Increase timeout for redis

Merge pull request #369 from authorizerdev/feat-add-validate-cookie-api
feat: add resolver to validate browser session
2023-07-16 22:57:56 +05:30 · 2023-07-12 22:13:47 +05:30 · 2023-07-12 22:12:17 +05:30 · 2023-07-11 14:49:16 +05:30 · 2023-07-11 14:48:37 +05:30 · 2023-06-30 18:10:31 +05:30
31 changed files with 1586 additions and 28 deletions
--- a/server/constants/env.go
+++ b/server/constants/env.go
@@ -176,4 +176,18 @@ const (
 	// EnvKeyDefaultAuthorizeResponseMode key for env variable DEFAULT_AUTHORIZE_RESPONSE_MODE
 	// This env is used for setting default response mode in authorize handler
 	EnvKeyDefaultAuthorizeResponseMode = "DEFAULT_AUTHORIZE_RESPONSE_MODE"
+
+	// Phone verification setting
+	EnvKeyDisablePhoneVerification = "DISABLE_PHONE_VERIFICATION"
+
+	// Twilio env variables
+
+	// EnvKeyTwilioAPIKey key for env variable TWILIO_API_KEY
+	EnvKeyTwilioAPIKey = "TWILIO_API_KEY"
+	// EnvKeyTwilioAPISecret key for env variable TWILIO_API_SECRET
+	EnvKeyTwilioAPISecret = "TWILIO_API_SECRET"
+	// EnvKeyTwilioAccountSID key for env variable TWILIO_ACCOUNT_SID
+	EnvKeyTwilioAccountSID = "TWILIO_ACCOUNT_SID"
+	// EnvKeyTwilioSenderFrom key for env variable TWILIO_SENDER_FROM
+	EnvKeyTwilioSenderFrom = "TWILIO_SENDER_FROM"
 )
--- a/server/db/models/model.go
+++ b/server/db/models/model.go
@@ -2,14 +2,15 @@ package models

 // Collections / Tables available for authorizer in the database
 type CollectionList struct {
-	User                string
-	VerificationRequest string
-	Session             string
-	Env                 string
-	Webhook             string
-	WebhookLog          string
-	EmailTemplate       string
-	OTP                 string
+	User                   string
+	VerificationRequest    string
+	Session                string
+	Env                    string
+	Webhook                string
+	WebhookLog             string
+	EmailTemplate          string
+	OTP                    string
+	SMSVerificationRequest string
 }

 var (
@@ -17,13 +18,14 @@ var (
 	Prefix = "authorizer_"
 	// Collections / Tables available for authorizer in the database (used for dbs other than gorm)
 	Collections = CollectionList{
-		User:                Prefix + "users",
-		VerificationRequest: Prefix + "verification_requests",
-		Session:             Prefix + "sessions",
-		Env:                 Prefix + "env",
-		Webhook:             Prefix + "webhooks",
-		WebhookLog:          Prefix + "webhook_logs",
-		EmailTemplate:       Prefix + "email_templates",
-		OTP:                 Prefix + "otps",
+		User:                   Prefix + "users",
+		VerificationRequest:    Prefix + "verification_requests",
+		Session:                Prefix + "sessions",
+		Env:                    Prefix + "env",
+		Webhook:                Prefix + "webhooks",
+		WebhookLog:             Prefix + "webhook_logs",
+		EmailTemplate:          Prefix + "email_templates",
+		OTP:                    Prefix + "otps",
+		SMSVerificationRequest: Prefix + "sms_verification_requests",
 	}
 )
--- a/server/db/models/sms_verification_requests.go
+++ b/server/db/models/sms_verification_requests.go
@@ -0,0 +1,11 @@
+package models
+
+// SMS verification requests model for database
+type SMSVerificationRequest struct {
+	ID            string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id" cql:"id" dynamo:"id,hash"`
+	PhoneNumber   string `gorm:"unique" json:"phone_number" bson:"phone_number" cql:"phone_number" dynamo:"phone_number" index:"phone_number,hash"`
+	Code          string `json:"code" bson:"code" cql:"code" dynamo:"code"`
+	CodeExpiresAt int64  `json:"code_expires_at" bson:"code_expires_at" cql:"code_expires_at" dynamo:"code_expires_at"`
+	CreatedAt     int64  `json:"created_at" bson:"created_at" cql:"created_at" dynamo:"created_at"`
+	UpdatedAt     int64  `json:"updated_at" bson:"updated_at" cql:"updated_at" dynamo:"updated_at"`
+}
--- a/server/db/providers/arangodb/sms_verification_requests.go
+++ b/server/db/providers/arangodb/sms_verification_requests.go
@@ -0,0 +1,22 @@
+package arangodb
+
+import (
+	"context"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+)
+
+// UpsertSMSRequest adds/updates SMS verification request
+func (p *provider) UpsertSMSRequest(ctx context.Context, smsRequest *models.SMSVerificationRequest) (*models.SMSVerificationRequest, error) {
+	return nil, nil
+}
+
+// GetCodeByPhone to get code for a given phone number
+func (p *provider) GetCodeByPhone(ctx context.Context, phoneNumber string) (*models.SMSVerificationRequest, error) {
+	return nil, nil
+}
+
+// DeleteSMSRequest to delete SMS verification request
+func (p *provider) DeleteSMSRequest(ctx context.Context, smsRequest *models.SMSVerificationRequest) error {
+	return nil
+}
--- a/server/db/providers/cassandradb/sms_verification_requests.go
+++ b/server/db/providers/cassandradb/sms_verification_requests.go
@@ -0,0 +1,22 @@
+package cassandradb
+
+import (
+	"context"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+)
+
+// UpsertSMSRequest adds/updates SMS verification request
+func (p *provider) UpsertSMSRequest(ctx context.Context, smsRequest *models.SMSVerificationRequest) (*models.SMSVerificationRequest, error) {
+	return nil, nil
+}
+
+// GetCodeByPhone to get code for a given phone number
+func (p *provider) GetCodeByPhone(ctx context.Context, phoneNumber string) (*models.SMSVerificationRequest, error) {
+	return nil, nil
+}
+
+// DeleteSMSRequest to delete SMS verification request
+func (p *provider) DeleteSMSRequest(ctx context.Context, smsRequest *models.SMSVerificationRequest) error {
+	return nil
+}
--- a/server/db/providers/couchbase/sms_verification_requests.go
+++ b/server/db/providers/couchbase/sms_verification_requests.go
@@ -0,0 +1,22 @@
+package couchbase
+
+import (
+	"context"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+)
+
+// UpsertSMSRequest adds/updates SMS verification request
+func (p *provider) UpsertSMSRequest(ctx context.Context, smsRequest *models.SMSVerificationRequest) (*models.SMSVerificationRequest, error) {
+	return nil, nil
+}
+
+// GetCodeByPhone to get code for a given phone number
+func (p *provider) GetCodeByPhone(ctx context.Context, phoneNumber string) (*models.SMSVerificationRequest, error) {
+	return nil, nil
+}
+
+// DeleteSMSRequest to delete SMS verification request
+func (p *provider) DeleteSMSRequest(ctx context.Context, smsRequest *models.SMSVerificationRequest) error {
+	return nil
+}
--- a/server/db/providers/dynamodb/sms_verification_requests.go
+++ b/server/db/providers/dynamodb/sms_verification_requests.go
@@ -0,0 +1,22 @@
+package dynamodb
+
+import (
+	"context"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+)
+
+// UpsertSMSRequest adds/updates SMS verification request
+func (p *provider) UpsertSMSRequest(ctx context.Context, smsRequest *models.SMSVerificationRequest) (*models.SMSVerificationRequest, error) {
+	return nil, nil
+}
+
+// GetCodeByPhone to get code for a given phone number
+func (p *provider) GetCodeByPhone(ctx context.Context, phoneNumber string) (*models.SMSVerificationRequest, error) {
+	return nil, nil
+}
+
+// DeleteSMSRequest to delete SMS verification request
+func (p *provider) DeleteSMSRequest(ctx context.Context, smsRequest *models.SMSVerificationRequest) error {
+	return nil
+}
--- a/server/db/providers/mongodb/provider.go
+++ b/server/db/providers/mongodb/provider.go
@@ -119,6 +119,15 @@ func NewProvider() (*provider, error) {
 		},
 	}, options.CreateIndexes())

+	mongodb.CreateCollection(ctx, models.Collections.SMSVerificationRequest, options.CreateCollection())
+	smsCollection := mongodb.Collection(models.Collections.SMSVerificationRequest, options.Collection())
+	smsCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{
+		{
+			Keys:    bson.M{"phone_number": 1},
+			Options: options.Index().SetUnique(true).SetSparse(true),
+		},
+	}, options.CreateIndexes())
+
 	return &provider{
 		db: mongodb,
 	}, nil
--- a/server/db/providers/mongodb/sms_verification_requests.go
+++ b/server/db/providers/mongodb/sms_verification_requests.go
@@ -0,0 +1,69 @@
+package mongodb
+
+import (
+	"context"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/google/uuid"
+	"go.mongodb.org/mongo-driver/bson"
+	"go.mongodb.org/mongo-driver/mongo/options"
+)
+
+// UpsertSMSRequest adds/updates SMS verification request
+func (p *provider) UpsertSMSRequest(ctx context.Context, smsRequest *models.SMSVerificationRequest) (*models.SMSVerificationRequest, error) {
+	smsVerificationRequest, err := p.GetCodeByPhone(ctx, smsRequest.PhoneNumber)
+	if err != nil {
+		return nil, err
+	}
+	// Boolean to check if we should create a new record or update the existing one
+	shouldCreate := false
+	if smsVerificationRequest == nil {
+		id := uuid.NewString()
+		smsVerificationRequest = &models.SMSVerificationRequest{
+			ID:            id,
+			CreatedAt:     time.Now().Unix(),
+			Code:          smsRequest.Code,
+			PhoneNumber:   smsRequest.PhoneNumber,
+			CodeExpiresAt: smsRequest.CodeExpiresAt,
+		}
+		shouldCreate = true
+	}
+
+	smsVerificationRequest.UpdatedAt = time.Now().Unix()
+	smsRequestCollection := p.db.Collection(models.Collections.SMSVerificationRequest, options.Collection())
+	if shouldCreate {
+		_, err = smsRequestCollection.InsertOne(ctx, smsVerificationRequest)
+	} else {
+		_, err = smsRequestCollection.UpdateOne(ctx, bson.M{"phone_number": bson.M{"$eq": smsRequest.PhoneNumber}}, bson.M{"$set": smsVerificationRequest}, options.MergeUpdateOptions())
+	}
+	if err != nil {
+		return nil, err
+	}
+	return smsVerificationRequest, nil
+}
+
+// GetCodeByPhone to get code for a given phone number
+func (p *provider) GetCodeByPhone(ctx context.Context, phoneNumber string) (*models.SMSVerificationRequest, error) {
+	var smsVerificationRequest models.SMSVerificationRequest
+
+	smsRequestCollection := p.db.Collection(models.Collections.SMSVerificationRequest, options.Collection())
+	err := smsRequestCollection.FindOne(ctx, bson.M{"phone_number": phoneNumber}).Decode(&smsVerificationRequest)
+
+	if err != nil {
+		return nil, err
+	}
+
+	return &smsVerificationRequest, nil
+}
+
+// DeleteSMSRequest to delete SMS verification request
+func (p *provider) DeleteSMSRequest(ctx context.Context, smsRequest *models.SMSVerificationRequest) error {
+	smsVerificationRequests := p.db.Collection(models.Collections.SMSVerificationRequest, options.Collection())
+	_, err := smsVerificationRequests.DeleteOne(nil, bson.M{"_id": smsRequest.ID}, options.Delete())
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
--- a/server/db/providers/provider_template/sms_verification_requests.go
+++ b/server/db/providers/provider_template/sms_verification_requests.go
@@ -0,0 +1,22 @@
+package provider_template
+
+import (
+	"context"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+)
+
+// UpsertSMSRequest adds/updates SMS verification request
+func (p *provider) UpsertSMSRequest(ctx context.Context, smsRequest *models.SMSVerificationRequest) (*models.SMSVerificationRequest, error) {
+	return nil, nil
+}
+
+// GetCodeByPhone to get code for a given phone number
+func (p *provider) GetCodeByPhone(ctx context.Context, phoneNumber string) (*models.SMSVerificationRequest, error) {
+	return nil, nil
+}
+
+// DeleteSMSRequest to delete SMS verification request
+func (p *provider) DeleteSMSRequest(ctx context.Context, smsRequest *models.SMSVerificationRequest) error {
+	return nil
+}
--- a/server/db/providers/providers.go
+++ b/server/db/providers/providers.go
@@ -84,4 +84,11 @@ type Provider interface {
 	GetOTPByEmail(ctx context.Context, emailAddress string) (*models.OTP, error)
 	// DeleteOTP to delete otp
 	DeleteOTP(ctx context.Context, otp *models.OTP) error
+
+	// UpsertSMSRequest adds/updates SMS verification request
+	UpsertSMSRequest(ctx context.Context, smsRequest *models.SMSVerificationRequest) (*models.SMSVerificationRequest, error)
+	// GetCodeByPhone to get code for a given phone number
+	GetCodeByPhone(ctx context.Context, phoneNumber string) (*models.SMSVerificationRequest, error)
+	// DeleteSMSRequest to delete SMS verification request
+	DeleteSMSRequest(ctx context.Context, smsRequest *models.SMSVerificationRequest) error
 }
--- a/server/db/providers/sql/provider.go
+++ b/server/db/providers/sql/provider.go
@@ -77,7 +77,7 @@ func NewProvider() (*provider, error) {
 		logrus.Debug("Failed to drop phone number constraint:", err)
 	}

-	err = sqlDB.AutoMigrate(&models.User{}, &models.VerificationRequest{}, &models.Session{}, &models.Env{}, &models.Webhook{}, models.WebhookLog{}, models.EmailTemplate{}, &models.OTP{})
+	err = sqlDB.AutoMigrate(&models.User{}, &models.VerificationRequest{}, &models.Session{}, &models.Env{}, &models.Webhook{}, models.WebhookLog{}, models.EmailTemplate{}, &models.OTP{}, &models.SMSVerificationRequest{})
 	if err != nil {
 		return nil, err
 	}
--- a/server/db/providers/sql/sms_verification_requests.go
+++ b/server/db/providers/sql/sms_verification_requests.go
@@ -0,0 +1,49 @@
+package sql
+
+import (
+	"context"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+	"github.com/google/uuid"
+	"gorm.io/gorm/clause"
+)
+
+// UpsertSMSRequest adds/updates SMS verification request
+func (p *provider) UpsertSMSRequest(ctx context.Context, smsRequest *models.SMSVerificationRequest) (*models.SMSVerificationRequest, error) {
+	if smsRequest.ID == "" {
+		smsRequest.ID = uuid.New().String()
+	}
+	smsRequest.CreatedAt = time.Now().Unix()
+	smsRequest.UpdatedAt = time.Now().Unix()
+	res := p.db.Clauses(clause.OnConflict{
+		Columns:   []clause.Column{{Name: "phone_number"}},
+		DoUpdates: clause.AssignmentColumns([]string{"code", "code_expires_at", "updated_at"}),
+	}).Create(smsRequest)
+	if res.Error != nil {
+		return nil, res.Error
+	}
+	return smsRequest, nil
+}
+
+// GetCodeByPhone to get code for a given phone number
+func (p *provider) GetCodeByPhone(ctx context.Context, phoneNumber string) (*models.SMSVerificationRequest, error) {
+	var sms_verification_request models.SMSVerificationRequest
+
+	result := p.db.Where("phone_number = ?", phoneNumber).First(&sms_verification_request)
+	if result.Error != nil {
+		return nil, result.Error
+	}
+	return &sms_verification_request, nil
+}
+
+// DeleteSMSRequest to delete SMS verification request
+func (p *provider) DeleteSMSRequest(ctx context.Context, smsRequest *models.SMSVerificationRequest) error {
+	result := p.db.Delete(&models.SMSVerificationRequest{
+		ID: smsRequest.ID,
+	})
+	if result.Error != nil {
+		return result.Error
+	}
+	return nil
+}
--- a/server/env/env.go
+++ b/server/env/env.go
@@ -111,6 +111,15 @@ func InitAllEnv() error {
 	osDefaultRoles := os.Getenv(constants.EnvKeyDefaultRoles)
 	osProtectedRoles := os.Getenv(constants.EnvKeyProtectedRoles)

+	// phone verification var
+	osDisablePhoneVerification := os.Getenv(constants.EnvKeyDisablePhoneVerification)
+
+	// twilio vars
+	osTwilioApiKey := os.Getenv(constants.EnvKeyTwilioAPIKey)
+	osTwilioApiSecret := os.Getenv(constants.EnvKeyTwilioAPISecret)
+	osTwilioAccountSid := os.Getenv(constants.EnvKeyTwilioAccountSID)
+	osTwilioSenderFrom := os.Getenv(constants.EnvKeyTwilioSenderFrom)
+
 	ienv, ok := envData[constants.EnvKeyEnv]
 	if !ok || ienv == "" {
 		envData[constants.EnvKeyEnv] = osEnv
@@ -136,6 +145,7 @@ func InitAllEnv() error {
 	if val, ok := envData[constants.EnvAwsRegion]; !ok || val == "" {
 		envData[constants.EnvAwsRegion] = osAwsRegion
 	}
+	
 	if osAwsRegion != "" && envData[constants.EnvAwsRegion] != osAwsRegion {
 		envData[constants.EnvAwsRegion] = osAwsRegion
 	}
@@ -591,7 +601,7 @@ func InitAllEnv() error {
 		if err != nil {
 			return err
 		}
-		if boolValue != envData[constants.EnvKeyDisableMagicLinkLogin].(bool) {
+		if boolValue != envData[constants.EnvKeyDisableMagicLinkLogin] {
 			envData[constants.EnvKeyDisableMagicLinkLogin] = boolValue
 		}
 	}
@@ -767,6 +777,37 @@ func InitAllEnv() error {
 		envData[constants.EnvKeyDefaultAuthorizeResponseMode] = osAuthorizeResponseMode
 	}

+	if osTwilioApiSecret != "" && envData[constants.EnvKeyTwilioAPISecret] != osTwilioApiSecret {
+		envData[constants.EnvKeyTwilioAPISecret] = osTwilioApiSecret
+	}
+
+	if osTwilioApiKey != "" && envData[constants.EnvKeyTwilioAPIKey] != osTwilioApiKey {
+		envData[constants.EnvKeyTwilioAPIKey] = osTwilioApiKey
+	}
+
+	if osTwilioAccountSid != "" && envData[constants.EnvKeyTwilioAccountSID] != osTwilioAccountSid {
+		envData[constants.EnvKeyTwilioAccountSID] = osTwilioAccountSid
+	}
+
+    if osTwilioSenderFrom != "" && envData[constants.EnvKeyTwilioSenderFrom] != osTwilioSenderFrom {
+		envData[constants.EnvKeyTwilioSenderFrom] = osTwilioSenderFrom
+	}
+
+	if _, ok := envData[constants.EnvKeyDisablePhoneVerification]; !ok {
+		envData[constants.EnvKeyDisablePhoneVerification] = osDisablePhoneVerification == "false"
+	}
+	
+	if osDisablePhoneVerification != "" {
+		boolValue, err := strconv.ParseBool(osDisablePhoneVerification)
+		
+		if err != nil {
+			return err
+		}
+		if boolValue != envData[constants.EnvKeyDisablePhoneVerification] {
+			envData[constants.EnvKeyDisablePhoneVerification] = boolValue
+		}
+	}
+
 	err = memorystore.Provider.UpdateEnvStore(envData)
 	if err != nil {
 		log.Debug("Error while updating env store: ", err)
--- a/server/env/persist_env.go
+++ b/server/env/persist_env.go
@@ -200,7 +200,7 @@ func PersistEnv() error {
 				envValue := strings.TrimSpace(os.Getenv(key))
 				if envValue != "" {
 					switch key {
-					case constants.EnvKeyIsProd, constants.EnvKeyDisableBasicAuthentication, constants.EnvKeyDisableMobileBasicAuthentication, constants.EnvKeyDisableEmailVerification, constants.EnvKeyDisableLoginPage, constants.EnvKeyDisableMagicLinkLogin, constants.EnvKeyDisableSignUp, constants.EnvKeyDisableRedisForEnv, constants.EnvKeyDisableStrongPassword, constants.EnvKeyIsEmailServiceEnabled, constants.EnvKeyEnforceMultiFactorAuthentication, constants.EnvKeyDisableMultiFactorAuthentication, constants.EnvKeyAdminCookieSecure, constants.EnvKeyAppCookieSecure:
+					case constants.EnvKeyIsProd, constants.EnvKeyDisableBasicAuthentication, constants.EnvKeyDisableMobileBasicAuthentication, constants.EnvKeyDisableEmailVerification, constants.EnvKeyDisableLoginPage, constants.EnvKeyDisableMagicLinkLogin, constants.EnvKeyDisableSignUp, constants.EnvKeyDisableRedisForEnv, constants.EnvKeyDisableStrongPassword, constants.EnvKeyIsEmailServiceEnabled, constants.EnvKeyEnforceMultiFactorAuthentication, constants.EnvKeyDisableMultiFactorAuthentication, constants.EnvKeyAdminCookieSecure, constants.EnvKeyAppCookieSecure, constants.EnvKeyDisablePhoneVerification:
 						if envValueBool, err := strconv.ParseBool(envValue); err == nil {
 							if value.(bool) != envValueBool {
 								storeData[key] = envValueBool
--- a/server/go.mod
+++ b/server/go.mod
@@ -25,6 +25,7 @@ require (
 	github.com/robertkrimen/otto v0.0.0-20211024170158-b87d35c0b86f
 	github.com/sirupsen/logrus v1.8.1
 	github.com/stretchr/testify v1.8.0
+	github.com/twilio/twilio-go v1.7.2
 	github.com/vektah/gqlparser/v2 v2.5.1
 	go.mongodb.org/mongo-driver v1.8.1
 	golang.org/x/crypto v0.4.0
--- a/server/go.sum
+++ b/server/go.sum
@@ -54,6 +54,7 @@ github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0/go.mod h1:t2tdK
 github.com/aws/aws-sdk-go v1.42.47/go.mod h1:OGr6lGMAKGlG9CVrYnWYDKIyb829c6EVBRjxqjmPepc=
 github.com/aws/aws-sdk-go v1.44.109 h1:+Na5JPeS0kiEHoBp5Umcuuf+IDqXqD0lXnM920E31YI=
 github.com/aws/aws-sdk-go v1.44.109/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
+github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A=
 github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932 h1:mXoPYz/Ul5HYEDvkta6I8/rnYM5gSdSV2tJ6XbZuEtY=
 github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932/go.mod h1:NOuUCSz6Q9T7+igc/hlvDOUdtWKryOrtFyIVABv/p7k=
 github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 h1:DDGfHa7BWjL4YnC6+E63dPcxHo2sUxDIu8g3QgEJdRY=
@@ -151,6 +152,8 @@ github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt
 github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
 github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
 github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
+github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc=
+github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
@@ -251,6 +254,8 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
 github.com/leodido/go-urn v1.2.1 h1:BqpAaACuzVSgi/VLzGZIobT2z4v53pjosyNd9Yv6n/w=
 github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY=
+github.com/localtunnel/go-localtunnel v0.0.0-20170326223115-8a804488f275 h1:IZycmTpoUtQK3PD60UYBwjaCUHUP7cML494ao9/O8+Q=
+github.com/localtunnel/go-localtunnel v0.0.0-20170326223115-8a804488f275/go.mod h1:zt6UU74K6Z6oMOYJbJzYpYucqdcQwSMPBEdSvGiaUMw=
 github.com/logrusorgru/aurora/v3 v3.0.0/go.mod h1:vsR12bk5grlLvLXAYrBsb5Oc/N+LxAlxggSjiwMnCUc=
 github.com/matryer/moq v0.2.7/go.mod h1:kITsx543GOENm48TUAQyJ9+SAvFSr7iGQXPoth/VUBk=
 github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
@@ -271,6 +276,7 @@ github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjY
 github.com/modocache/gover v0.0.0-20171022184752-b58185e213c5/go.mod h1:caMODM3PzxT8aQXRPkAt8xlV/e7d7w8GM5g0fa5F0D8=
 github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc=
 github.com/montanaflynn/stats v0.6.6/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow=
+github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
 github.com/pelletier/go-toml/v2 v2.0.1/go.mod h1:r9LEWfGN8R5k0VXJ+0BkIe7MYkRdwZOjgMj2KwnJFUo=
 github.com/pelletier/go-toml/v2 v2.0.5 h1:ipoSadvV8oGUjnUbMub59IDPPwfxF694nG/jwbMiyQg=
 github.com/pelletier/go-toml/v2 v2.0.5/go.mod h1:OMHamSCAODeSsVrwwvcJOaoN0LIUIaFVNZzmWyNfXas=
@@ -316,6 +322,8 @@ github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PK
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4=
 github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
+github.com/twilio/twilio-go v1.7.2 h1:tX38DXbSuDWWIK+tKAE2AJSMR6d8i7lf9ksY8J29VLE=
+github.com/twilio/twilio-go v1.7.2/go.mod h1:tdnfQ5TjbewoAu4lf9bMsGvfuJ/QU9gYuv9yx3TSIXU=
 github.com/ugorji/go v1.2.7 h1:qYhyWUUd6WbiM+C6JZAUkIJt/1WrjzNHY9+KCIjVqTo=
 github.com/ugorji/go v1.2.7/go.mod h1:nF9osbDWLy6bDVv/Rtoh6QgnvNDpmCalQV5urGCCS6M=
 github.com/ugorji/go/codec v1.2.7 h1:YPXUKf7fYbp/y8xloBqZOw2qaVggbfwMlI8WM3wZUJ0=
@@ -338,6 +346,7 @@ github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 go.mongodb.org/mongo-driver v1.8.1 h1:OZE4Wni/SJlrcmSIBRYNzunX5TKxjrTS4jKSnA99oKU=
@@ -392,6 +401,7 @@ golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzB
 golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
 golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 h1:6zppjxzCulZykYSLyVDYbneBfbaBIQPYMevg0bEwv2s=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
@@ -425,6 +435,7 @@ golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81R
 golang.org/x/net v0.0.0-20201010224723-4f7140c49acb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20211216030914-fe4d6282115f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
@@ -483,7 +494,9 @@ golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -558,6 +571,7 @@ golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc
 golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
 golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
 golang.org/x/tools v0.0.0-20201124115921-2c860bdd6e78/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E=
 golang.org/x/tools v0.1.12 h1:VveCTK38A2rkS8ZqFY25HIDFscX5X9OoEhJd3quQmXU=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
@@ -651,6 +665,7 @@ gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc/go.mod
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
 gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
--- a/server/graph/generated/generated.go
+++ b/server/graph/generated/generated.go
@@ -198,6 +198,7 @@ type ComplexityRoot struct {
 		UpdateUser          func(childComplexity int, params model.UpdateUserInput) int
 		UpdateWebhook       func(childComplexity int, params model.UpdateWebhookRequest) int
 		VerifyEmail         func(childComplexity int, params model.VerifyEmailInput) int
+		VerifyMobile        func(childComplexity int, params model.VerifyMobileRequest) int
 		VerifyOtp           func(childComplexity int, params model.VerifyOTPRequest) int
 	}

@@ -218,6 +219,7 @@ type ComplexityRoot struct {
 		User                 func(childComplexity int, params model.GetUserRequest) int
 		Users                func(childComplexity int, params *model.PaginatedInput) int
 		ValidateJwtToken     func(childComplexity int, params model.ValidateJWTTokenInput) int
+		ValidateSession      func(childComplexity int, params *model.ValidateSessionInput) int
 		VerificationRequests func(childComplexity int, params *model.PaginatedInput) int
 		Webhook              func(childComplexity int, params model.WebhookRequest) int
 		WebhookLogs          func(childComplexity int, params *model.ListWebhookLogRequest) int
@@ -228,6 +230,15 @@ type ComplexityRoot struct {
 		Message func(childComplexity int) int
 	}

+	SMSVerificationRequests struct {
+		Code          func(childComplexity int) int
+		CodeExpiresAt func(childComplexity int) int
+		CreatedAt     func(childComplexity int) int
+		ID            func(childComplexity int) int
+		PhoneNumber   func(childComplexity int) int
+		UpdatedAt     func(childComplexity int) int
+	}
+
 	TestEndpointResponse struct {
 		HTTPStatus func(childComplexity int) int
 		Response   func(childComplexity int) int
@@ -265,6 +276,10 @@ type ComplexityRoot struct {
 		IsValid func(childComplexity int) int
 	}

+	ValidateSessionResponse struct {
+		IsValid func(childComplexity int) int
+	}
+
 	VerificationRequest struct {
 		CreatedAt   func(childComplexity int) int
 		Email       func(childComplexity int) int
@@ -329,6 +344,7 @@ type MutationResolver interface {
 	Revoke(ctx context.Context, params model.OAuthRevokeInput) (*model.Response, error)
 	VerifyOtp(ctx context.Context, params model.VerifyOTPRequest) (*model.AuthResponse, error)
 	ResendOtp(ctx context.Context, params model.ResendOTPRequest) (*model.Response, error)
+	VerifyMobile(ctx context.Context, params model.VerifyMobileRequest) (*model.AuthResponse, error)
 	DeleteUser(ctx context.Context, params model.DeleteUserInput) (*model.Response, error)
 	UpdateUser(ctx context.Context, params model.UpdateUserInput) (*model.User, error)
 	AdminSignup(ctx context.Context, params model.AdminSignupInput) (*model.Response, error)
@@ -352,6 +368,7 @@ type QueryResolver interface {
 	Session(ctx context.Context, params *model.SessionQueryInput) (*model.AuthResponse, error)
 	Profile(ctx context.Context) (*model.User, error)
 	ValidateJwtToken(ctx context.Context, params model.ValidateJWTTokenInput) (*model.ValidateJWTTokenResponse, error)
+	ValidateSession(ctx context.Context, params *model.ValidateSessionInput) (*model.ValidateSessionResponse, error)
 	Users(ctx context.Context, params *model.PaginatedInput) (*model.Users, error)
 	User(ctx context.Context, params model.GetUserRequest) (*model.User, error)
 	VerificationRequests(ctx context.Context, params *model.PaginatedInput) (*model.VerificationRequests, error)
@@ -1421,6 +1438,18 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in

 		return e.complexity.Mutation.VerifyEmail(childComplexity, args["params"].(model.VerifyEmailInput)), true

+	case "Mutation.verify_mobile":
+		if e.complexity.Mutation.VerifyMobile == nil {
+			break
+		}
+
+		args, err := ec.field_Mutation_verify_mobile_args(context.TODO(), rawArgs)
+		if err != nil {
+			return 0, false
+		}
+
+		return e.complexity.Mutation.VerifyMobile(childComplexity, args["params"].(model.VerifyMobileRequest)), true
+
 	case "Mutation.verify_otp":
 		if e.complexity.Mutation.VerifyOtp == nil {
 			break
@@ -1549,6 +1578,18 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in

 		return e.complexity.Query.ValidateJwtToken(childComplexity, args["params"].(model.ValidateJWTTokenInput)), true

+	case "Query.validate_session":
+		if e.complexity.Query.ValidateSession == nil {
+			break
+		}
+
+		args, err := ec.field_Query_validate_session_args(context.TODO(), rawArgs)
+		if err != nil {
+			return 0, false
+		}
+
+		return e.complexity.Query.ValidateSession(childComplexity, args["params"].(*model.ValidateSessionInput)), true
+
 	case "Query._verification_requests":
 		if e.complexity.Query.VerificationRequests == nil {
 			break
@@ -1604,6 +1645,48 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in

 		return e.complexity.Response.Message(childComplexity), true

+	case "SMSVerificationRequests.code":
+		if e.complexity.SMSVerificationRequests.Code == nil {
+			break
+		}
+
+		return e.complexity.SMSVerificationRequests.Code(childComplexity), true
+
+	case "SMSVerificationRequests.code_expires_at":
+		if e.complexity.SMSVerificationRequests.CodeExpiresAt == nil {
+			break
+		}
+
+		return e.complexity.SMSVerificationRequests.CodeExpiresAt(childComplexity), true
+
+	case "SMSVerificationRequests.created_at":
+		if e.complexity.SMSVerificationRequests.CreatedAt == nil {
+			break
+		}
+
+		return e.complexity.SMSVerificationRequests.CreatedAt(childComplexity), true
+
+	case "SMSVerificationRequests.id":
+		if e.complexity.SMSVerificationRequests.ID == nil {
+			break
+		}
+
+		return e.complexity.SMSVerificationRequests.ID(childComplexity), true
+
+	case "SMSVerificationRequests.phone_number":
+		if e.complexity.SMSVerificationRequests.PhoneNumber == nil {
+			break
+		}
+
+		return e.complexity.SMSVerificationRequests.PhoneNumber(childComplexity), true
+
+	case "SMSVerificationRequests.updated_at":
+		if e.complexity.SMSVerificationRequests.UpdatedAt == nil {
+			break
+		}
+
+		return e.complexity.SMSVerificationRequests.UpdatedAt(childComplexity), true
+
 	case "TestEndpointResponse.http_status":
 		if e.complexity.TestEndpointResponse.HTTPStatus == nil {
 			break
@@ -1779,6 +1862,13 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in

 		return e.complexity.ValidateJWTTokenResponse.IsValid(childComplexity), true

+	case "ValidateSessionResponse.is_valid":
+		if e.complexity.ValidateSessionResponse.IsValid == nil {
+			break
+		}
+
+		return e.complexity.ValidateSessionResponse.IsValid(childComplexity), true
+
 	case "VerificationRequest.created_at":
 		if e.complexity.VerificationRequest.CreatedAt == nil {
 			break
@@ -2028,7 +2118,9 @@ func (e *executableSchema) Exec(ctx context.Context) graphql.ResponseHandler {
 		ec.unmarshalInputUpdateUserInput,
 		ec.unmarshalInputUpdateWebhookRequest,
 		ec.unmarshalInputValidateJWTTokenInput,
+		ec.unmarshalInputValidateSessionInput,
 		ec.unmarshalInputVerifyEmailInput,
+		ec.unmarshalInputVerifyMobileRequest,
 		ec.unmarshalInputVerifyOTPRequest,
 		ec.unmarshalInputWebhookRequest,
 	)
@@ -2168,6 +2260,20 @@ type VerificationRequests {
  verification_requests: [VerificationRequest!]!
 }

+type SMSVerificationRequests {
+  id: ID!
+  code: String!
+  code_expires_at: Int64!
+  phone_number: String!
+  created_at: Int64!
+  updated_at: Int64
+}
+
+input VerifyMobileRequest {
+  phone_number: String!
+  code: String!
+}
+
 type Error {
  message: String!
  reason: String!
@@ -2261,6 +2367,10 @@ type ValidateJWTTokenResponse {
  claims: Map
 }

+type ValidateSessionResponse {
+  is_valid: Boolean!
+}
+
 type GenerateJWTKeysResponse {
  secret: String
  public_key: String
@@ -2553,6 +2663,11 @@ input ValidateJWTTokenInput {
  roles: [String!]
 }

+input ValidateSessionInput {
+  cookie: String!
+  roles: [String!]
+}
+
 input GenerateJWTKeysInput {
  type: String!
 }
@@ -2649,6 +2764,7 @@ type Mutation {
  revoke(params: OAuthRevokeInput!): Response!
  verify_otp(params: VerifyOTPRequest!): AuthResponse!
  resend_otp(params: ResendOTPRequest!): Response!
+  verify_mobile(params: VerifyMobileRequest!): AuthResponse!
  # admin only apis
  _delete_user(params: DeleteUserInput!): Response!
  _update_user(params: UpdateUserInput!): User!
@@ -2674,6 +2790,7 @@ type Query {
  session(params: SessionQueryInput): AuthResponse!
  profile: User!
  validate_jwt_token(params: ValidateJWTTokenInput!): ValidateJWTTokenResponse!
+  validate_session(params: ValidateSessionInput): ValidateSessionResponse!
  # admin only apis
  _users(params: PaginatedInput): Users!
  _user(params: GetUserRequest!): User!
@@ -3113,6 +3230,21 @@ func (ec *executionContext) field_Mutation_verify_email_args(ctx context.Context
 	return args, nil
 }

+func (ec *executionContext) field_Mutation_verify_mobile_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) {
+	var err error
+	args := map[string]interface{}{}
+	var arg0 model.VerifyMobileRequest
+	if tmp, ok := rawArgs["params"]; ok {
+		ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("params"))
+		arg0, err = ec.unmarshalNVerifyMobileRequest2githubᚗcomᚋauthorizerdevᚋauthorizerᚋserverᚋgraphᚋmodelᚐVerifyMobileRequest(ctx, tmp)
+		if err != nil {
+			return nil, err
+		}
+	}
+	args["params"] = arg0
+	return args, nil
+}
+
 func (ec *executionContext) field_Mutation_verify_otp_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) {
 	var err error
 	args := map[string]interface{}{}
@@ -3278,6 +3410,21 @@ func (ec *executionContext) field_Query_validate_jwt_token_args(ctx context.Cont
 	return args, nil
 }

+func (ec *executionContext) field_Query_validate_session_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) {
+	var err error
+	args := map[string]interface{}{}
+	var arg0 *model.ValidateSessionInput
+	if tmp, ok := rawArgs["params"]; ok {
+		ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("params"))
+		arg0, err = ec.unmarshalOValidateSessionInput2ᚖgithubᚗcomᚋauthorizerdevᚋauthorizerᚋserverᚋgraphᚋmodelᚐValidateSessionInput(ctx, tmp)
+		if err != nil {
+			return nil, err
+		}
+	}
+	args["params"] = arg0
+	return args, nil
+}
+
 func (ec *executionContext) field___Type_enumValues_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) {
 	var err error
 	args := map[string]interface{}{}
@@ -8488,6 +8635,77 @@ func (ec *executionContext) fieldContext_Mutation_resend_otp(ctx context.Context
 	return fc, nil
 }

+func (ec *executionContext) _Mutation_verify_mobile(ctx context.Context, field graphql.CollectedField) (ret graphql.Marshaler) {
+	fc, err := ec.fieldContext_Mutation_verify_mobile(ctx, field)
+	if err != nil {
+		return graphql.Null
+	}
+	ctx = graphql.WithFieldContext(ctx, fc)
+	defer func() {
+		if r := recover(); r != nil {
+			ec.Error(ctx, ec.Recover(ctx, r))
+			ret = graphql.Null
+		}
+	}()
+	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
+		ctx = rctx // use context from middleware stack in children
+		return ec.resolvers.Mutation().VerifyMobile(rctx, fc.Args["params"].(model.VerifyMobileRequest))
+	})
+	if err != nil {
+		ec.Error(ctx, err)
+		return graphql.Null
+	}
+	if resTmp == nil {
+		if !graphql.HasFieldError(ctx, fc) {
+			ec.Errorf(ctx, "must not be null")
+		}
+		return graphql.Null
+	}
+	res := resTmp.(*model.AuthResponse)
+	fc.Result = res
+	return ec.marshalNAuthResponse2ᚖgithubᚗcomᚋauthorizerdevᚋauthorizerᚋserverᚋgraphᚋmodelᚐAuthResponse(ctx, field.Selections, res)
+}
+
+func (ec *executionContext) fieldContext_Mutation_verify_mobile(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) {
+	fc = &graphql.FieldContext{
+		Object:     "Mutation",
+		Field:      field,
+		IsMethod:   true,
+		IsResolver: true,
+		Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) {
+			switch field.Name {
+			case "message":
+				return ec.fieldContext_AuthResponse_message(ctx, field)
+			case "should_show_otp_screen":
+				return ec.fieldContext_AuthResponse_should_show_otp_screen(ctx, field)
+			case "access_token":
+				return ec.fieldContext_AuthResponse_access_token(ctx, field)
+			case "id_token":
+				return ec.fieldContext_AuthResponse_id_token(ctx, field)
+			case "refresh_token":
+				return ec.fieldContext_AuthResponse_refresh_token(ctx, field)
+			case "expires_in":
+				return ec.fieldContext_AuthResponse_expires_in(ctx, field)
+			case "user":
+				return ec.fieldContext_AuthResponse_user(ctx, field)
+			}
+			return nil, fmt.Errorf("no field named %q was found under type AuthResponse", field.Name)
+		},
+	}
+	defer func() {
+		if r := recover(); r != nil {
+			err = ec.Recover(ctx, r)
+			ec.Error(ctx, err)
+		}
+	}()
+	ctx = graphql.WithFieldContext(ctx, fc)
+	if fc.Args, err = ec.field_Mutation_verify_mobile_args(ctx, field.ArgumentMap(ec.Variables)); err != nil {
+		ec.Error(ctx, err)
+		return
+	}
+	return fc, nil
+}
+
 func (ec *executionContext) _Mutation__delete_user(ctx context.Context, field graphql.CollectedField) (ret graphql.Marshaler) {
 	fc, err := ec.fieldContext_Mutation__delete_user(ctx, field)
 	if err != nil {
@@ -9992,6 +10210,65 @@ func (ec *executionContext) fieldContext_Query_validate_jwt_token(ctx context.Co
 	return fc, nil
 }

+func (ec *executionContext) _Query_validate_session(ctx context.Context, field graphql.CollectedField) (ret graphql.Marshaler) {
+	fc, err := ec.fieldContext_Query_validate_session(ctx, field)
+	if err != nil {
+		return graphql.Null
+	}
+	ctx = graphql.WithFieldContext(ctx, fc)
+	defer func() {
+		if r := recover(); r != nil {
+			ec.Error(ctx, ec.Recover(ctx, r))
+			ret = graphql.Null
+		}
+	}()
+	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
+		ctx = rctx // use context from middleware stack in children
+		return ec.resolvers.Query().ValidateSession(rctx, fc.Args["params"].(*model.ValidateSessionInput))
+	})
+	if err != nil {
+		ec.Error(ctx, err)
+		return graphql.Null
+	}
+	if resTmp == nil {
+		if !graphql.HasFieldError(ctx, fc) {
+			ec.Errorf(ctx, "must not be null")
+		}
+		return graphql.Null
+	}
+	res := resTmp.(*model.ValidateSessionResponse)
+	fc.Result = res
+	return ec.marshalNValidateSessionResponse2ᚖgithubᚗcomᚋauthorizerdevᚋauthorizerᚋserverᚋgraphᚋmodelᚐValidateSessionResponse(ctx, field.Selections, res)
+}
+
+func (ec *executionContext) fieldContext_Query_validate_session(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) {
+	fc = &graphql.FieldContext{
+		Object:     "Query",
+		Field:      field,
+		IsMethod:   true,
+		IsResolver: true,
+		Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) {
+			switch field.Name {
+			case "is_valid":
+				return ec.fieldContext_ValidateSessionResponse_is_valid(ctx, field)
+			}
+			return nil, fmt.Errorf("no field named %q was found under type ValidateSessionResponse", field.Name)
+		},
+	}
+	defer func() {
+		if r := recover(); r != nil {
+			err = ec.Recover(ctx, r)
+			ec.Error(ctx, err)
+		}
+	}()
+	ctx = graphql.WithFieldContext(ctx, fc)
+	if fc.Args, err = ec.field_Query_validate_session_args(ctx, field.ArgumentMap(ec.Variables)); err != nil {
+		ec.Error(ctx, err)
+		return
+	}
+	return fc, nil
+}
+
 func (ec *executionContext) _Query__users(ctx context.Context, field graphql.CollectedField) (ret graphql.Marshaler) {
 	fc, err := ec.fieldContext_Query__users(ctx, field)
 	if err != nil {
@@ -10854,6 +11131,267 @@ func (ec *executionContext) fieldContext_Response_message(ctx context.Context, f
 	return fc, nil
 }

+func (ec *executionContext) _SMSVerificationRequests_id(ctx context.Context, field graphql.CollectedField, obj *model.SMSVerificationRequests) (ret graphql.Marshaler) {
+	fc, err := ec.fieldContext_SMSVerificationRequests_id(ctx, field)
+	if err != nil {
+		return graphql.Null
+	}
+	ctx = graphql.WithFieldContext(ctx, fc)
+	defer func() {
+		if r := recover(); r != nil {
+			ec.Error(ctx, ec.Recover(ctx, r))
+			ret = graphql.Null
+		}
+	}()
+	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
+		ctx = rctx // use context from middleware stack in children
+		return obj.ID, nil
+	})
+	if err != nil {
+		ec.Error(ctx, err)
+		return graphql.Null
+	}
+	if resTmp == nil {
+		if !graphql.HasFieldError(ctx, fc) {
+			ec.Errorf(ctx, "must not be null")
+		}
+		return graphql.Null
+	}
+	res := resTmp.(string)
+	fc.Result = res
+	return ec.marshalNID2string(ctx, field.Selections, res)
+}
+
+func (ec *executionContext) fieldContext_SMSVerificationRequests_id(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) {
+	fc = &graphql.FieldContext{
+		Object:     "SMSVerificationRequests",
+		Field:      field,
+		IsMethod:   false,
+		IsResolver: false,
+		Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) {
+			return nil, errors.New("field of type ID does not have child fields")
+		},
+	}
+	return fc, nil
+}
+
+func (ec *executionContext) _SMSVerificationRequests_code(ctx context.Context, field graphql.CollectedField, obj *model.SMSVerificationRequests) (ret graphql.Marshaler) {
+	fc, err := ec.fieldContext_SMSVerificationRequests_code(ctx, field)
+	if err != nil {
+		return graphql.Null
+	}
+	ctx = graphql.WithFieldContext(ctx, fc)
+	defer func() {
+		if r := recover(); r != nil {
+			ec.Error(ctx, ec.Recover(ctx, r))
+			ret = graphql.Null
+		}
+	}()
+	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
+		ctx = rctx // use context from middleware stack in children
+		return obj.Code, nil
+	})
+	if err != nil {
+		ec.Error(ctx, err)
+		return graphql.Null
+	}
+	if resTmp == nil {
+		if !graphql.HasFieldError(ctx, fc) {
+			ec.Errorf(ctx, "must not be null")
+		}
+		return graphql.Null
+	}
+	res := resTmp.(string)
+	fc.Result = res
+	return ec.marshalNString2string(ctx, field.Selections, res)
+}
+
+func (ec *executionContext) fieldContext_SMSVerificationRequests_code(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) {
+	fc = &graphql.FieldContext{
+		Object:     "SMSVerificationRequests",
+		Field:      field,
+		IsMethod:   false,
+		IsResolver: false,
+		Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) {
+			return nil, errors.New("field of type String does not have child fields")
+		},
+	}
+	return fc, nil
+}
+
+func (ec *executionContext) _SMSVerificationRequests_code_expires_at(ctx context.Context, field graphql.CollectedField, obj *model.SMSVerificationRequests) (ret graphql.Marshaler) {
+	fc, err := ec.fieldContext_SMSVerificationRequests_code_expires_at(ctx, field)
+	if err != nil {
+		return graphql.Null
+	}
+	ctx = graphql.WithFieldContext(ctx, fc)
+	defer func() {
+		if r := recover(); r != nil {
+			ec.Error(ctx, ec.Recover(ctx, r))
+			ret = graphql.Null
+		}
+	}()
+	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
+		ctx = rctx // use context from middleware stack in children
+		return obj.CodeExpiresAt, nil
+	})
+	if err != nil {
+		ec.Error(ctx, err)
+		return graphql.Null
+	}
+	if resTmp == nil {
+		if !graphql.HasFieldError(ctx, fc) {
+			ec.Errorf(ctx, "must not be null")
+		}
+		return graphql.Null
+	}
+	res := resTmp.(int64)
+	fc.Result = res
+	return ec.marshalNInt642int64(ctx, field.Selections, res)
+}
+
+func (ec *executionContext) fieldContext_SMSVerificationRequests_code_expires_at(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) {
+	fc = &graphql.FieldContext{
+		Object:     "SMSVerificationRequests",
+		Field:      field,
+		IsMethod:   false,
+		IsResolver: false,
+		Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) {
+			return nil, errors.New("field of type Int64 does not have child fields")
+		},
+	}
+	return fc, nil
+}
+
+func (ec *executionContext) _SMSVerificationRequests_phone_number(ctx context.Context, field graphql.CollectedField, obj *model.SMSVerificationRequests) (ret graphql.Marshaler) {
+	fc, err := ec.fieldContext_SMSVerificationRequests_phone_number(ctx, field)
+	if err != nil {
+		return graphql.Null
+	}
+	ctx = graphql.WithFieldContext(ctx, fc)
+	defer func() {
+		if r := recover(); r != nil {
+			ec.Error(ctx, ec.Recover(ctx, r))
+			ret = graphql.Null
+		}
+	}()
+	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
+		ctx = rctx // use context from middleware stack in children
+		return obj.PhoneNumber, nil
+	})
+	if err != nil {
+		ec.Error(ctx, err)
+		return graphql.Null
+	}
+	if resTmp == nil {
+		if !graphql.HasFieldError(ctx, fc) {
+			ec.Errorf(ctx, "must not be null")
+		}
+		return graphql.Null
+	}
+	res := resTmp.(string)
+	fc.Result = res
+	return ec.marshalNString2string(ctx, field.Selections, res)
+}
+
+func (ec *executionContext) fieldContext_SMSVerificationRequests_phone_number(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) {
+	fc = &graphql.FieldContext{
+		Object:     "SMSVerificationRequests",
+		Field:      field,
+		IsMethod:   false,
+		IsResolver: false,
+		Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) {
+			return nil, errors.New("field of type String does not have child fields")
+		},
+	}
+	return fc, nil
+}
+
+func (ec *executionContext) _SMSVerificationRequests_created_at(ctx context.Context, field graphql.CollectedField, obj *model.SMSVerificationRequests) (ret graphql.Marshaler) {
+	fc, err := ec.fieldContext_SMSVerificationRequests_created_at(ctx, field)
+	if err != nil {
+		return graphql.Null
+	}
+	ctx = graphql.WithFieldContext(ctx, fc)
+	defer func() {
+		if r := recover(); r != nil {
+			ec.Error(ctx, ec.Recover(ctx, r))
+			ret = graphql.Null
+		}
+	}()
+	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
+		ctx = rctx // use context from middleware stack in children
+		return obj.CreatedAt, nil
+	})
+	if err != nil {
+		ec.Error(ctx, err)
+		return graphql.Null
+	}
+	if resTmp == nil {
+		if !graphql.HasFieldError(ctx, fc) {
+			ec.Errorf(ctx, "must not be null")
+		}
+		return graphql.Null
+	}
+	res := resTmp.(int64)
+	fc.Result = res
+	return ec.marshalNInt642int64(ctx, field.Selections, res)
+}
+
+func (ec *executionContext) fieldContext_SMSVerificationRequests_created_at(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) {
+	fc = &graphql.FieldContext{
+		Object:     "SMSVerificationRequests",
+		Field:      field,
+		IsMethod:   false,
+		IsResolver: false,
+		Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) {
+			return nil, errors.New("field of type Int64 does not have child fields")
+		},
+	}
+	return fc, nil
+}
+
+func (ec *executionContext) _SMSVerificationRequests_updated_at(ctx context.Context, field graphql.CollectedField, obj *model.SMSVerificationRequests) (ret graphql.Marshaler) {
+	fc, err := ec.fieldContext_SMSVerificationRequests_updated_at(ctx, field)
+	if err != nil {
+		return graphql.Null
+	}
+	ctx = graphql.WithFieldContext(ctx, fc)
+	defer func() {
+		if r := recover(); r != nil {
+			ec.Error(ctx, ec.Recover(ctx, r))
+			ret = graphql.Null
+		}
+	}()
+	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
+		ctx = rctx // use context from middleware stack in children
+		return obj.UpdatedAt, nil
+	})
+	if err != nil {
+		ec.Error(ctx, err)
+		return graphql.Null
+	}
+	if resTmp == nil {
+		return graphql.Null
+	}
+	res := resTmp.(*int64)
+	fc.Result = res
+	return ec.marshalOInt642ᚖint64(ctx, field.Selections, res)
+}
+
+func (ec *executionContext) fieldContext_SMSVerificationRequests_updated_at(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) {
+	fc = &graphql.FieldContext{
+		Object:     "SMSVerificationRequests",
+		Field:      field,
+		IsMethod:   false,
+		IsResolver: false,
+		Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) {
+			return nil, errors.New("field of type Int64 does not have child fields")
+		},
+	}
+	return fc, nil
+}
+
 func (ec *executionContext) _TestEndpointResponse_http_status(ctx context.Context, field graphql.CollectedField, obj *model.TestEndpointResponse) (ret graphql.Marshaler) {
 	fc, err := ec.fieldContext_TestEndpointResponse_http_status(ctx, field)
 	if err != nil {
@@ -11953,6 +12491,50 @@ func (ec *executionContext) fieldContext_ValidateJWTTokenResponse_claims(ctx con
 	return fc, nil
 }

+func (ec *executionContext) _ValidateSessionResponse_is_valid(ctx context.Context, field graphql.CollectedField, obj *model.ValidateSessionResponse) (ret graphql.Marshaler) {
+	fc, err := ec.fieldContext_ValidateSessionResponse_is_valid(ctx, field)
+	if err != nil {
+		return graphql.Null
+	}
+	ctx = graphql.WithFieldContext(ctx, fc)
+	defer func() {
+		if r := recover(); r != nil {
+			ec.Error(ctx, ec.Recover(ctx, r))
+			ret = graphql.Null
+		}
+	}()
+	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
+		ctx = rctx // use context from middleware stack in children
+		return obj.IsValid, nil
+	})
+	if err != nil {
+		ec.Error(ctx, err)
+		return graphql.Null
+	}
+	if resTmp == nil {
+		if !graphql.HasFieldError(ctx, fc) {
+			ec.Errorf(ctx, "must not be null")
+		}
+		return graphql.Null
+	}
+	res := resTmp.(bool)
+	fc.Result = res
+	return ec.marshalNBoolean2bool(ctx, field.Selections, res)
+}
+
+func (ec *executionContext) fieldContext_ValidateSessionResponse_is_valid(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) {
+	fc = &graphql.FieldContext{
+		Object:     "ValidateSessionResponse",
+		Field:      field,
+		IsMethod:   false,
+		IsResolver: false,
+		Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) {
+			return nil, errors.New("field of type Boolean does not have child fields")
+		},
+	}
+	return fc, nil
+}
+
 func (ec *executionContext) _VerificationRequest_id(ctx context.Context, field graphql.CollectedField, obj *model.VerificationRequest) (ret graphql.Marshaler) {
 	fc, err := ec.fieldContext_VerificationRequest_id(ctx, field)
 	if err != nil {
@@ -17127,6 +17709,42 @@ func (ec *executionContext) unmarshalInputValidateJWTTokenInput(ctx context.Cont
 	return it, nil
 }

+func (ec *executionContext) unmarshalInputValidateSessionInput(ctx context.Context, obj interface{}) (model.ValidateSessionInput, error) {
+	var it model.ValidateSessionInput
+	asMap := map[string]interface{}{}
+	for k, v := range obj.(map[string]interface{}) {
+		asMap[k] = v
+	}
+
+	fieldsInOrder := [...]string{"cookie", "roles"}
+	for _, k := range fieldsInOrder {
+		v, ok := asMap[k]
+		if !ok {
+			continue
+		}
+		switch k {
+		case "cookie":
+			var err error
+
+			ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("cookie"))
+			it.Cookie, err = ec.unmarshalNString2string(ctx, v)
+			if err != nil {
+				return it, err
+			}
+		case "roles":
+			var err error
+
+			ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("roles"))
+			it.Roles, err = ec.unmarshalOString2ᚕstringᚄ(ctx, v)
+			if err != nil {
+				return it, err
+			}
+		}
+	}
+
+	return it, nil
+}
+
 func (ec *executionContext) unmarshalInputVerifyEmailInput(ctx context.Context, obj interface{}) (model.VerifyEmailInput, error) {
 	var it model.VerifyEmailInput
 	asMap := map[string]interface{}{}
@@ -17163,6 +17781,42 @@ func (ec *executionContext) unmarshalInputVerifyEmailInput(ctx context.Context,
 	return it, nil
 }

+func (ec *executionContext) unmarshalInputVerifyMobileRequest(ctx context.Context, obj interface{}) (model.VerifyMobileRequest, error) {
+	var it model.VerifyMobileRequest
+	asMap := map[string]interface{}{}
+	for k, v := range obj.(map[string]interface{}) {
+		asMap[k] = v
+	}
+
+	fieldsInOrder := [...]string{"phone_number", "code"}
+	for _, k := range fieldsInOrder {
+		v, ok := asMap[k]
+		if !ok {
+			continue
+		}
+		switch k {
+		case "phone_number":
+			var err error
+
+			ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("phone_number"))
+			it.PhoneNumber, err = ec.unmarshalNString2string(ctx, v)
+			if err != nil {
+				return it, err
+			}
+		case "code":
+			var err error
+
+			ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("code"))
+			it.Code, err = ec.unmarshalNString2string(ctx, v)
+			if err != nil {
+				return it, err
+			}
+		}
+	}
+
+	return it, nil
+}
+
 func (ec *executionContext) unmarshalInputVerifyOTPRequest(ctx context.Context, obj interface{}) (model.VerifyOTPRequest, error) {
 	var it model.VerifyOTPRequest
 	asMap := map[string]interface{}{}
@@ -18069,6 +18723,15 @@ func (ec *executionContext) _Mutation(ctx context.Context, sel ast.SelectionSet)
 				return ec._Mutation_resend_otp(ctx, field)
 			})

+			if out.Values[i] == graphql.Null {
+				invalids++
+			}
+		case "verify_mobile":
+
+			out.Values[i] = ec.OperationContext.RootResolverMiddleware(innerCtx, func(ctx context.Context) (res graphql.Marshaler) {
+				return ec._Mutation_verify_mobile(ctx, field)
+			})
+
 			if out.Values[i] == graphql.Null {
 				invalids++
 			}
@@ -18393,6 +19056,29 @@ func (ec *executionContext) _Query(ctx context.Context, sel ast.SelectionSet) gr
 				return ec.OperationContext.RootResolverMiddleware(ctx, innerFunc)
 			}

+			out.Concurrently(i, func() graphql.Marshaler {
+				return rrm(innerCtx)
+			})
+		case "validate_session":
+			field := field
+
+			innerFunc := func(ctx context.Context) (res graphql.Marshaler) {
+				defer func() {
+					if r := recover(); r != nil {
+						ec.Error(ctx, ec.Recover(ctx, r))
+					}
+				}()
+				res = ec._Query_validate_session(ctx, field)
+				if res == graphql.Null {
+					atomic.AddUint32(&invalids, 1)
+				}
+				return res
+			}
+
+			rrm := func(ctx context.Context) graphql.Marshaler {
+				return ec.OperationContext.RootResolverMiddleware(ctx, innerFunc)
+			}
+
 			out.Concurrently(i, func() graphql.Marshaler {
 				return rrm(innerCtx)
 			})
@@ -18654,6 +19340,66 @@ func (ec *executionContext) _Response(ctx context.Context, sel ast.SelectionSet,
 	return out
 }

+var sMSVerificationRequestsImplementors = []string{"SMSVerificationRequests"}
+
+func (ec *executionContext) _SMSVerificationRequests(ctx context.Context, sel ast.SelectionSet, obj *model.SMSVerificationRequests) graphql.Marshaler {
+	fields := graphql.CollectFields(ec.OperationContext, sel, sMSVerificationRequestsImplementors)
+	out := graphql.NewFieldSet(fields)
+	var invalids uint32
+	for i, field := range fields {
+		switch field.Name {
+		case "__typename":
+			out.Values[i] = graphql.MarshalString("SMSVerificationRequests")
+		case "id":
+
+			out.Values[i] = ec._SMSVerificationRequests_id(ctx, field, obj)
+
+			if out.Values[i] == graphql.Null {
+				invalids++
+			}
+		case "code":
+
+			out.Values[i] = ec._SMSVerificationRequests_code(ctx, field, obj)
+
+			if out.Values[i] == graphql.Null {
+				invalids++
+			}
+		case "code_expires_at":
+
+			out.Values[i] = ec._SMSVerificationRequests_code_expires_at(ctx, field, obj)
+
+			if out.Values[i] == graphql.Null {
+				invalids++
+			}
+		case "phone_number":
+
+			out.Values[i] = ec._SMSVerificationRequests_phone_number(ctx, field, obj)
+
+			if out.Values[i] == graphql.Null {
+				invalids++
+			}
+		case "created_at":
+
+			out.Values[i] = ec._SMSVerificationRequests_created_at(ctx, field, obj)
+
+			if out.Values[i] == graphql.Null {
+				invalids++
+			}
+		case "updated_at":
+
+			out.Values[i] = ec._SMSVerificationRequests_updated_at(ctx, field, obj)
+
+		default:
+			panic("unknown field " + strconv.Quote(field.Name))
+		}
+	}
+	out.Dispatch()
+	if invalids > 0 {
+		return graphql.Null
+	}
+	return out
+}
+
 var testEndpointResponseImplementors = []string{"TestEndpointResponse"}

 func (ec *executionContext) _TestEndpointResponse(ctx context.Context, sel ast.SelectionSet, obj *model.TestEndpointResponse) graphql.Marshaler {
@@ -18862,6 +19608,34 @@ func (ec *executionContext) _ValidateJWTTokenResponse(ctx context.Context, sel a
 	return out
 }

+var validateSessionResponseImplementors = []string{"ValidateSessionResponse"}
+
+func (ec *executionContext) _ValidateSessionResponse(ctx context.Context, sel ast.SelectionSet, obj *model.ValidateSessionResponse) graphql.Marshaler {
+	fields := graphql.CollectFields(ec.OperationContext, sel, validateSessionResponseImplementors)
+	out := graphql.NewFieldSet(fields)
+	var invalids uint32
+	for i, field := range fields {
+		switch field.Name {
+		case "__typename":
+			out.Values[i] = graphql.MarshalString("ValidateSessionResponse")
+		case "is_valid":
+
+			out.Values[i] = ec._ValidateSessionResponse_is_valid(ctx, field, obj)
+
+			if out.Values[i] == graphql.Null {
+				invalids++
+			}
+		default:
+			panic("unknown field " + strconv.Quote(field.Name))
+		}
+	}
+	out.Dispatch()
+	if invalids > 0 {
+		return graphql.Null
+	}
+	return out
+}
+
 var verificationRequestImplementors = []string{"VerificationRequest"}

 func (ec *executionContext) _VerificationRequest(ctx context.Context, sel ast.SelectionSet, obj *model.VerificationRequest) graphql.Marshaler {
@@ -19937,6 +20711,20 @@ func (ec *executionContext) marshalNValidateJWTTokenResponse2ᚖgithubᚗcomᚋa
 	return ec._ValidateJWTTokenResponse(ctx, sel, v)
 }

+func (ec *executionContext) marshalNValidateSessionResponse2githubᚗcomᚋauthorizerdevᚋauthorizerᚋserverᚋgraphᚋmodelᚐValidateSessionResponse(ctx context.Context, sel ast.SelectionSet, v model.ValidateSessionResponse) graphql.Marshaler {
+	return ec._ValidateSessionResponse(ctx, sel, &v)
+}
+
+func (ec *executionContext) marshalNValidateSessionResponse2ᚖgithubᚗcomᚋauthorizerdevᚋauthorizerᚋserverᚋgraphᚋmodelᚐValidateSessionResponse(ctx context.Context, sel ast.SelectionSet, v *model.ValidateSessionResponse) graphql.Marshaler {
+	if v == nil {
+		if !graphql.HasFieldError(ctx, graphql.GetFieldContext(ctx)) {
+			ec.Errorf(ctx, "the requested element is null which the schema does not allow")
+		}
+		return graphql.Null
+	}
+	return ec._ValidateSessionResponse(ctx, sel, v)
+}
+
 func (ec *executionContext) marshalNVerificationRequest2ᚕᚖgithubᚗcomᚋauthorizerdevᚋauthorizerᚋserverᚋgraphᚋmodelᚐVerificationRequestᚄ(ctx context.Context, sel ast.SelectionSet, v []*model.VerificationRequest) graphql.Marshaler {
 	ret := make(graphql.Array, len(v))
 	var wg sync.WaitGroup
@@ -20010,6 +20798,11 @@ func (ec *executionContext) unmarshalNVerifyEmailInput2githubᚗcomᚋauthorizer
 	return res, graphql.ErrorOnPath(ctx, err)
 }

+func (ec *executionContext) unmarshalNVerifyMobileRequest2githubᚗcomᚋauthorizerdevᚋauthorizerᚋserverᚋgraphᚋmodelᚐVerifyMobileRequest(ctx context.Context, v interface{}) (model.VerifyMobileRequest, error) {
+	res, err := ec.unmarshalInputVerifyMobileRequest(ctx, v)
+	return res, graphql.ErrorOnPath(ctx, err)
+}
+
 func (ec *executionContext) unmarshalNVerifyOTPRequest2githubᚗcomᚋauthorizerdevᚋauthorizerᚋserverᚋgraphᚋmodelᚐVerifyOTPRequest(ctx context.Context, v interface{}) (model.VerifyOTPRequest, error) {
 	res, err := ec.unmarshalInputVerifyOTPRequest(ctx, v)
 	return res, graphql.ErrorOnPath(ctx, err)
@@ -20620,6 +21413,14 @@ func (ec *executionContext) marshalOUser2ᚖgithubᚗcomᚋauthorizerdevᚋautho
 	return ec._User(ctx, sel, v)
 }

+func (ec *executionContext) unmarshalOValidateSessionInput2ᚖgithubᚗcomᚋauthorizerdevᚋauthorizerᚋserverᚋgraphᚋmodelᚐValidateSessionInput(ctx context.Context, v interface{}) (*model.ValidateSessionInput, error) {
+	if v == nil {
+		return nil, nil
+	}
+	res, err := ec.unmarshalInputValidateSessionInput(ctx, v)
+	return &res, graphql.ErrorOnPath(ctx, err)
+}
+
 func (ec *executionContext) marshalO__EnumValue2ᚕgithubᚗcomᚋ99designsᚋgqlgenᚋgraphqlᚋintrospectionᚐEnumValueᚄ(ctx context.Context, sel ast.SelectionSet, v []introspection.EnumValue) graphql.Marshaler {
 	if v == nil {
 		return graphql.Null
--- a/server/graph/model/models_gen.go
+++ b/server/graph/model/models_gen.go
@@ -265,6 +265,15 @@ type Response struct {
 	Message string `json:"message"`
 }

+type SMSVerificationRequests struct {
+	ID            string `json:"id"`
+	Code          string `json:"code"`
+	CodeExpiresAt int64  `json:"code_expires_at"`
+	PhoneNumber   string `json:"phone_number"`
+	CreatedAt     int64  `json:"created_at"`
+	UpdatedAt     *int64 `json:"updated_at"`
+}
+
 type SessionQueryInput struct {
 	Roles []string `json:"roles"`
 	Scope []string `json:"scope"`
@@ -446,6 +455,15 @@ type ValidateJWTTokenResponse struct {
 	Claims  map[string]interface{} `json:"claims"`
 }

+type ValidateSessionInput struct {
+	Cookie string   `json:"cookie"`
+	Roles  []string `json:"roles"`
+}
+
+type ValidateSessionResponse struct {
+	IsValid bool `json:"is_valid"`
+}
+
 type VerificationRequest struct {
 	ID          string  `json:"id"`
 	Identifier  *string `json:"identifier"`
@@ -468,6 +486,11 @@ type VerifyEmailInput struct {
 	State *string `json:"state"`
 }

+type VerifyMobileRequest struct {
+	PhoneNumber string `json:"phone_number"`
+	Code        string `json:"code"`
+}
+
 type VerifyOTPRequest struct {
 	Email string  `json:"email"`
 	Otp   string  `json:"otp"`
--- a/server/graph/schema.graphqls
+++ b/server/graph/schema.graphqls
@@ -75,6 +75,20 @@ type VerificationRequests {
  verification_requests: [VerificationRequest!]!
 }

+type SMSVerificationRequests {
+  id: ID!
+  code: String!
+  code_expires_at: Int64!
+  phone_number: String!
+  created_at: Int64!
+  updated_at: Int64
+}
+
+input VerifyMobileRequest {
+  phone_number: String!
+  code: String!
+}
+
 type Error {
  message: String!
  reason: String!
@@ -168,6 +182,10 @@ type ValidateJWTTokenResponse {
  claims: Map
 }

+type ValidateSessionResponse {
+  is_valid: Boolean!
+}
+
 type GenerateJWTKeysResponse {
  secret: String
  public_key: String
@@ -460,6 +478,11 @@ input ValidateJWTTokenInput {
  roles: [String!]
 }

+input ValidateSessionInput {
+  cookie: String!
+  roles: [String!]
+}
+
 input GenerateJWTKeysInput {
  type: String!
 }
@@ -556,6 +579,7 @@ type Mutation {
  revoke(params: OAuthRevokeInput!): Response!
  verify_otp(params: VerifyOTPRequest!): AuthResponse!
  resend_otp(params: ResendOTPRequest!): Response!
+  verify_mobile(params: VerifyMobileRequest!): AuthResponse!
  # admin only apis
  _delete_user(params: DeleteUserInput!): Response!
  _update_user(params: UpdateUserInput!): User!
@@ -581,6 +605,7 @@ type Query {
  session(params: SessionQueryInput): AuthResponse!
  profile: User!
  validate_jwt_token(params: ValidateJWTTokenInput!): ValidateJWTTokenResponse!
+  validate_session(params: ValidateSessionInput): ValidateSessionResponse!
  # admin only apis
  _users(params: PaginatedInput): Users!
  _user(params: GetUserRequest!): User!
--- a/server/graph/schema.resolvers.go
+++ b/server/graph/schema.resolvers.go
@@ -81,6 +81,11 @@ func (r *mutationResolver) ResendOtp(ctx context.Context, params model.ResendOTP
 	return resolvers.ResendOTPResolver(ctx, params)
 }

+// VerifyMobile is the resolver for the verify_mobile field.
+func (r *mutationResolver) VerifyMobile(ctx context.Context, params model.VerifyMobileRequest) (*model.AuthResponse, error) {
+	return resolvers.VerifyMobileResolver(ctx, params)
+}
+
 // DeleteUser is the resolver for the _delete_user field.
 func (r *mutationResolver) DeleteUser(ctx context.Context, params model.DeleteUserInput) (*model.Response, error) {
 	return resolvers.DeleteUserResolver(ctx, params)
@@ -186,6 +191,11 @@ func (r *queryResolver) ValidateJwtToken(ctx context.Context, params model.Valid
 	return resolvers.ValidateJwtTokenResolver(ctx, params)
 }

+// ValidateSession is the resolver for the validate_session field.
+func (r *queryResolver) ValidateSession(ctx context.Context, params *model.ValidateSessionInput) (*model.ValidateSessionResponse, error) {
+	return resolvers.ValidateSessionResolver(ctx, params)
+}
+
 // Users is the resolver for the _users field.
 func (r *queryResolver) Users(ctx context.Context, params *model.PaginatedInput) (*model.Users, error) {
 	return resolvers.UsersResolver(ctx, params)
--- a/server/handlers/authorize.go
+++ b/server/handlers/authorize.go
@@ -84,9 +84,9 @@ func AuthorizeHandler() gin.HandlerFunc {

 		if responseMode == "" {
 			if val, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultAuthorizeResponseMode); err == nil {
-				responseType = val
+				responseMode = val
 			} else {
-				responseType = constants.ResponseModeQuery
+				responseMode = constants.ResponseModeQuery
 			}
 		}

--- a/server/memorystore/providers/redis/provider.go
+++ b/server/memorystore/providers/redis/provider.go
@@ -9,6 +9,10 @@ import (
 	log "github.com/sirupsen/logrus"
 )

+const (
+	dialTimeout = 60 * time.Second
+)
+
 // RedisClient is the interface for redis client & redis cluster client
 type RedisClient interface {
 	HMSet(ctx context.Context, key string, values ...interface{}) *redis.BoolCmd
@@ -41,8 +45,7 @@ func NewRedisProvider(redisURL string) (*provider, error) {
 		urls := []string{opt.Addr}
 		urlList := redisURLHostPortsList[1:]
 		urls = append(urls, urlList...)
-		clusterOpt := &redis.ClusterOptions{Addrs: urls}
-
+		clusterOpt := &redis.ClusterOptions{Addrs: urls, DialTimeout: dialTimeout}
 		rdb := redis.NewClusterClient(clusterOpt)
 		ctx := context.Background()
 		_, err = rdb.Ping(ctx).Result()
@@ -62,7 +65,7 @@ func NewRedisProvider(redisURL string) (*provider, error) {
 		log.Debug("error parsing redis url: ", err)
 		return nil, err
 	}
-
+	opt.DialTimeout = dialTimeout
 	rdb := redis.NewClient(opt)
 	ctx := context.Background()
 	_, err = rdb.Ping(ctx).Result()
--- a/server/resolvers/mobile_signup.go
+++ b/server/resolvers/mobile_signup.go
@@ -8,7 +8,7 @@ import (

 	"github.com/google/uuid"
 	log "github.com/sirupsen/logrus"
-
+	
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/cookie"
 	"github.com/authorizerdev/authorizer/server/crypto"
@@ -19,6 +19,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/authorizerdev/authorizer/server/smsproviders"
 	"github.com/authorizerdev/authorizer/server/validators"
 )

@@ -131,11 +132,9 @@ func MobileSignupResolver(ctx context.Context, params *model.MobileSignUpInput)
 		}
 	}

-	now := time.Now().Unix()
 	user := models.User{
 		Email:                 emailInput,
 		PhoneNumber:           &mobile,
-		PhoneNumberVerifiedAt: &now,
 	}

 	user.Roles = strings.Join(inputRoles, ",")
@@ -180,17 +179,49 @@ func MobileSignupResolver(ctx context.Context, params *model.MobileSignUpInput)
 		log.Debug("MFA service not enabled: ", err)
 		isMFAEnforced = false
 	}
-
+	
 	if isMFAEnforced {
 		user.IsMultiFactorAuthEnabled = refs.NewBoolRef(true)
 	}

+	disablePhoneVerification, _ := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisablePhoneVerification)
+	if disablePhoneVerification {
+		now := time.Now().Unix()
+		user.PhoneNumberVerifiedAt = &now
+	}
+
 	user.SignupMethods = constants.AuthRecipeMethodMobileBasicAuth
 	user, err = db.Provider.AddUser(ctx, user)
+
 	if err != nil {
 		log.Debug("Failed to add user: ", err)
 		return res, err
 	}
+	
+	if !disablePhoneVerification {
+		duration, _ := time.ParseDuration("10m")
+		smsCode := utils.GenerateOTP()
+	
+		smsBody := strings.Builder{}
+		smsBody.WriteString("Your verification code is: ")
+		smsBody.WriteString(smsCode)
+
+		// TODO: For those who enabled the webhook to call their sms vendor separately - sending the otp to their api
+		if err != nil {
+			log.Debug("error while upserting user: ", err.Error())
+			return nil, err
+		}
+
+		go func() {
+			db.Provider.UpsertSMSRequest(ctx, &models.SMSVerificationRequest{
+				PhoneNumber:     mobile,
+				Code:   	     smsCode,
+				CodeExpiresAt:   time.Now().Add(duration).Unix(),
+			})
+			smsproviders.SendSMS(mobile, smsBody.String())
+		}()
+	}
+
 	roles := strings.Split(user.Roles, ",")
 	userToReturn := user.AsAPIUser()

--- a/server/resolvers/validate_session.go
+++ b/server/resolvers/validate_session.go
@@ -0,0 +1,59 @@
+package resolvers
+
+import (
+	"context"
+	"errors"
+	"fmt"
+
+	"github.com/authorizerdev/authorizer/server/cookie"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/token"
+	"github.com/authorizerdev/authorizer/server/utils"
+	log "github.com/sirupsen/logrus"
+)
+
+// ValidateSessionResolver is used to validate a cookie session without its rotation
+func ValidateSessionResolver(ctx context.Context, params *model.ValidateSessionInput) (*model.ValidateSessionResponse, error) {
+	gc, err := utils.GinContextFromContext(ctx)
+	if err != nil {
+		log.Debug("Failed to get GinContext: ", err)
+		return nil, err
+	}
+	sessionToken := params.Cookie
+	if sessionToken == "" {
+		sessionToken, err = cookie.GetSession(gc)
+		if err != nil {
+			log.Debug("Failed to get session token: ", err)
+			return nil, errors.New("unauthorized")
+		}
+	}
+	claims, err := token.ValidateBrowserSession(gc, sessionToken)
+	if err != nil {
+		log.Debug("Failed to validate session token", err)
+		return nil, errors.New("unauthorized")
+	}
+	userID := claims.Subject
+	log := log.WithFields(log.Fields{
+		"user_id": userID,
+	})
+	_, err = db.Provider.GetUserByID(ctx, userID)
+	if err != nil {
+		return nil, err
+	}
+	// refresh token has "roles" as claim
+	claimRoleInterface := claims.Roles
+	claimRoles := []string{}
+	claimRoles = append(claimRoles, claimRoleInterface...)
+	if params != nil && params.Roles != nil && len(params.Roles) > 0 {
+		for _, v := range params.Roles {
+			if !utils.StringSliceContains(claimRoles, v) {
+				log.Debug("User does not have required role: ", claimRoles, v)
+				return nil, fmt.Errorf(`unauthorized`)
+			}
+		}
+	}
+	return &model.ValidateSessionResponse{
+		IsValid: true,
+	}, nil
+}
--- a/server/resolvers/verify_mobile.go
+++ b/server/resolvers/verify_mobile.go
@@ -0,0 +1,62 @@
+package resolvers
+
+import (
+	"fmt"
+	"context"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/authorizerdev/authorizer/server/db"
+	log "github.com/sirupsen/logrus"
+)
+
+func VerifyMobileResolver(ctx context.Context, params model.VerifyMobileRequest) (*model.AuthResponse, error) {
+	var res *model.AuthResponse
+
+	_, err := utils.GinContextFromContext(ctx)
+	if err != nil {
+		log.Debug("Failed to get GinContext: ", err)
+		return res, err
+	}
+
+	smsVerificationRequest, err := db.Provider.GetCodeByPhone(ctx, params.PhoneNumber)
+	if err != nil {
+		log.Debug("Failed to get sms request by phone: ", err)
+		return res, err
+	}
+
+	if smsVerificationRequest.Code != params.Code {
+		log.Debug("Failed to verify request: bad credentials")
+		return res, fmt.Errorf(`bad credentials`)
+	}
+
+	expiresIn := smsVerificationRequest.CodeExpiresAt - time.Now().Unix()
+	if expiresIn < 0 {
+		log.Debug("Failed to verify sms request: Timeout")
+		return res, fmt.Errorf("time expired")
+	}
+
+	res = &model.AuthResponse{
+		Message: "successful",
+	}
+
+	user, err := db.Provider.GetUserByPhoneNumber(ctx, params.PhoneNumber)
+	if user.PhoneNumberVerifiedAt == nil {
+		now := time.Now().Unix()
+		user.PhoneNumberVerifiedAt = &now
+	}
+
+	_, err = db.Provider.UpdateUser(ctx, *user)
+	if err != nil {
+		log.Debug("Failed to update user: ", err)
+		return res, err
+	}
+
+	err = db.Provider.DeleteSMSRequest(ctx, smsVerificationRequest)
+	if err != nil {
+		log.Debug("Failed to delete sms request: ", err.Error())
+	}
+
+	return res, err
+}
--- a/server/smsproviders/twilio.go
+++ b/server/smsproviders/twilio.go
@@ -0,0 +1,54 @@
+package smsproviders
+
+import (
+	twilio "github.com/twilio/twilio-go"
+	api "github.com/twilio/twilio-go/rest/api/v2010"
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+	log "github.com/sirupsen/logrus"
+)
+
+// TODO: Should be restructured to interface when another provider is added
+func SendSMS(sendTo, messageBody string) error {
+
+	twilioAPISecret, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyTwilioAPISecret)
+	if err != nil || twilioAPISecret == ""{
+		log.Errorf("Failed to get api secret: ", err)
+		return err
+	}
+
+	twilioAPIKey, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyTwilioAPIKey)
+	if err != nil || twilioAPIKey == ""{
+		log.Errorf("Failed to get api key: ", err)
+		return err
+	}
+
+	twilioSenderFrom, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyTwilioSenderFrom)
+	if err != nil || twilioSenderFrom == "" {
+		log.Errorf("Failed to get sender: ", err)
+		return err
+	}
+
+	// accountSID is not a must to send sms on twilio
+	twilioAccountSID, _ := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyTwilioAccountSID)
+
+	client := twilio.NewRestClientWithParams(twilio.ClientParams{
+		Username:   twilioAPIKey,
+		Password:   twilioAPISecret,
+		AccountSid: twilioAccountSID,
+	})
+
+	message := &api.CreateMessageParams{}
+	message.SetBody(messageBody)
+	message.SetFrom(twilioSenderFrom)
+	message.SetTo(sendTo)
+
+	_, err = client.Api.CreateMessage(message)
+
+	if err != nil {
+		log.Debug("Failed to send sms: ", err)
+		return err
+	}
+
+	return nil
+}
--- a/server/test/mobile_login_test.go
+++ b/server/test/mobile_login_test.go
@@ -6,6 +6,7 @@ import (

 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
 	"github.com/stretchr/testify/assert"
@@ -45,6 +46,25 @@ func mobileLoginTests(t *testing.T, s TestSetup) {
 		assert.Error(t, err)
 		assert.Nil(t, res)

+		// should fail because phone is not verified
+		res, err = resolvers.MobileLoginResolver(ctx, model.MobileLoginInput{
+			PhoneNumber: phoneNumber,
+			Password:    s.TestInfo.Password,
+		})
+		assert.NotNil(t, err, "should fail because phone is not verified")
+		assert.Nil(t, res)
+
+		smsRequest, err := db.Provider.GetCodeByPhone(ctx, phoneNumber)
+		assert.NoError(t, err)
+		assert.NotEmpty(t, smsRequest.Code)
+
+		verifySMSRequest, err := resolvers.VerifyMobileResolver(ctx, model.VerifyMobileRequest{
+			PhoneNumber: phoneNumber,
+			Code:   smsRequest.Code,
+		})
+		assert.Nil(t, err)
+		assert.NotEqual(t, verifySMSRequest.Message, "", "message should not be empty")
+	
 		res, err = resolvers.MobileLoginResolver(ctx, model.MobileLoginInput{
 			PhoneNumber: phoneNumber,
 			Password:    s.TestInfo.Password,
--- a/server/test/resolvers_test.go
+++ b/server/test/resolvers_test.go
@@ -135,6 +135,8 @@ func TestResolvers(t *testing.T) {
 			validateJwtTokenTest(t, s)
 			verifyOTPTest(t, s)
 			resendOTPTest(t, s)
+			verifyMobileTest(t, s)
+			validateSessionTests(t, s)

 			updateAllUsersTest(t, s)
 			webhookLogsTest(t, s)   // get logs after above resolver tests are done
--- a/server/test/validate_session_test.go
+++ b/server/test/validate_session_test.go
@@ -0,0 +1,61 @@
+package test
+
+import (
+	"fmt"
+	"strings"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/authorizerdev/authorizer/server/token"
+	"github.com/stretchr/testify/assert"
+)
+
+// ValidateSessionTests tests all the validate session resolvers
+func validateSessionTests(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should validate session`, func(t *testing.T) {
+		req, ctx := createContext(s)
+		email := "validate_session." + s.TestInfo.Email
+
+		resolvers.SignupResolver(ctx, model.SignUpInput{
+			Email:           email,
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+		})
+		_, err := resolvers.ValidateSessionResolver(ctx, &model.ValidateSessionInput{})
+		assert.NotNil(t, err, "unauthorized")
+		verificationRequest, err := db.Provider.GetVerificationRequestByEmail(ctx, email, constants.VerificationTypeBasicAuthSignup)
+		assert.NoError(t, err)
+		assert.NotNil(t, verificationRequest)
+		verifyRes, err := resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{
+			Token: verificationRequest.Token,
+		})
+		assert.NoError(t, err)
+		assert.NotNil(t, verifyRes)
+		accessToken := *verifyRes.AccessToken
+		assert.NotEmpty(t, accessToken)
+		claims, err := token.ParseJWTToken(accessToken)
+		assert.NoError(t, err)
+		assert.NotEmpty(t, claims)
+		sessionKey := constants.AuthRecipeMethodBasicAuth + ":" + verifyRes.User.ID
+		sessionToken, err := memorystore.Provider.GetUserSession(sessionKey, constants.TokenTypeSessionToken+"_"+claims["nonce"].(string))
+		assert.NoError(t, err)
+		assert.NotEmpty(t, sessionToken)
+		cookie := fmt.Sprintf("%s=%s;", constants.AppCookieName+"_session", sessionToken)
+		cookie = strings.TrimSuffix(cookie, ";")
+		res, err := resolvers.ValidateSessionResolver(ctx, &model.ValidateSessionInput{
+			Cookie: sessionToken,
+		})
+		assert.Nil(t, err)
+		assert.True(t, res.IsValid)
+		req.Header.Set("Cookie", cookie)
+		res, err = resolvers.ValidateSessionResolver(ctx, &model.ValidateSessionInput{})
+		assert.Nil(t, err)
+		assert.True(t, res.IsValid)
+		cleanData(email)
+	})
+}
--- a/server/test/verify_mobile_test.go
+++ b/server/test/verify_mobile_test.go
@@ -0,0 +1,79 @@
+package test
+
+import (
+	"strings"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/refs"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func verifyMobileTest(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should verify mobile`, func(t *testing.T) {
+		_, ctx := createContext(s)
+		email := "mobile_verification." + s.TestInfo.Email
+		phoneNumber := "2234567890"
+		signUpRes, err := resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{
+			Email:           refs.NewStringRef(email),
+			PhoneNumber:     phoneNumber,
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+		})
+		assert.NoError(t, err)
+		assert.NotNil(t, signUpRes)
+		assert.Equal(t, email, signUpRes.User.Email)
+		assert.Equal(t, phoneNumber, refs.StringValue(signUpRes.User.PhoneNumber))
+		assert.True(t, strings.Contains(signUpRes.User.SignupMethods, constants.AuthRecipeMethodMobileBasicAuth))
+		assert.Len(t, strings.Split(signUpRes.User.SignupMethods, ","), 1)
+
+		res, err := resolvers.MobileLoginResolver(ctx, model.MobileLoginInput{
+			PhoneNumber: phoneNumber,
+			Password:    "random_test",
+		})
+		assert.Error(t, err)
+		assert.Nil(t, res)
+
+		// should fail because phone is not verified
+		res, err = resolvers.MobileLoginResolver(ctx, model.MobileLoginInput{
+			PhoneNumber: phoneNumber,
+			Password:    s.TestInfo.Password,
+		})
+		assert.NotNil(t, err, "should fail because phone is not verified")
+		assert.Nil(t, res)
+
+		// get code from db
+		smsRequest, err := db.Provider.GetCodeByPhone(ctx, phoneNumber)
+		assert.NoError(t, err)
+		assert.NotEmpty(t, smsRequest.Code)
+
+		// throw an error if the code is not correct
+		verifySMSRequest, err := resolvers.VerifyMobileResolver(ctx, model.VerifyMobileRequest{
+			PhoneNumber: phoneNumber,
+			Code:  "rand_12@1",
+		})
+		assert.NotNil(t, err, "should fail because of bad credentials")
+		assert.Nil(t, verifySMSRequest)
+	
+		verifySMSRequest, err = resolvers.VerifyMobileResolver(ctx, model.VerifyMobileRequest{
+			PhoneNumber: phoneNumber,
+			Code:   smsRequest.Code,
+		})
+		assert.Nil(t, err)
+		assert.NotEqual(t, verifySMSRequest.Message, "", "message should not be empty")
+	
+		res, err = resolvers.MobileLoginResolver(ctx, model.MobileLoginInput{
+			PhoneNumber: phoneNumber,
+			Password:    s.TestInfo.Password,
+		})
+		assert.NoError(t, err)
+		assert.NotEmpty(t, res.AccessToken)
+		assert.NotEmpty(t, res.IDToken)
+
+		cleanData(email)
+	})
+}
Author	SHA1	Message	Date
Lakhan Samani	87a962504f	Increase timeout for redis	2023-07-16 22:57:56 +05:30
Lakhan Samani	8d145bd5fe	Merge pull request #369 from authorizerdev/feat-add-validate-cookie-api feat: add resolver to validate browser session	2023-07-12 22:13:47 +05:30
Lakhan Samani	6fa0ad1809	feat: add resolver to validate browser session	2023-07-12 22:12:17 +05:30
Lakhan Samani	07f71e883b	Add comments for twillio	2023-07-11 14:49:16 +05:30
Lakhan Samani	6cef9064c3	Update provider template for sms verification	2023-07-11 14:48:37 +05:30
Lakhan Samani	9ae616b6b5	Merge pull request #365 from JokerQyou/patch-1 Fix wrong response_type parsed when missing response_mode	2023-06-30 18:10:31 +05:30
Joker_	356428ea02	Fix wrong response_type parsed when missing response_mode	2023-06-29 23:10:44 +08:00
Lakhan Samani	7f47177741	Merge pull request #359 from MussieT/feat/sms_confirmation Feat/sms confirmation	2023-06-13 09:38:23 +05:30
Mussie Teshome	9fb00544cd	removed unwanted comment	2023-06-11 20:44:09 +03:00
Mussie Teshome	2b022d1058	Fix typo	2023-06-11 16:23:31 +03:00
Mussie Teshome	1c84d9f4a8	Merge branch 'authorizerdev:main' into feat/sms_confirmation	2023-06-11 16:05:29 +03:00
Mussie Teshome	0838b60fae	Added VerifyMobileTest to the resolver	2023-06-11 16:03:16 +03:00
Mussie Teshome	325134466d	Testing verify_mobile resolver	2023-06-11 16:02:46 +03:00
Mussie Teshome	58d9978dd5	Updated to test verification	2023-06-11 16:01:49 +03:00
Mussie Teshome	801d64e2f5	Twilio configuration	2023-06-11 16:00:30 +03:00
Mussie Teshome	dd3cc9de3a	Verify mobile resolver	2023-06-11 16:00:07 +03:00
Mussie Teshome	8dc7366182	Updated mobile signup to send sms when service enabled	2023-06-11 15:59:53 +03:00
Mussie Teshome	7749534087	generated	2023-06-11 15:59:18 +03:00
Mussie Teshome	510f16e7b0	New resolver - Verify Moblie	2023-06-11 15:59:03 +03:00
Mussie Teshome	d5e83ea14f	Schema update for SMSVerificationRequest	2023-06-11 15:58:50 +03:00
Mussie Teshome	b4a90de1d4	Updated to support disable sms verification request	2023-06-11 15:58:04 +03:00
Mussie Teshome	c525ad92f2	SQL Related dbs CRUD implementation for SMS	2023-06-11 15:57:14 +03:00
Mussie Teshome	9028682e93	Added SMSVerificationRequests model to automigrate	2023-06-11 15:56:40 +03:00
Mussie Teshome	3d6bfe4480	mongo implementation for the sms crud	2023-06-11 15:56:02 +03:00
Mussie Teshome	043af08bf0	Mongo collection for SMSVerificationRequest model	2023-06-11 15:55:11 +03:00
Mussie Teshome	0af78479fc	Different dbs fn skeleton which fn yet not written	2023-06-11 15:54:23 +03:00
Mussie Teshome	096f686495	Added delete sms request to the interface	2023-06-11 15:52:33 +03:00
Mussie Teshome	c574c6a679	configure twilio via environment variables	2023-06-11 15:52:07 +03:00
Mussie Teshome	6428b74e64	twilio - new package	2023-06-11 15:50:09 +03:00
Mussie Teshome	aa3892025d	New resolvers for sms requests	2023-06-11 15:49:25 +03:00
Mussie Teshome	b2f3d6eb80	sms verification requests model	2023-06-08 11:53:06 +03:00
Mussie Teshome	348cbf8c38	Add sms verification to collection	2023-06-08 11:52:39 +03:00
Mussie Teshome	8ac33a085c	commented out sms twilio sender	2023-06-01 15:29:22 +03:00