)
+	if err != nil {
+		log.Warn("error sending email: ", err)
+	}
+	return err
+}

server/email/verification_email.go

@@ -1,6 +1,8 @@
 package email
 
 import (
+	log "github.com/sirupsen/logrus"
+
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/envstore"
 )
@@ -97,11 +99,15 @@ func SendVerificationMail(toEmail, token, hostname string) error {
     </html>
 	`
 	data := make(map[string]interface{}, 3)
-	data["org_logo"] = envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
-	data["org_name"] = envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
+	data["org_logo"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
+	data["org_name"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
 	data["verification_url"] = hostname + "/verify_email?token=" + token
 	message = addEmailTemplate(message, data, "verify_email.tmpl")
 	// bodyMessage := sender.WriteHTMLEmail(Receiver, Subject, message)
 
-	return SendMail(Receiver, Subject, message)
+	err := SendMail(Receiver, Subject, message)
+	if err != nil {
+		log.Warn("error sending email: ", err)
+	}
+	return err
 }

server/env/env.go

@@ -1,31 +1,126 @@
 package env
 
 import (
-	"log"
+	"errors"
 	"os"
 	"strings"
 
-	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/envstore"
-	"github.com/authorizerdev/authorizer/server/utils"
 	"github.com/google/uuid"
 	"github.com/joho/godotenv"
+	log "github.com/sirupsen/logrus"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/crypto"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/utils"
 )
 
+// InitRequiredEnv to initialize EnvData and through error if required env are not present
+func InitRequiredEnv() error {
+	envPath := os.Getenv(constants.EnvKeyEnvPath)
+
+	if envPath == "" {
+		envPath = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEnvPath)
+		if envPath == "" {
+			envPath = `.env`
+		}
+	}
+
+	if envstore.ARG_ENV_FILE != nil && *envstore.ARG_ENV_FILE != "" {
+		envPath = *envstore.ARG_ENV_FILE
+	}
+	log.Info("env path: ", envPath)
+
+	err := godotenv.Load(envPath)
+	if err != nil {
+		log.Info("using OS env instead of %s file", envPath)
+	}
+
+	dbURL := os.Getenv(constants.EnvKeyDatabaseURL)
+	dbType := os.Getenv(constants.EnvKeyDatabaseType)
+	dbName := os.Getenv(constants.EnvKeyDatabaseName)
+	dbPort := os.Getenv(constants.EnvKeyDatabasePort)
+	dbHost := os.Getenv(constants.EnvKeyDatabaseHost)
+	dbUsername := os.Getenv(constants.EnvKeyDatabaseUsername)
+	dbPassword := os.Getenv(constants.EnvKeyDatabasePassword)
+	dbCert := os.Getenv(constants.EnvKeyDatabaseCert)
+	dbCertKey := os.Getenv(constants.EnvKeyDatabaseCertKey)
+	dbCACert := os.Getenv(constants.EnvKeyDatabaseCACert)
+
+	if strings.TrimSpace(dbType) == "" {
+		if envstore.ARG_DB_TYPE != nil && *envstore.ARG_DB_TYPE != "" {
+			dbType = strings.TrimSpace(*envstore.ARG_DB_TYPE)
+		}
+
+		if dbType == "" {
+			log.Debug("DATABASE_TYPE is not set")
+			return errors.New("invalid database type. DATABASE_TYPE is empty")
+		}
+	}
+
+	if strings.TrimSpace(dbURL) == "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL) == "" {
+		if envstore.ARG_DB_URL != nil && *envstore.ARG_DB_URL != "" {
+			dbURL = strings.TrimSpace(*envstore.ARG_DB_URL)
+		}
+
+		if dbURL == "" && dbPort == "" && dbHost == "" && dbUsername == "" && dbPassword == "" {
+			log.Debug("DATABASE_URL is not set")
+			return errors.New("invalid database url. DATABASE_URL is required")
+		}
+	}
+
+	if dbName == "" {
+		if dbName == "" {
+			dbName = "authorizer"
+		}
+	}
+
+	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEnvPath, envPath)
+	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseURL, dbURL)
+	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseType, dbType)
+	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseName, dbName)
+	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseHost, dbHost)
+	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabasePort, dbPort)
+	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseUsername, dbUsername)
+	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabasePassword, dbPassword)
+	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseCert, dbCert)
+	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseCertKey, dbCertKey)
+	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseCACert, dbCACert)
+
+	return nil
+}
+
 // InitEnv to initialize EnvData and through error if required env are not present
-func InitEnv() {
-	// get clone of current store
-	envData := envstore.EnvInMemoryStoreObj.GetEnvStoreClone()
+func InitAllEnv() error {
+	envData, err := GetEnvData()
+	if err != nil {
+		log.Info("No env data found in db, using local clone of env data")
+		// get clone of current store
+		envData = envstore.EnvStoreObj.GetEnvStoreClone()
+	}
+
+	clientID := envData.StringEnv[constants.EnvKeyClientID]
+	// unique client id for each instance
+	if clientID == "" {
+		clientID = uuid.New().String()
+		envData.StringEnv[constants.EnvKeyClientID] = clientID
+	}
+
+	clientSecret := envData.StringEnv[constants.EnvKeyClientSecret]
+	// unique client id for each instance
+	if clientSecret == "" {
+		clientSecret = uuid.New().String()
+		envData.StringEnv[constants.EnvKeyClientSecret] = clientSecret
+	}
 
 	if envData.StringEnv[constants.EnvKeyEnv] == "" {
-		envData.StringEnv[constants.EnvKeyEnv] = os.Getenv("ENV")
+		envData.StringEnv[constants.EnvKeyEnv] = os.Getenv(constants.EnvKeyEnv)
 		if envData.StringEnv[constants.EnvKeyEnv] == "" {
 			envData.StringEnv[constants.EnvKeyEnv] = "production"
 		}
 
 		if envData.StringEnv[constants.EnvKeyEnv] == "production" {
 			envData.BoolEnv[constants.EnvKeyIsProd] = true
-			os.Setenv("GIN_MODE", "release")
 		} else {
 			envData.BoolEnv[constants.EnvKeyIsProd] = false
 		}
@@ -35,146 +130,187 @@ func InitEnv() {
 		envData.StringEnv[constants.EnvKeyAppURL] = os.Getenv(constants.EnvKeyAppURL)
 	}
 
-	if envData.StringEnv[constants.EnvKeyEnvPath] == "" {
-		envData.StringEnv[constants.EnvKeyEnvPath] = `.env`
-	}
-
-	if envstore.ARG_ENV_FILE != nil && *envstore.ARG_ENV_FILE != "" {
-		envData.StringEnv[constants.EnvKeyEnvPath] = *envstore.ARG_ENV_FILE
-	}
-
-	err := godotenv.Load(envData.StringEnv[constants.EnvKeyEnvPath])
-	if err != nil {
-		log.Printf("error loading %s file", envData.StringEnv[constants.EnvKeyEnvPath])
+	if envData.StringEnv[constants.EnvKeyAuthorizerURL] == "" {
+		envData.StringEnv[constants.EnvKeyAuthorizerURL] = os.Getenv(constants.EnvKeyAuthorizerURL)
 	}
 
 	if envData.StringEnv[constants.EnvKeyPort] == "" {
-		envData.StringEnv[constants.EnvKeyPort] = os.Getenv("PORT")
+		envData.StringEnv[constants.EnvKeyPort] = os.Getenv(constants.EnvKeyPort)
 		if envData.StringEnv[constants.EnvKeyPort] == "" {
 			envData.StringEnv[constants.EnvKeyPort] = "8080"
 		}
 	}
 
+	if envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] == "" {
+		envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] = os.Getenv(constants.EnvKeyAccessTokenExpiryTime)
+		if envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] == "" {
+			envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] = "30m"
+		}
+	}
+
 	if envData.StringEnv[constants.EnvKeyAdminSecret] == "" {
-		envData.StringEnv[constants.EnvKeyAdminSecret] = os.Getenv("ADMIN_SECRET")
-	}
-
-	if envData.StringEnv[constants.EnvKeyDatabaseType] == "" {
-		envData.StringEnv[constants.EnvKeyDatabaseType] = os.Getenv("DATABASE_TYPE")
-
-		if envstore.ARG_DB_TYPE != nil && *envstore.ARG_DB_TYPE != "" {
-			envData.StringEnv[constants.EnvKeyDatabaseType] = *envstore.ARG_DB_TYPE
-		}
-
-		if envData.StringEnv[constants.EnvKeyDatabaseType] == "" {
-			panic("DATABASE_TYPE is required")
-		}
-	}
-
-	if envData.StringEnv[constants.EnvKeyDatabaseURL] == "" {
-		envData.StringEnv[constants.EnvKeyDatabaseURL] = os.Getenv("DATABASE_URL")
-
-		if envstore.ARG_DB_URL != nil && *envstore.ARG_DB_URL != "" {
-			envData.StringEnv[constants.EnvKeyDatabaseURL] = *envstore.ARG_DB_URL
-		}
-
-		if envData.StringEnv[constants.EnvKeyDatabaseURL] == "" {
-			panic("DATABASE_URL is required")
-		}
-	}
-
-	if envData.StringEnv[constants.EnvKeyDatabaseName] == "" {
-		envData.StringEnv[constants.EnvKeyDatabaseName] = os.Getenv("DATABASE_NAME")
-		if envData.StringEnv[constants.EnvKeyDatabaseName] == "" {
-			envData.StringEnv[constants.EnvKeyDatabaseName] = "authorizer"
-		}
+		envData.StringEnv[constants.EnvKeyAdminSecret] = os.Getenv(constants.EnvKeyAdminSecret)
 	}
 
 	if envData.StringEnv[constants.EnvKeySmtpHost] == "" {
-		envData.StringEnv[constants.EnvKeySmtpHost] = os.Getenv("SMTP_HOST")
+		envData.StringEnv[constants.EnvKeySmtpHost] = os.Getenv(constants.EnvKeySmtpHost)
 	}
 
 	if envData.StringEnv[constants.EnvKeySmtpPort] == "" {
-		envData.StringEnv[constants.EnvKeySmtpPort] = os.Getenv("SMTP_PORT")
+		envData.StringEnv[constants.EnvKeySmtpPort] = os.Getenv(constants.EnvKeySmtpPort)
 	}
 
 	if envData.StringEnv[constants.EnvKeySmtpUsername] == "" {
-		envData.StringEnv[constants.EnvKeySmtpUsername] = os.Getenv("SMTP_USERNAME")
+		envData.StringEnv[constants.EnvKeySmtpUsername] = os.Getenv(constants.EnvKeySmtpUsername)
 	}
 
 	if envData.StringEnv[constants.EnvKeySmtpPassword] == "" {
-		envData.StringEnv[constants.EnvKeySmtpPassword] = os.Getenv("SMTP_PASSWORD")
+		envData.StringEnv[constants.EnvKeySmtpPassword] = os.Getenv(constants.EnvKeySmtpPassword)
 	}
 
 	if envData.StringEnv[constants.EnvKeySenderEmail] == "" {
-		envData.StringEnv[constants.EnvKeySenderEmail] = os.Getenv("SENDER_EMAIL")
+		envData.StringEnv[constants.EnvKeySenderEmail] = os.Getenv(constants.EnvKeySenderEmail)
 	}
 
-	if envData.StringEnv[constants.EnvKeyJwtSecret] == "" {
-		envData.StringEnv[constants.EnvKeyJwtSecret] = os.Getenv("JWT_SECRET")
-		if envData.StringEnv[constants.EnvKeyJwtSecret] == "" {
-			envData.StringEnv[constants.EnvKeyJwtSecret] = uuid.New().String()
-		}
-	}
-
-	if envData.StringEnv[constants.EnvKeyJwtType] == "" {
-		envData.StringEnv[constants.EnvKeyJwtType] = os.Getenv("JWT_TYPE")
+	algo := envData.StringEnv[constants.EnvKeyJwtType]
+	if algo == "" {
+		envData.StringEnv[constants.EnvKeyJwtType] = os.Getenv(constants.EnvKeyJwtType)
 		if envData.StringEnv[constants.EnvKeyJwtType] == "" {
-			envData.StringEnv[constants.EnvKeyJwtType] = "HS256"
+			envData.StringEnv[constants.EnvKeyJwtType] = "RS256"
+			algo = envData.StringEnv[constants.EnvKeyJwtType]
+		} else {
+			algo = envData.StringEnv[constants.EnvKeyJwtType]
+			if !crypto.IsHMACA(algo) && !crypto.IsRSA(algo) && !crypto.IsECDSA(algo) {
+				log.Debug("Invalid JWT Algorithm")
+				return errors.New("invalid JWT_TYPE")
+			}
 		}
 	}
 
+	if crypto.IsHMACA(algo) {
+		if envData.StringEnv[constants.EnvKeyJwtSecret] == "" {
+			envData.StringEnv[constants.EnvKeyJwtSecret] = os.Getenv(constants.EnvKeyJwtSecret)
+			if envData.StringEnv[constants.EnvKeyJwtSecret] == "" {
+				envData.StringEnv[constants.EnvKeyJwtSecret], _, err = crypto.NewHMACKey(algo, clientID)
+				if err != nil {
+					return err
+				}
+			}
+		}
+	}
+
+	if crypto.IsRSA(algo) || crypto.IsECDSA(algo) {
+		privateKey, publicKey := "", ""
+
+		if envData.StringEnv[constants.EnvKeyJwtPrivateKey] == "" {
+			privateKey = os.Getenv(constants.EnvKeyJwtPrivateKey)
+		}
+
+		if envData.StringEnv[constants.EnvKeyJwtPublicKey] == "" {
+			publicKey = os.Getenv(constants.EnvKeyJwtPublicKey)
+		}
+
+		// if algo is RSA / ECDSA, then we need to have both private and public key
+		// if either of them is not present generate new keys
+		if privateKey == "" || publicKey == "" {
+			if crypto.IsRSA(algo) {
+				_, privateKey, publicKey, _, err = crypto.NewRSAKey(algo, clientID)
+				if err != nil {
+					return err
+				}
+			} else if crypto.IsECDSA(algo) {
+				_, privateKey, publicKey, _, err = crypto.NewECDSAKey(algo, clientID)
+				if err != nil {
+					return err
+				}
+			}
+		} else {
+			// parse keys to make sure they are valid
+			if crypto.IsRSA(algo) {
+				_, err = crypto.ParseRsaPrivateKeyFromPemStr(privateKey)
+				if err != nil {
+					return err
+				}
+
+				_, err := crypto.ParseRsaPublicKeyFromPemStr(publicKey)
+				if err != nil {
+					return err
+				}
+
+			} else if crypto.IsECDSA(algo) {
+				_, err = crypto.ParseEcdsaPrivateKeyFromPemStr(privateKey)
+				if err != nil {
+					return err
+				}
+
+				_, err := crypto.ParseEcdsaPublicKeyFromPemStr(publicKey)
+				if err != nil {
+					return err
+				}
+			}
+		}
+
+		envData.StringEnv[constants.EnvKeyJwtPrivateKey] = privateKey
+		envData.StringEnv[constants.EnvKeyJwtPublicKey] = publicKey
+
+	}
+
 	if envData.StringEnv[constants.EnvKeyJwtRoleClaim] == "" {
-		envData.StringEnv[constants.EnvKeyJwtRoleClaim] = os.Getenv("JWT_ROLE_CLAIM")
+		envData.StringEnv[constants.EnvKeyJwtRoleClaim] = os.Getenv(constants.EnvKeyJwtRoleClaim)
 
 		if envData.StringEnv[constants.EnvKeyJwtRoleClaim] == "" {
 			envData.StringEnv[constants.EnvKeyJwtRoleClaim] = "role"
 		}
 	}
 
+	if envData.StringEnv[constants.EnvKeyCustomAccessTokenScript] == "" {
+		envData.StringEnv[constants.EnvKeyCustomAccessTokenScript] = os.Getenv(constants.EnvKeyCustomAccessTokenScript)
+	}
+
 	if envData.StringEnv[constants.EnvKeyRedisURL] == "" {
-		envData.StringEnv[constants.EnvKeyRedisURL] = os.Getenv("REDIS_URL")
+		envData.StringEnv[constants.EnvKeyRedisURL] = os.Getenv(constants.EnvKeyRedisURL)
 	}
 
 	if envData.StringEnv[constants.EnvKeyCookieName] == "" {
-		envData.StringEnv[constants.EnvKeyCookieName] = os.Getenv("COOKIE_NAME")
+		envData.StringEnv[constants.EnvKeyCookieName] = os.Getenv(constants.EnvKeyCookieName)
 		if envData.StringEnv[constants.EnvKeyCookieName] == "" {
 			envData.StringEnv[constants.EnvKeyCookieName] = "authorizer"
 		}
 	}
 
 	if envData.StringEnv[constants.EnvKeyGoogleClientID] == "" {
-		envData.StringEnv[constants.EnvKeyGoogleClientID] = os.Getenv("GOOGLE_CLIENT_ID")
+		envData.StringEnv[constants.EnvKeyGoogleClientID] = os.Getenv(constants.EnvKeyGoogleClientID)
 	}
 
 	if envData.StringEnv[constants.EnvKeyGoogleClientSecret] == "" {
-		envData.StringEnv[constants.EnvKeyGoogleClientSecret] = os.Getenv("GOOGLE_CLIENT_SECRET")
+		envData.StringEnv[constants.EnvKeyGoogleClientSecret] = os.Getenv(constants.EnvKeyGoogleClientSecret)
 	}
 
 	if envData.StringEnv[constants.EnvKeyGithubClientID] == "" {
-		envData.StringEnv[constants.EnvKeyGithubClientID] = os.Getenv("GITHUB_CLIENT_ID")
+		envData.StringEnv[constants.EnvKeyGithubClientID] = os.Getenv(constants.EnvKeyGithubClientID)
 	}
 
 	if envData.StringEnv[constants.EnvKeyGithubClientSecret] == "" {
-		envData.StringEnv[constants.EnvKeyGithubClientSecret] = os.Getenv("GITHUB_CLIENT_SECRET")
+		envData.StringEnv[constants.EnvKeyGithubClientSecret] = os.Getenv(constants.EnvKeyGithubClientSecret)
 	}
 
 	if envData.StringEnv[constants.EnvKeyFacebookClientID] == "" {
-		envData.StringEnv[constants.EnvKeyFacebookClientID] = os.Getenv("FACEBOOK_CLIENT_ID")
+		envData.StringEnv[constants.EnvKeyFacebookClientID] = os.Getenv(constants.EnvKeyFacebookClientID)
 	}
 
 	if envData.StringEnv[constants.EnvKeyFacebookClientSecret] == "" {
-		envData.StringEnv[constants.EnvKeyFacebookClientSecret] = os.Getenv("FACEBOOK_CLIENT_SECRET")
+		envData.StringEnv[constants.EnvKeyFacebookClientSecret] = os.Getenv(constants.EnvKeyFacebookClientSecret)
 	}
 
 	if envData.StringEnv[constants.EnvKeyResetPasswordURL] == "" {
-		envData.StringEnv[constants.EnvKeyResetPasswordURL] = strings.TrimPrefix(os.Getenv("RESET_PASSWORD_URL"), "/")
+		envData.StringEnv[constants.EnvKeyResetPasswordURL] = strings.TrimPrefix(os.Getenv(constants.EnvKeyResetPasswordURL), "/")
 	}
 
-	envData.BoolEnv[constants.EnvKeyDisableBasicAuthentication] = os.Getenv("DISABLE_BASIC_AUTHENTICATION") == "true"
-	envData.BoolEnv[constants.EnvKeyDisableEmailVerification] = os.Getenv("DISABLE_EMAIL_VERIFICATION") == "true"
-	envData.BoolEnv[constants.EnvKeyDisableMagicLinkLogin] = os.Getenv("DISABLE_MAGIC_LINK_LOGIN") == "true"
-	envData.BoolEnv[constants.EnvKeyDisableLoginPage] = os.Getenv("DISABLE_LOGIN_PAGE") == "true"
+	envData.BoolEnv[constants.EnvKeyDisableBasicAuthentication] = os.Getenv(constants.EnvKeyDisableBasicAuthentication) == "true"
+	envData.BoolEnv[constants.EnvKeyDisableEmailVerification] = os.Getenv(constants.EnvKeyDisableEmailVerification) == "true"
+	envData.BoolEnv[constants.EnvKeyDisableMagicLinkLogin] = os.Getenv(constants.EnvKeyDisableMagicLinkLogin) == "true"
+	envData.BoolEnv[constants.EnvKeyDisableLoginPage] = os.Getenv(constants.EnvKeyDisableLoginPage) == "true"
+	envData.BoolEnv[constants.EnvKeyDisableSignUp] = os.Getenv(constants.EnvKeyDisableSignUp) == "true"
 
 	// no need to add nil check as its already done above
 	if envData.StringEnv[constants.EnvKeySmtpHost] == "" || envData.StringEnv[constants.EnvKeySmtpUsername] == "" || envData.StringEnv[constants.EnvKeySmtpPassword] == "" || envData.StringEnv[constants.EnvKeySenderEmail] == "" && envData.StringEnv[constants.EnvKeySmtpPort] == "" {
@@ -186,7 +322,7 @@ func InitEnv() {
 		envData.BoolEnv[constants.EnvKeyDisableMagicLinkLogin] = true
 	}
 
-	allowedOriginsSplit := strings.Split(os.Getenv("ALLOWED_ORIGINS"), ",")
+	allowedOriginsSplit := strings.Split(os.Getenv(constants.EnvKeyAllowedOrigins), ",")
 	allowedOrigins := []string{}
 	hasWildCard := false
 
@@ -214,14 +350,14 @@ func InitEnv() {
 
 	envData.SliceEnv[constants.EnvKeyAllowedOrigins] = allowedOrigins
 
-	rolesEnv := strings.TrimSpace(os.Getenv("ROLES"))
+	rolesEnv := strings.TrimSpace(os.Getenv(constants.EnvKeyRoles))
 	rolesSplit := strings.Split(rolesEnv, ",")
 	roles := []string{}
 	if len(rolesEnv) == 0 {
 		roles = []string{"user"}
 	}
 
-	defaultRolesEnv := strings.TrimSpace(os.Getenv("DEFAULT_ROLES"))
+	defaultRolesEnv := strings.TrimSpace(os.Getenv(constants.EnvKeyDefaultRoles))
 	defaultRoleSplit := strings.Split(defaultRolesEnv, ",")
 	defaultRoles := []string{}
 
@@ -229,7 +365,7 @@ func InitEnv() {
 		defaultRoles = []string{"user"}
 	}
 
-	protectedRolesEnv := strings.TrimSpace(os.Getenv("PROTECTED_ROLES"))
+	protectedRolesEnv := strings.TrimSpace(os.Getenv(constants.EnvKeyProtectedRoles))
 	protectedRolesSplit := strings.Split(protectedRolesEnv, ",")
 	protectedRoles := []string{}
 
@@ -251,20 +387,22 @@ func InitEnv() {
 	}
 
 	if len(roles) > 0 && len(defaultRoles) == 0 && len(defaultRolesEnv) > 0 {
-		panic(`Invalid DEFAULT_ROLE environment variable. It can be one from give ROLES environment variable value`)
+		log.Debug("Default roles not found in roles list. It can be one from ROLES only")
+		return errors.New(`invalid DEFAULT_ROLE environment variable. It can be one from give ROLES environment variable value`)
 	}
 
 	envData.SliceEnv[constants.EnvKeyRoles] = roles
 	envData.SliceEnv[constants.EnvKeyDefaultRoles] = defaultRoles
 	envData.SliceEnv[constants.EnvKeyProtectedRoles] = protectedRoles
 
-	if os.Getenv("ORGANIZATION_NAME") != "" {
-		envData.StringEnv[constants.EnvKeyOrganizationName] = os.Getenv("ORGANIZATION_NAME")
+	if os.Getenv(constants.EnvKeyOrganizationName) != "" {
+		envData.StringEnv[constants.EnvKeyOrganizationName] = os.Getenv(constants.EnvKeyOrganizationName)
 	}
 
-	if os.Getenv("ORGANIZATION_LOGO") != "" {
-		envData.StringEnv[constants.EnvKeyOrganizationLogo] = os.Getenv("ORGANIZATION_LOGO")
+	if os.Getenv(constants.EnvKeyOrganizationLogo) != "" {
+		envData.StringEnv[constants.EnvKeyOrganizationLogo] = os.Getenv(constants.EnvKeyOrganizationLogo)
 	}
 
-	envstore.EnvInMemoryStoreObj.UpdateEnvStore(envData)
+	envstore.EnvStoreObj.UpdateEnvStore(envData)
+	return nil
 }

server/env/persist_env.go

@@ -2,19 +2,61 @@ package env
 
 import (
 	"encoding/json"
-	"log"
 	"os"
 	"strconv"
 	"strings"
 
+	"github.com/google/uuid"
+	log "github.com/sirupsen/logrus"
+
 	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/crypto"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/db/models"
 	"github.com/authorizerdev/authorizer/server/envstore"
 	"github.com/authorizerdev/authorizer/server/utils"
-	"github.com/google/uuid"
 )
 
+// GetEnvData returns the env data from database
+func GetEnvData() (envstore.Store, error) {
+	var result envstore.Store
+	env, err := db.Provider.GetEnv()
+	// config not found in db
+	if err != nil {
+		log.Debug("Error while getting env data from db: ", err)
+		return result, err
+	}
+
+	encryptionKey := env.Hash
+	decryptedEncryptionKey, err := crypto.DecryptB64(encryptionKey)
+	if err != nil {
+		log.Debug("Error while decrypting encryption key: ", err)
+		return result, err
+	}
+
+	envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, decryptedEncryptionKey)
+
+	b64DecryptedConfig, err := crypto.DecryptB64(env.EnvData)
+	if err != nil {
+		log.Debug("Error while decrypting env data from B64: ", err)
+		return result, err
+	}
+
+	decryptedConfigs, err := crypto.DecryptAESEnv([]byte(b64DecryptedConfig))
+	if err != nil {
+		log.Debug("Error while decrypting env data from AES: ", err)
+		return result, err
+	}
+
+	err = json.Unmarshal(decryptedConfigs, &result)
+	if err != nil {
+		log.Debug("Error while unmarshalling env data: ", err)
+		return result, err
+	}
+
+	return result, err
+}
+
 // PersistEnv persists the environment variables to the database
 func PersistEnv() error {
 	env, err := db.Provider.GetEnv()
@@ -22,46 +64,46 @@ func PersistEnv() error {
 	if err != nil {
 		// AES encryption needs 32 bit key only, so we chop off last 4 characters from 36 bit uuid
 		hash := uuid.New().String()[:36-4]
-		envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, hash)
-		encodedHash := utils.EncryptB64(hash)
+		envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, hash)
+		encodedHash := crypto.EncryptB64(hash)
 
-		encryptedConfig, err := utils.EncryptEnvData(envstore.EnvInMemoryStoreObj.GetEnvStoreClone())
+		encryptedConfig, err := crypto.EncryptEnvData(envstore.EnvStoreObj.GetEnvStoreClone())
 		if err != nil {
+			log.Debug("Error while encrypting env data: ", err)
 			return err
 		}
-		// configData, err := json.Marshal()
-		// if err != nil {
-		// 	return err
-		// }
-
-		// encryptedConfig, err := utils.EncryptAES(configData)
-		// if err != nil {
-		// 	return err
-		// }
 
 		env = models.Env{
 			Hash:    encodedHash,
 			EnvData: encryptedConfig,
 		}
 
-		db.Provider.AddEnv(env)
+		env, err = db.Provider.AddEnv(env)
+		if err != nil {
+			log.Debug("Error while persisting env data to db: ", err)
+			return err
+		}
 	} else {
 		// decrypt the config data from db
 		// decryption can be done using the hash stored in db
 		encryptionKey := env.Hash
-		decryptedEncryptionKey, err := utils.DecryptB64(encryptionKey)
+		decryptedEncryptionKey, err := crypto.DecryptB64(encryptionKey)
 		if err != nil {
+			log.Debug("Error while decrypting encryption key: ", err)
 			return err
 		}
 
-		envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, decryptedEncryptionKey)
-		b64DecryptedConfig, err := utils.DecryptB64(env.EnvData)
+		envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, decryptedEncryptionKey)
+
+		b64DecryptedConfig, err := crypto.DecryptB64(env.EnvData)
 		if err != nil {
+			log.Debug("Error while decrypting env data from B64: ", err)
 			return err
 		}
 
-		decryptedConfigs, err := utils.DecryptAES([]byte(b64DecryptedConfig))
+		decryptedConfigs, err := crypto.DecryptAESEnv([]byte(b64DecryptedConfig))
 		if err != nil {
+			log.Debug("Error while decrypting env data from AES: ", err)
 			return err
 		}
 
@@ -70,6 +112,7 @@ func PersistEnv() error {
 
 		err = json.Unmarshal(decryptedConfigs, &storeData)
 		if err != nil {
+			log.Debug("Error while unmarshalling env data: ", err)
 			return err
 		}
 
@@ -79,6 +122,7 @@ func PersistEnv() error {
 		hasChanged := false
 
 		for key, value := range storeData.StringEnv {
+			// don't override unexposed envs
 			if key != constants.EnvKeyEncryptionKey {
 				// check only for derivative keys
 				// No need to check for ENCRYPTION_KEY which special key we use for encrypting config data
@@ -133,21 +177,29 @@ func PersistEnv() error {
 			}
 		}
 
-		envstore.EnvInMemoryStoreObj.UpdateEnvStore(storeData)
+		envstore.EnvStoreObj.UpdateEnvStore(storeData)
+		jwk, err := crypto.GenerateJWKBasedOnEnv()
+		if err != nil {
+			log.Debug("Error while generating JWK: ", err)
+			return err
+		}
+		// updating jwk
+		envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJWK, jwk)
+
 		if hasChanged {
-			encryptedConfig, err := utils.EncryptEnvData(storeData)
+			encryptedConfig, err := crypto.EncryptEnvData(storeData)
 			if err != nil {
+				log.Debug("Error while encrypting env data: ", err)
 				return err
 			}
 
 			env.EnvData = encryptedConfig
 			_, err = db.Provider.UpdateEnv(env)
 			if err != nil {
-				log.Println("error updating config:", err)
+				log.Debug("Failed to Update Config: ", err)
 				return err
 			}
 		}
-
 	}
 
 	return nil

server/envstore/store.go

@@ -13,6 +13,8 @@ var (
 	ARG_DB_TYPE *string
 	// ARG_ENV_FILE is the cli arg variable for the env file
 	ARG_ENV_FILE *string
+	// ARG_LOG_LEVEL is the cli arg variable for the log level
+	ARG_LOG_LEVEL *string
 )
 
 // Store data structure
@@ -22,14 +24,13 @@ type Store struct {
 	SliceEnv  map[string][]string `json:"slice_env"`
 }
 
-// EnvInMemoryStore struct
-type EnvInMemoryStore struct {
+// EnvStore struct
+type EnvStore struct {
 	mutex sync.Mutex
 	store *Store
 }
 
-// EnvInMemoryStoreObj global variable for EnvInMemoryStore
-var EnvInMemoryStoreObj = &EnvInMemoryStore{
+var defaultStore = &EnvStore{
 	store: &Store{
 		StringEnv: map[string]string{
 			constants.EnvKeyAdminCookieName:  "authorizer-admin",
@@ -42,13 +43,17 @@ var EnvInMemoryStoreObj = &EnvInMemoryStore{
 			constants.EnvKeyDisableMagicLinkLogin:      false,
 			constants.EnvKeyDisableEmailVerification:   false,
 			constants.EnvKeyDisableLoginPage:           false,
+			constants.EnvKeyDisableSignUp:              false,
 		},
 		SliceEnv: map[string][]string{},
 	},
 }
 
+// EnvStoreObj.GetBoolStoreEnvVariable global variable for EnvStore
+var EnvStoreObj = defaultStore
+
 // UpdateEnvStore to update the whole env store object
-func (e *EnvInMemoryStore) UpdateEnvStore(store Store) {
+func (e *EnvStore) UpdateEnvStore(store Store) {
 	e.mutex.Lock()
 	defer e.mutex.Unlock()
 	// just override the keys + new keys
@@ -67,7 +72,7 @@ func (e *EnvInMemoryStore) UpdateEnvStore(store Store) {
 }
 
 // UpdateEnvVariable to update the particular env variable
-func (e *EnvInMemoryStore) UpdateEnvVariable(storeIdentifier, key string, value interface{}) {
+func (e *EnvStore) UpdateEnvVariable(storeIdentifier, key string, value interface{}) {
 	e.mutex.Lock()
 	defer e.mutex.Unlock()
 	switch storeIdentifier {
@@ -81,31 +86,37 @@ func (e *EnvInMemoryStore) UpdateEnvVariable(storeIdentifier, key string, value
 }
 
 // GetStringStoreEnvVariable to get the env variable from string store object
-func (e *EnvInMemoryStore) GetStringStoreEnvVariable(key string) string {
+func (e *EnvStore) GetStringStoreEnvVariable(key string) string {
 	// e.mutex.Lock()
 	// defer e.mutex.Unlock()
 	return e.store.StringEnv[key]
 }
 
 // GetBoolStoreEnvVariable to get the env variable from bool store object
-func (e *EnvInMemoryStore) GetBoolStoreEnvVariable(key string) bool {
+func (e *EnvStore) GetBoolStoreEnvVariable(key string) bool {
 	// e.mutex.Lock()
 	// defer e.mutex.Unlock()
 	return e.store.BoolEnv[key]
 }
 
 // GetSliceStoreEnvVariable to get the env variable from slice store object
-func (e *EnvInMemoryStore) GetSliceStoreEnvVariable(key string) []string {
+func (e *EnvStore) GetSliceStoreEnvVariable(key string) []string {
 	// e.mutex.Lock()
 	// defer e.mutex.Unlock()
 	return e.store.SliceEnv[key]
 }
 
 // GetEnvStoreClone to get clone of current env store object
-func (e *EnvInMemoryStore) GetEnvStoreClone() Store {
+func (e *EnvStore) GetEnvStoreClone() Store {
 	e.mutex.Lock()
 	defer e.mutex.Unlock()
 
 	result := *e.store
 	return result
 }
+
+func (e *EnvStore) ResetStore() {
+	e.mutex.Lock()
+	defer e.mutex.Unlock()
+	e.store = defaultStore.store
+}

server/go.mod

@@ -9,6 +9,7 @@ require (
 	github.com/gin-gonic/gin v1.7.2
 	github.com/go-playground/validator/v10 v10.8.0 // indirect
 	github.com/go-redis/redis/v8 v8.11.0
+	github.com/gocql/gocql v1.0.0
 	github.com/golang-jwt/jwt v3.2.2+incompatible
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/google/uuid v1.3.0
@@ -19,6 +20,7 @@ require (
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.1 // indirect
 	github.com/robertkrimen/otto v0.0.0-20211024170158-b87d35c0b86f
+	github.com/sirupsen/logrus v1.8.1 // indirect
 	github.com/stretchr/testify v1.7.0
 	github.com/ugorji/go v1.2.6 // indirect
 	github.com/vektah/gqlparser/v2 v2.2.0
@@ -30,6 +32,7 @@ require (
 	google.golang.org/protobuf v1.27.1 // indirect
 	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
 	gopkg.in/mail.v2 v2.3.1
+	gopkg.in/square/go-jose.v2 v2.6.0
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gorm.io/driver/mysql v1.2.1
 	gorm.io/driver/postgres v1.2.3

server/go.sum

@@ -48,6 +48,10 @@ github.com/arangodb/go-velocypack v0.0.0-20200318135517-5af53c29c67e h1:Xg+hGrY2
 github.com/arangodb/go-velocypack v0.0.0-20200318135517-5af53c29c67e/go.mod h1:mq7Shfa/CaixoDxiyAAc5jZ6CVBAyPaNQCGS7mkj4Ho=
 github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0 h1:jfIu9sQUG6Ig+0+Ap1h4unLjW6YQJpKZVmUzxsD4E/Q=
 github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0/go.mod h1:t2tdKJDJF9BV14lnkjHmOQgcvEKgtqs5a1N3LNdJhGE=
+github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932 h1:mXoPYz/Ul5HYEDvkta6I8/rnYM5gSdSV2tJ6XbZuEtY=
+github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932/go.mod h1:NOuUCSz6Q9T7+igc/hlvDOUdtWKryOrtFyIVABv/p7k=
+github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 h1:DDGfHa7BWjL4YnC6+E63dPcxHo2sUxDIu8g3QgEJdRY=
+github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY=
 github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
@@ -106,6 +110,8 @@ github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfC
 github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
 github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk=
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
+github.com/gocql/gocql v1.0.0 h1:UnbTERpP72VZ/viKE1Q1gPtmLvyTZTvuAstvSRydw/c=
+github.com/gocql/gocql v1.0.0/go.mod h1:3gM2c4D3AnkISwBxGnMMsS8Oy4y2lhbPRsH4xnJrHG8=
 github.com/gofrs/uuid v4.0.0+incompatible h1:1SD/1F5pU8p29ybwgQSwpQk+mwdRrXCYuPhW6m+TnJw=
 github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
 github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
@@ -140,8 +146,9 @@ github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw
 github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
 github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
 github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
-github.com/golang/snappy v0.0.1 h1:Qgr9rKW7uDUkrbSmQeiDsGa8SjGyCOGtuasMWwvp2P4=
 github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
+github.com/golang/snappy v0.0.3 h1:fHPg5GQYlCeLIPB9BZqMVR5nR9A+IM5zcgeTdjMYmLA=
+github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
@@ -175,6 +182,8 @@ github.com/gorilla/context v0.0.0-20160226214623-1ea25387ff6f/go.mod h1:kBGZzfjB
 github.com/gorilla/mux v1.6.1/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
 github.com/gorilla/websocket v1.4.2 h1:+/TMaTYc4QFitKJxsQ7Yye35DkWvkdLcvGKqM+x0Ufc=
 github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
+github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed h1:5upAirOpQc1Q53c0bnx2ufif5kANL7bfZWcc6VJWJd8=
+github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed/go.mod h1:tMWxXQ9wFIaZeTI9F+hmhFiGpFmhOHzyShyFUhRm0H4=
 github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
 github.com/hashicorp/golang-lru v0.5.1 h1:0hERBMJE1eitiLkihrMvRVBYAkpHzc/J3QdDN+dAcgU=
 github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
@@ -322,6 +331,8 @@ github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeV
 github.com/shurcooL/vfsgen v0.0.0-20180121065927-ffb13db8def0/go.mod h1:TrYk7fJVaAttu97ZZKrO9UbRa8izdowaMIZcxYMbVaw=
 github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
 github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
+github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE=
+github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
@@ -677,13 +688,16 @@ gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8
 gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
 gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
 gopkg.in/inconshreveable/log15.v2 v2.0.0-20180818164646-67afb5ed74ec/go.mod h1:aPpfJ7XW+gOuirDoZ8gHhLh3kZ1B08FtV2bbmy7Jv3s=
+gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
+gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
 gopkg.in/mail.v2 v2.3.1 h1:WYFn/oANrAGP2C0dcV6/pbkPzv8yGzqTjPmTeO7qoXk=
 gopkg.in/mail.v2 v2.3.1/go.mod h1:htwXN1Qh09vZJ1NVKxQqHPBaCBbzKhp5GzuJEA4VJWw=
 gopkg.in/readline.v1 v1.0.0-20160726135117-62c6fe619375/go.mod h1:lNEQeAhU009zbRxng+XOj5ITVgY24WcbNnQopyfKoYQ=
 gopkg.in/sourcemap.v1 v1.0.5 h1:inv58fC9f9J3TK2Y2R1NPntXEn3/wjWHkonhIUODNTI=
 gopkg.in/sourcemap.v1 v1.0.5/go.mod h1:2RlvNNSMglmRrcvhfuzp4hQHwOtjxlbjX7UPY/GXb78=
-gopkg.in/square/go-jose.v2 v2.5.1 h1:7odma5RETjNHWJnR32wx8t+Io4djHE1PqxCFx3iiZ2w=
 gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
+gopkg.in/square/go-jose.v2 v2.6.0 h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI=
+gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=