fix: set same site cookie to none for cross site

fix(server): use sameSite as lax by default for app cookie

Dockerfile

@@ -21,13 +21,15 @@ RUN apk add build-base &&\
     make build-dashboard
 
 FROM alpine:latest
-WORKDIR /root/
+RUN adduser -D -h /authorizer -u 1000 -k /dev/null authorizer
+WORKDIR /authorizer
 RUN mkdir app dashboard
-COPY --from=node-builder /authorizer/app/build app/build
+COPY --from=node-builder --chown=nobody:nobody /authorizer/app/build app/build
-COPY --from=node-builder /authorizer/app/favicon_io app/favicon_io
+COPY --from=node-builder --chown=nobody:nobody /authorizer/app/favicon_io app/favicon_io
-COPY --from=node-builder /authorizer/dashboard/build dashboard/build
+COPY --from=node-builder --chown=nobody:nobody /authorizer/dashboard/build dashboard/build
-COPY --from=node-builder /authorizer/dashboard/favicon_io dashboard/favicon_io
+COPY --from=node-builder --chown=nobody:nobody /authorizer/dashboard/favicon_io dashboard/favicon_io
-COPY --from=go-builder /authorizer/build build
+COPY --from=go-builder --chown=nobody:nobody /authorizer/build build
 COPY templates templates
 EXPOSE 8080
+USER authorizer
 CMD [ "./build/server" ]

README.md

@@ -7,19 +7,17 @@
   Authorizer
 </h1>
 
-**Authorizer** is an open-source authentication and authorization solution for your applications. Bring your database and have complete control over the user information. You can self-host authorizer instances and connect to any database (Currently supports [Postgres](https://www.postgresql.org/), [MySQL](https://www.mysql.com/), [SQLite](https://www.sqlite.org/index.html), [SQLServer](https://www.microsoft.com/en-us/sql-server/), [MongoDB](https://mongodb.com/), [ArangoDB](https://www.arangodb.com/)).
+**Authorizer** is an open-source authentication and authorization solution for your applications. Bring your database and have complete control over the user information. You can self-host authorizer instances and connect to any database (Currently supports 11+ databases including [Postgres](https://www.postgresql.org/), [MySQL](https://www.mysql.com/), [SQLite](https://www.sqlite.org/index.html), [SQLServer](https://www.microsoft.com/en-us/sql-server/), [YugaByte](https://www.yugabyte.com/),  [MariaDB](https://mariadb.org/), [PlanetScale](https://planetscale.com/), [CassandraDB](https://cassandra.apache.org/_/index.html), [ScyllaDB](https://www.scylladb.com/), [MongoDB](https://mongodb.com/), [ArangoDB](https://www.arangodb.com/)).
 
-## Table of contents
+For more information check:
 
-- [Introduction](#introduction)
-- [Getting Started](#getting-started)
-- [Contributing](https://github.com/authorizerdev/authorizer/blob/main/.github/CONTRIBUTING.md)
 - [Docs](http://docs.authorizer.dev/)
-- [Join Community](https://discord.gg/Zv2D5h6kkK)
+- [Discord Community](https://discord.gg/Zv2D5h6kkK)
+- [Contributing Guide](https://github.com/authorizerdev/authorizer/blob/main/.github/CONTRIBUTING.md)
 
 # Introduction
 
-<img src="https://github.com/authorizerdev/authorizer/blob/main/assets/authorizer-architecture.png" style="height:20em"/>
+<img src="https://docs.authorizer.dev/images/authorizer-arch.png" style="height:20em"/>
 
 #### We offer the following functionality
 
@@ -29,20 +27,22 @@
 - ✅ OAuth2 and OpenID compatible APIs
 - ✅ APIs to update profile securely
 - ✅ Forgot password flow using email
-- ✅ Social logins (Google, Github, Facebook, more coming soon)
+- ✅ Social logins (Google, Github, Facebook, LinkedIn, Apple more coming soon)
 - ✅ Role-based access management
 - ✅ Password-less login with magic link login
+- ✅ Multi factor authentication
+- ✅ Email templating
+- ✅ Webhooks
 
 ## Roadmap
 
-- 2 Factor authentication
+- [VueJS SDK](https://github.com/authorizerdev/authorizer-vue)
-- VueJS SDK
+- [Svelte SDK](https://github.com/authorizerdev/authorizer-svelte)
-- Svelte SDK
+- [Golang SDK](https://github.com/authorizerdev/authorizer-go)
 - React Native SDK
 - Flutter SDK
 - Android Native SDK
 - iOS native SDK
-- Golang SDK
 - Python SDK
 - PHP SDK
 - WordPress plugin
@@ -64,8 +64,8 @@
 Deploy production ready Authorizer instance using one click deployment options available below
 
 | **Infra provider** |                                                                                            **One-click link**                                                                                            |               **Additional information**               |
-| :----------------: | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------: | :----------------------------------------------------: |
+| :----------------: | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------: | :----------------------------------------------------: |
-|    Railway.app     | <a href="https://railway.app/new/template?template=https://github.com/authorizerdev/authorizer-railway&amp;plugins=postgresql,redis"><img src="https://railway.app/button.svg" style="height: 44px" alt="Deploy on Railway"></a> | [docs](https://docs.authorizer.dev/deployment/railway) |
+|    Railway.app     |                    <a href="https://railway.app/new/template/nwXp1C?referralCode=FEF4uT"><img src="https://railway.app/button.svg" style="height: 44px" alt="Deploy on Railway"></a>                     | [docs](https://docs.authorizer.dev/deployment/railway) |
 |       Heroku       | <a href="https://heroku.com/deploy?template=https://github.com/authorizerdev/authorizer-heroku"><img src="https://www.herokucdn.com/deploy/button.svg" alt="Deploy to Heroku" style="height: 44px;"></a> | [docs](https://docs.authorizer.dev/deployment/heroku)  |
 |       Render       |                     [![Deploy to Render](https://render.com/images/deploy-to-render-button.svg)](https://render.com/deploy?repo=https://github.com/authorizerdev/authorizer-render)                      | [docs](https://docs.authorizer.dev/deployment/render)  |
 

app/package-lock.json

@@ -9,7 +9,7 @@
 			"version": "1.0.0",
 			"license": "ISC",
 			"dependencies": {
-				"@authorizerdev/authorizer-react": "^0.26.0-beta.0",
+				"@authorizerdev/authorizer-react": "^1.1.2",
 				"@types/react": "^17.0.15",
 				"@types/react-dom": "^17.0.9",
 				"esbuild": "^0.12.17",
@@ -26,22 +26,22 @@
 			}
 		},
 		"node_modules/@authorizerdev/authorizer-js": {
-			"version": "0.17.0-beta.1",
+			"version": "1.1.0",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-0.17.0-beta.1.tgz",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-1.1.0.tgz",
-			"integrity": "sha512-jUlFUrs4Ys6LZ5hclPeRt84teygi+bA57d/IpV9GAqOrfifv70jkFeDln4+Bs0mZk74el23Xn+DR9380mqE4Cg==",
+			"integrity": "sha512-MdEw1SjhIm7pXq20AscHSbnAta2PC3w7GNBY52/OzmlBXUGH3ooUQX/aszbYOse3FlhapcrGrRvg4sNM7faGAg==",
 			"dependencies": {
-				"node-fetch": "^2.6.1"
+				"cross-fetch": "^3.1.5"
 			},
 			"engines": {
 				"node": ">=10"
 			}
 		},
 		"node_modules/@authorizerdev/authorizer-react": {
-			"version": "0.26.0-beta.0",
+			"version": "1.1.2",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.26.0-beta.0.tgz",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.1.2.tgz",
-			"integrity": "sha512-YfyiGYBmbsp3tLWIxOrOZ/hUTCmdMXVE9SLE8m1xsFsxzJJlUhepp0AMahSbH5EyLj5bchOhOw/rzgpnDZDvMw==",
+			"integrity": "sha512-uBmuKnOVX8gp8CEUuGJuz04ep+8qMEzJXWd5leEGKYMIgolHpu/lOinnMUXhjh8YL3pA4+EhvB+hQXxUX+rRHQ==",
 			"dependencies": {
-				"@authorizerdev/authorizer-js": "^0.17.0-beta.1",
+				"@authorizerdev/authorizer-js": "^1.1.0",
 				"final-form": "^4.20.2",
 				"react-final-form": "^6.5.3",
 				"styled-components": "^5.3.0"
@@ -404,6 +404,14 @@
 			"resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
 			"integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU="
 		},
+		"node_modules/cross-fetch": {
+			"version": "3.1.5",
+			"resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.5.tgz",
+			"integrity": "sha512-lvb1SBsI0Z7GDwmuid+mU3kWVBwTVUbe7S0H52yaaAdQOXq2YktTCZdlAcNKFzE6QtRz0snpw9bNiPeOIkkQvw==",
+			"dependencies": {
+				"node-fetch": "2.6.7"
+			}
+		},
 		"node_modules/css-color-keywords": {
 			"version": "1.0.0",
 			"resolved": "https://registry.npmjs.org/css-color-keywords/-/css-color-keywords-1.0.0.tgz",
@@ -461,9 +469,9 @@
 			}
 		},
 		"node_modules/final-form": {
-			"version": "4.20.6",
+			"version": "4.20.4",
-			"resolved": "https://registry.npmjs.org/final-form/-/final-form-4.20.6.tgz",
+			"resolved": "https://registry.npmjs.org/final-form/-/final-form-4.20.4.tgz",
-			"integrity": "sha512-fCdwIj49KOaFfDRlXB57Eo+GghIMZQWrA9TakQI3C9uQxHwaFHXqZSNRlUdfnQmNNeySwGOaGPZCvjy58hyv4w==",
+			"integrity": "sha512-hyoOVVilPLpkTvgi+FSJkFZrh0Yhy4BhE6lk/NiBwrF4aRV8/ykKEyXYvQH/pfUbRkOosvpESYouFb+FscsLrw==",
 			"dependencies": {
 				"@babel/runtime": "^7.10.0"
 			},
@@ -852,19 +860,19 @@
 	},
 	"dependencies": {
 		"@authorizerdev/authorizer-js": {
-			"version": "0.17.0-beta.1",
+			"version": "1.1.0",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-0.17.0-beta.1.tgz",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-1.1.0.tgz",
-			"integrity": "sha512-jUlFUrs4Ys6LZ5hclPeRt84teygi+bA57d/IpV9GAqOrfifv70jkFeDln4+Bs0mZk74el23Xn+DR9380mqE4Cg==",
+			"integrity": "sha512-MdEw1SjhIm7pXq20AscHSbnAta2PC3w7GNBY52/OzmlBXUGH3ooUQX/aszbYOse3FlhapcrGrRvg4sNM7faGAg==",
 			"requires": {
-				"node-fetch": "^2.6.1"
+				"cross-fetch": "^3.1.5"
 			}
 		},
 		"@authorizerdev/authorizer-react": {
-			"version": "0.26.0-beta.0",
+			"version": "1.1.2",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.26.0-beta.0.tgz",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.1.2.tgz",
-			"integrity": "sha512-YfyiGYBmbsp3tLWIxOrOZ/hUTCmdMXVE9SLE8m1xsFsxzJJlUhepp0AMahSbH5EyLj5bchOhOw/rzgpnDZDvMw==",
+			"integrity": "sha512-uBmuKnOVX8gp8CEUuGJuz04ep+8qMEzJXWd5leEGKYMIgolHpu/lOinnMUXhjh8YL3pA4+EhvB+hQXxUX+rRHQ==",
 			"requires": {
-				"@authorizerdev/authorizer-js": "^0.17.0-beta.1",
+				"@authorizerdev/authorizer-js": "^1.1.0",
 				"final-form": "^4.20.2",
 				"react-final-form": "^6.5.3",
 				"styled-components": "^5.3.0"
@@ -1161,6 +1169,14 @@
 			"resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
 			"integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU="
 		},
+		"cross-fetch": {
+			"version": "3.1.5",
+			"resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.5.tgz",
+			"integrity": "sha512-lvb1SBsI0Z7GDwmuid+mU3kWVBwTVUbe7S0H52yaaAdQOXq2YktTCZdlAcNKFzE6QtRz0snpw9bNiPeOIkkQvw==",
+			"requires": {
+				"node-fetch": "2.6.7"
+			}
+		},
 		"css-color-keywords": {
 			"version": "1.0.0",
 			"resolved": "https://registry.npmjs.org/css-color-keywords/-/css-color-keywords-1.0.0.tgz",
@@ -1200,9 +1216,9 @@
 			"integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ="
 		},
 		"final-form": {
-			"version": "4.20.6",
+			"version": "4.20.4",
-			"resolved": "https://registry.npmjs.org/final-form/-/final-form-4.20.6.tgz",
+			"resolved": "https://registry.npmjs.org/final-form/-/final-form-4.20.4.tgz",
-			"integrity": "sha512-fCdwIj49KOaFfDRlXB57Eo+GghIMZQWrA9TakQI3C9uQxHwaFHXqZSNRlUdfnQmNNeySwGOaGPZCvjy58hyv4w==",
+			"integrity": "sha512-hyoOVVilPLpkTvgi+FSJkFZrh0Yhy4BhE6lk/NiBwrF4aRV8/ykKEyXYvQH/pfUbRkOosvpESYouFb+FscsLrw==",
 			"requires": {
 				"@babel/runtime": "^7.10.0"
 			}

app/package.json

@@ -11,7 +11,7 @@
 	"author": "Lakhan Samani",
 	"license": "ISC",
 	"dependencies": {
-		"@authorizerdev/authorizer-react": "^0.26.0-beta.0",
+		"@authorizerdev/authorizer-react": "^1.1.2",
 		"@types/react": "^17.0.15",
 		"@types/react-dom": "^17.0.9",
 		"esbuild": "^0.12.17",

app/src/App.tsx

@@ -4,6 +4,12 @@ import { AuthorizerProvider } from '@authorizerdev/authorizer-react';
 import Root from './Root';
 import { createRandomString } from './utils/common';
 
+declare global {
+  interface Window {
+    __authorizer__: any;
+  }
+}
+
 export default function App() {
 	const searchParams = new URLSearchParams(window.location.search);
 	const state = searchParams.get('state') || createRandomString();
@@ -24,7 +30,6 @@ export default function App() {
 		urlProps.redirectURL = window.location.origin + '/app';
 	}
 	const globalState: Record<string, string> = {
-		// @ts-ignore
 		...window['__authorizer__'],
 		...urlProps,
 	};

dashboard/package-lock.json

@@ -24,11 +24,16 @@
 				"lodash": "^4.17.21",
 				"react": "^17.0.2",
 				"react-dom": "^17.0.2",
+				"react-draft-wysiwyg": "^1.15.0",
 				"react-dropzone": "^12.0.4",
+				"react-email-editor": "^1.6.1",
 				"react-icons": "^4.3.1",
 				"react-router-dom": "^6.2.1",
 				"typescript": "^4.5.4",
 				"urql": "^2.0.6"
+			},
+			"devDependencies": {
+				"@types/react-email-editor": "^1.1.7"
 			}
 		},
 		"node_modules/@babel/code-frame": {
@@ -1191,6 +1196,15 @@
 				"@types/react": "*"
 			}
 		},
+		"node_modules/@types/react-email-editor": {
+			"version": "1.1.7",
+			"resolved": "https://registry.npmjs.org/@types/react-email-editor/-/react-email-editor-1.1.7.tgz",
+			"integrity": "sha512-OURTAgaE9pjA6KiU97k13fPdoglI1ZyowUuZ0nu5tTSyrw5PiZoYzYEf9y25YTjmw/ohxT5yqoP0tt+AjSh1qQ==",
+			"dev": true,
+			"dependencies": {
+				"@types/react": "*"
+			}
+		},
 		"node_modules/@types/react-router": {
 			"version": "5.1.17",
 			"resolved": "https://registry.npmjs.org/@types/react-router/-/react-router-5.1.17.tgz",
@@ -1306,6 +1320,11 @@
 				"node": ">=0.8.0"
 			}
 		},
+		"node_modules/classnames": {
+			"version": "2.3.1",
+			"resolved": "https://registry.npmjs.org/classnames/-/classnames-2.3.1.tgz",
+			"integrity": "sha512-OlQdbZ7gLfGarSqxesMesDa5uz7KFbID8Kpq/SxIoNGDqY8lSYs0D+hhtBXhcdB3rcbXArFr7vlHheLk1voeNA=="
+		},
 		"node_modules/color-convert": {
 			"version": "1.9.3",
 			"resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz",
@@ -1383,6 +1402,15 @@
 			"resolved": "https://registry.npmjs.org/detect-node-es/-/detect-node-es-1.1.0.tgz",
 			"integrity": "sha512-ypdmJU/TbBby2Dxibuv7ZLW3Bs1QEmM7nHjEANfohJLvE0XVujisn1qPJcZxg+qDucsr+bP6fLD1rPS3AhJ7EQ=="
 		},
+		"node_modules/draftjs-utils": {
+			"version": "0.10.2",
+			"resolved": "https://registry.npmjs.org/draftjs-utils/-/draftjs-utils-0.10.2.tgz",
+			"integrity": "sha512-EstHqr3R3JVcilJrBaO/A+01GvwwKmC7e4TCjC7S94ZeMh4IVmf60OuQXtHHpwItK8C2JCi3iljgN5KHkJboUg==",
+			"peerDependencies": {
+				"draft-js": "^0.11.x",
+				"immutable": "3.x.x || 4.x.x"
+			}
+		},
 		"node_modules/error-ex": {
 			"version": "1.3.2",
 			"resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz",
@@ -1802,6 +1830,15 @@
 				"react-is": "^16.7.0"
 			}
 		},
+		"node_modules/html-to-draftjs": {
+			"version": "1.5.0",
+			"resolved": "https://registry.npmjs.org/html-to-draftjs/-/html-to-draftjs-1.5.0.tgz",
+			"integrity": "sha512-kggLXBNciKDwKf+KYsuE+V5gw4dZ7nHyGMX9m0wy7urzWjKGWyNFetmArRLvRV0VrxKN70WylFsJvMTJx02OBQ==",
+			"peerDependencies": {
+				"draft-js": "^0.10.x || ^0.11.x",
+				"immutable": "3.x.x || 4.x.x"
+			}
+		},
 		"node_modules/import-fresh": {
 			"version": "3.3.0",
 			"resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz",
@@ -1856,6 +1893,14 @@
 			"resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz",
 			"integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg=="
 		},
+		"node_modules/linkify-it": {
+			"version": "2.2.0",
+			"resolved": "https://registry.npmjs.org/linkify-it/-/linkify-it-2.2.0.tgz",
+			"integrity": "sha512-GnAl/knGn+i1U/wjBz3akz2stz+HrHLsxMwHQGofCDfPvlf+gDKN58UtfmUquTY4/MXeE2x7k19KQmeoZi94Iw==",
+			"dependencies": {
+				"uc.micro": "^1.0.1"
+			}
+		},
 		"node_modules/lodash": {
 			"version": "4.17.21",
 			"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
@@ -1991,6 +2036,24 @@
 				"react": "17.0.2"
 			}
 		},
+		"node_modules/react-draft-wysiwyg": {
+			"version": "1.15.0",
+			"resolved": "https://registry.npmjs.org/react-draft-wysiwyg/-/react-draft-wysiwyg-1.15.0.tgz",
+			"integrity": "sha512-p1cYZcWc6/ALFBVksbFoCM3b29fGQDlZLIMrXng0TU/UElxIOF2/AWWo4L5auIYVhmqKTZ0NkNjnXOzGGuxyeA==",
+			"dependencies": {
+				"classnames": "^2.2.6",
+				"draftjs-utils": "^0.10.2",
+				"html-to-draftjs": "^1.5.0",
+				"linkify-it": "^2.2.0",
+				"prop-types": "^15.7.2"
+			},
+			"peerDependencies": {
+				"draft-js": "^0.10.x || ^0.11.x",
+				"immutable": "3.x.x || 4.x.x",
+				"react": "0.13.x || 0.14.x || ^15.0.0-0 || 15.x.x || ^16.0.0-0 || ^16.x.x || ^17.x.x || ^18.x.x",
+				"react-dom": "0.13.x || 0.14.x || ^15.0.0-0 || 15.x.x || ^16.0.0-0 || ^16.x.x || ^17.x.x || ^18.x.x"
+			}
+		},
 		"node_modules/react-dropzone": {
 			"version": "12.0.4",
 			"resolved": "https://registry.npmjs.org/react-dropzone/-/react-dropzone-12.0.4.tgz",
@@ -2007,6 +2070,14 @@
 				"react": ">= 16.8"
 			}
 		},
+		"node_modules/react-email-editor": {
+			"version": "1.6.1",
+			"resolved": "https://registry.npmjs.org/react-email-editor/-/react-email-editor-1.6.1.tgz",
+			"integrity": "sha512-pEWpRmTY0ok03cwTGqEOoEldnzThhuRGTrcMnv8W3/jc5MTfcr9USU/IQ9HrVvFStLKoxYBIQnSKY+iCYWOtSQ==",
+			"peerDependencies": {
+				"react": "15.x || 16.x || 17.x"
+			}
+		},
 		"node_modules/react-fast-compare": {
 			"version": "3.2.0",
 			"resolved": "https://registry.npmjs.org/react-fast-compare/-/react-fast-compare-3.2.0.tgz",
@@ -2275,6 +2346,11 @@
 				"node": ">=4.2.0"
 			}
 		},
+		"node_modules/uc.micro": {
+			"version": "1.0.6",
+			"resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-1.0.6.tgz",
+			"integrity": "sha512-8Y75pvTYkLJW2hWQHXxoqRgV7qb9B+9vFEtidML+7koHUFapnVJAZ6cKs+Qjz5Aw3aZWHMC6u0wJE3At+nSGwA=="
+		},
 		"node_modules/urql": {
 			"version": "2.0.6",
 			"resolved": "https://registry.npmjs.org/urql/-/urql-2.0.6.tgz",
@@ -3218,6 +3294,15 @@
 				"@types/react": "*"
 			}
 		},
+		"@types/react-email-editor": {
+			"version": "1.1.7",
+			"resolved": "https://registry.npmjs.org/@types/react-email-editor/-/react-email-editor-1.1.7.tgz",
+			"integrity": "sha512-OURTAgaE9pjA6KiU97k13fPdoglI1ZyowUuZ0nu5tTSyrw5PiZoYzYEf9y25YTjmw/ohxT5yqoP0tt+AjSh1qQ==",
+			"dev": true,
+			"requires": {
+				"@types/react": "*"
+			}
+		},
 		"@types/react-router": {
 			"version": "5.1.17",
 			"resolved": "https://registry.npmjs.org/@types/react-router/-/react-router-5.1.17.tgz",
@@ -3316,6 +3401,11 @@
 				}
 			}
 		},
+		"classnames": {
+			"version": "2.3.1",
+			"resolved": "https://registry.npmjs.org/classnames/-/classnames-2.3.1.tgz",
+			"integrity": "sha512-OlQdbZ7gLfGarSqxesMesDa5uz7KFbID8Kpq/SxIoNGDqY8lSYs0D+hhtBXhcdB3rcbXArFr7vlHheLk1voeNA=="
+		},
 		"color-convert": {
 			"version": "1.9.3",
 			"resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz",
@@ -3390,6 +3480,12 @@
 			"resolved": "https://registry.npmjs.org/detect-node-es/-/detect-node-es-1.1.0.tgz",
 			"integrity": "sha512-ypdmJU/TbBby2Dxibuv7ZLW3Bs1QEmM7nHjEANfohJLvE0XVujisn1qPJcZxg+qDucsr+bP6fLD1rPS3AhJ7EQ=="
 		},
+		"draftjs-utils": {
+			"version": "0.10.2",
+			"resolved": "https://registry.npmjs.org/draftjs-utils/-/draftjs-utils-0.10.2.tgz",
+			"integrity": "sha512-EstHqr3R3JVcilJrBaO/A+01GvwwKmC7e4TCjC7S94ZeMh4IVmf60OuQXtHHpwItK8C2JCi3iljgN5KHkJboUg==",
+			"requires": {}
+		},
 		"error-ex": {
 			"version": "1.3.2",
 			"resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz",
@@ -3659,6 +3755,12 @@
 				"react-is": "^16.7.0"
 			}
 		},
+		"html-to-draftjs": {
+			"version": "1.5.0",
+			"resolved": "https://registry.npmjs.org/html-to-draftjs/-/html-to-draftjs-1.5.0.tgz",
+			"integrity": "sha512-kggLXBNciKDwKf+KYsuE+V5gw4dZ7nHyGMX9m0wy7urzWjKGWyNFetmArRLvRV0VrxKN70WylFsJvMTJx02OBQ==",
+			"requires": {}
+		},
 		"import-fresh": {
 			"version": "3.3.0",
 			"resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz",
@@ -3704,6 +3806,14 @@
 			"resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz",
 			"integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg=="
 		},
+		"linkify-it": {
+			"version": "2.2.0",
+			"resolved": "https://registry.npmjs.org/linkify-it/-/linkify-it-2.2.0.tgz",
+			"integrity": "sha512-GnAl/knGn+i1U/wjBz3akz2stz+HrHLsxMwHQGofCDfPvlf+gDKN58UtfmUquTY4/MXeE2x7k19KQmeoZi94Iw==",
+			"requires": {
+				"uc.micro": "^1.0.1"
+			}
+		},
 		"lodash": {
 			"version": "4.17.21",
 			"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
@@ -3814,6 +3924,18 @@
 				"scheduler": "^0.20.2"
 			}
 		},
+		"react-draft-wysiwyg": {
+			"version": "1.15.0",
+			"resolved": "https://registry.npmjs.org/react-draft-wysiwyg/-/react-draft-wysiwyg-1.15.0.tgz",
+			"integrity": "sha512-p1cYZcWc6/ALFBVksbFoCM3b29fGQDlZLIMrXng0TU/UElxIOF2/AWWo4L5auIYVhmqKTZ0NkNjnXOzGGuxyeA==",
+			"requires": {
+				"classnames": "^2.2.6",
+				"draftjs-utils": "^0.10.2",
+				"html-to-draftjs": "^1.5.0",
+				"linkify-it": "^2.2.0",
+				"prop-types": "^15.7.2"
+			}
+		},
 		"react-dropzone": {
 			"version": "12.0.4",
 			"resolved": "https://registry.npmjs.org/react-dropzone/-/react-dropzone-12.0.4.tgz",
@@ -3824,6 +3946,12 @@
 				"prop-types": "^15.8.1"
 			}
 		},
+		"react-email-editor": {
+			"version": "1.6.1",
+			"resolved": "https://registry.npmjs.org/react-email-editor/-/react-email-editor-1.6.1.tgz",
+			"integrity": "sha512-pEWpRmTY0ok03cwTGqEOoEldnzThhuRGTrcMnv8W3/jc5MTfcr9USU/IQ9HrVvFStLKoxYBIQnSKY+iCYWOtSQ==",
+			"requires": {}
+		},
 		"react-fast-compare": {
 			"version": "3.2.0",
 			"resolved": "https://registry.npmjs.org/react-fast-compare/-/react-fast-compare-3.2.0.tgz",
@@ -4020,6 +4148,11 @@
 			"resolved": "https://registry.npmjs.org/typescript/-/typescript-4.5.4.tgz",
 			"integrity": "sha512-VgYs2A2QIRuGphtzFV7aQJduJ2gyfTljngLzjpfW9FoYZF6xuw1W0vW9ghCKLfcWrCFxK81CSGRAvS1pn4fIUg=="
 		},
+		"uc.micro": {
+			"version": "1.0.6",
+			"resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-1.0.6.tgz",
+			"integrity": "sha512-8Y75pvTYkLJW2hWQHXxoqRgV7qb9B+9vFEtidML+7koHUFapnVJAZ6cKs+Qjz5Aw3aZWHMC6u0wJE3At+nSGwA=="
+		},
 		"urql": {
 			"version": "2.0.6",
 			"resolved": "https://registry.npmjs.org/urql/-/urql-2.0.6.tgz",

dashboard/package.json

@@ -26,10 +26,15 @@
 		"lodash": "^4.17.21",
 		"react": "^17.0.2",
 		"react-dom": "^17.0.2",
+		"react-draft-wysiwyg": "^1.15.0",
 		"react-dropzone": "^12.0.4",
+		"react-email-editor": "^1.6.1",
 		"react-icons": "^4.3.1",
 		"react-router-dom": "^6.2.1",
 		"typescript": "^4.5.4",
 		"urql": "^2.0.6"
+	},
+	"devDependencies": {
+		"@types/react-email-editor": "^1.1.7"
 	}
 }

dashboard/src/components/DeleteEmailTemplateModal.tsx

@@ -0,0 +1,106 @@
+import React from 'react';
+import {
+	Button,
+	Center,
+	Flex,
+	MenuItem,
+	Modal,
+	ModalBody,
+	ModalCloseButton,
+	ModalContent,
+	ModalFooter,
+	ModalHeader,
+	ModalOverlay,
+	useDisclosure,
+	Text,
+	useToast,
+} from '@chakra-ui/react';
+import { useClient } from 'urql';
+import { FaRegTrashAlt } from 'react-icons/fa';
+import { DeleteEmailTemplate } from '../graphql/mutation';
+import { capitalizeFirstLetter } from '../utils';
+
+interface deleteEmailTemplateModalInputPropTypes {
+	emailTemplateId: string;
+	eventName: string;
+	fetchEmailTemplatesData: Function;
+}
+
+const DeleteEmailTemplateModal = ({
+	emailTemplateId,
+	eventName,
+	fetchEmailTemplatesData,
+}: deleteEmailTemplateModalInputPropTypes) => {
+	const client = useClient();
+	const toast = useToast();
+	const { isOpen, onOpen, onClose } = useDisclosure();
+
+	const deleteHandler = async () => {
+		const res = await client
+			.mutation(DeleteEmailTemplate, { params: { id: emailTemplateId } })
+			.toPromise();
+		if (res.error) {
+			toast({
+				title: capitalizeFirstLetter(res.error.message),
+				isClosable: true,
+				status: 'error',
+				position: 'bottom-right',
+			});
+
+			return;
+		} else if (res.data?._delete_email_template) {
+			toast({
+				title: capitalizeFirstLetter(res.data?._delete_email_template.message),
+				isClosable: true,
+				status: 'success',
+				position: 'bottom-right',
+			});
+		}
+		onClose();
+		fetchEmailTemplatesData();
+	};
+	return (
+		<>
+			<MenuItem onClick={onOpen}>Delete</MenuItem>
+			<Modal isOpen={isOpen} onClose={onClose}>
+				<ModalOverlay />
+				<ModalContent>
+					<ModalHeader>Delete Email Template</ModalHeader>
+					<ModalCloseButton />
+					<ModalBody>
+						<Text fontSize="md">Are you sure?</Text>
+						<Flex
+							padding="5%"
+							marginTop="5%"
+							marginBottom="2%"
+							border="1px solid #ff7875"
+							borderRadius="5px"
+							flexDirection="column"
+						>
+							<Text fontSize="sm">
+								Email template for event <b>{eventName}</b> will be deleted
+								permanently!
+							</Text>
+						</Flex>
+					</ModalBody>
+
+					<ModalFooter>
+						<Button
+							leftIcon={<FaRegTrashAlt />}
+							colorScheme="red"
+							variant="solid"
+							onClick={deleteHandler}
+							isDisabled={false}
+						>
+							<Center h="100%" pt="5%">
+								Delete
+							</Center>
+						</Button>
+					</ModalFooter>
+				</ModalContent>
+			</Modal>
+		</>
+	);
+};
+
+export default DeleteEmailTemplateModal;

dashboard/src/components/EnvComponents/Features.tsx

@@ -1,5 +1,5 @@
 import React from 'react';
-import { Flex, Stack, Text } from '@chakra-ui/react';
+import { Divider, Flex, Stack, Text } from '@chakra-ui/react';
 import InputField from '../InputField';
 import { SwitchInputType } from '../../constants';
 
@@ -10,7 +10,7 @@ const Features = ({ variables, setVariables }: any) => {
 			<Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
 				Disable Features
 			</Text>
-			<Stack spacing={6} padding="2% 0%">
+			<Stack spacing={6}>
 				<Flex>
 					<Flex w="100%" justifyContent="start" alignItems="center">
 						<Text fontSize="sm">Disable Login Page:</Text>
@@ -83,6 +83,48 @@ const Features = ({ variables, setVariables }: any) => {
 						/>
 					</Flex>
 				</Flex>
+				<Flex alignItems="center">
+					<Flex w="100%" alignItems="baseline" flexDir="column">
+						<Text fontSize="sm">
+							Disable Multi Factor Authentication (MFA):
+						</Text>
+						<Text fontSize="x-small">
+							Note: Enabling this will ignore Enforcing MFA shown below and will
+							also ignore the user MFA setting.
+						</Text>
+					</Flex>
+					<Flex justifyContent="start" mb={3}>
+						<InputField
+							variables={variables}
+							setVariables={setVariables}
+							inputType={SwitchInputType.DISABLE_MULTI_FACTOR_AUTHENTICATION}
+						/>
+					</Flex>
+				</Flex>
+			</Stack>
+			<Divider paddingY={5} />
+			<Text fontSize="md" paddingTop={5} fontWeight="bold" mb={5}>
+				Enable Features
+			</Text>
+			<Stack spacing={6}>
+				<Flex alignItems="center">
+					<Flex w="100%" alignItems="baseline" flexDir="column">
+						<Text fontSize="sm">
+							Enforce Multi Factor Authentication (MFA):
+						</Text>
+						<Text fontSize="x-small">
+							Note: If you disable enforcing after it was enabled, it will still
+							keep MFA enabled for older users.
+						</Text>
+					</Flex>
+					<Flex justifyContent="start" mb={3}>
+						<InputField
+							variables={variables}
+							setVariables={setVariables}
+							inputType={SwitchInputType.ENFORCE_MULTI_FACTOR_AUTHENTICATION}
+						/>
+					</Flex>
+				</Flex>
 			</Stack>
 		</div>
 	);

dashboard/src/components/EnvComponents/JWTConfiguration.tsx

@@ -1,12 +1,21 @@
-import React from "react";
+import React from 'react';
-import { Flex, Stack, Center, Text, useMediaQuery } from "@chakra-ui/react";
+import {
+	Flex,
+	Stack,
+	Center,
+	Text,
+	useMediaQuery,
+	Button,
+	useToast,
+} from '@chakra-ui/react';
 import {
 	HiddenInputType,
 	TextInputType,
 	TextAreaInputType,
-} from "../../constants";
+} from '../../constants';
-import GenerateKeysModal from "../GenerateKeysModal";
+import GenerateKeysModal from '../GenerateKeysModal';
-import InputField from "../InputField";
+import InputField from '../InputField';
+import { copyTextToClipboard } from '../../utils';
 
 const JSTConfigurations = ({
 	variables,
@@ -19,11 +28,40 @@ const JSTConfigurations = ({
 	RSAEncryptionType,
 	ECDSAEncryptionType,
 }: any) => {
-  const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
+	const [isNotSmallerScreen] = useMediaQuery('(min-width:600px)');
+	const toast = useToast();
+
+	const copyJSON = async () => {
+		try {
+			await copyTextToClipboard(
+				JSON.stringify({
+					type: variables.JWT_TYPE,
+					key: variables.JWT_PUBLIC_KEY || variables.JWT_SECRET,
+				})
+			);
+			toast({
+				title: `JWT config copied successfully`,
+				isClosable: true,
+				status: 'success',
+				position: 'bottom-right',
+			});
+		} catch (err) {
+			console.error({
+				message: `Failed to copy JWT config`,
+				error: err,
+			});
+			toast({
+				title: `Failed to copy JWT config`,
+				isClosable: true,
+				status: 'error',
+				position: 'bottom-right',
+			});
+		}
+	};
 
 	return (
 		<div>
-      {" "}
+			{' '}
 			<Flex
 				borderRadius={5}
 				width="100%"
@@ -32,24 +70,33 @@ const JSTConfigurations = ({
 				paddingTop="2%"
 			>
 				<Text
-          fontSize={isNotSmallerScreen ? "md" : "sm"}
+					fontSize={isNotSmallerScreen ? 'md' : 'sm'}
 					fontWeight="bold"
 					mb={5}
 				>
 					JWT (JSON Web Tokens) Configurations
 				</Text>
 				<Flex mb={7}>
+					<Button
+						colorScheme="blue"
+						h="1.75rem"
+						size="sm"
+						variant="ghost"
+						onClick={copyJSON}
+					>
+						Copy As JSON Config
+					</Button>
 					<GenerateKeysModal jwtType={variables.JWT_TYPE} getData={getData} />
 				</Flex>
 			</Flex>
 			<Stack spacing={6} padding="2% 0%">
-        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+				<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
 					<Flex w="30%" justifyContent="start" alignItems="center">
 						<Text fontSize="sm">JWT Type:</Text>
 					</Flex>
 					<Flex
-            w={isNotSmallerScreen ? "70%" : "100%"}
+						w={isNotSmallerScreen ? '70%' : '100%'}
-            mt={isNotSmallerScreen ? "0" : "2"}
+						mt={isNotSmallerScreen ? '0' : '2'}
 					>
 						<InputField
 							borderRadius={5}
@@ -66,13 +113,13 @@ const JSTConfigurations = ({
 					</Flex>
 				</Flex>
 				{Object.values(HMACEncryptionType).includes(variables.JWT_TYPE) ? (
-          <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+					<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
 						<Flex w="30%" justifyContent="start" alignItems="center">
 							<Text fontSize="sm">JWT Secret</Text>
 						</Flex>
 						<Center
-              w={isNotSmallerScreen ? "70%" : "100%"}
+							w={isNotSmallerScreen ? '70%' : '100%'}
-              mt={isNotSmallerScreen ? "0" : "2"}
+							mt={isNotSmallerScreen ? '0' : '2'}
 						>
 							<InputField
 								borderRadius={5}
@@ -86,13 +133,13 @@ const JSTConfigurations = ({
 					</Flex>
 				) : (
 					<>
-            <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+						<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
 							<Flex w="30%" justifyContent="start" alignItems="center">
 								<Text fontSize="sm">Public Key</Text>
 							</Flex>
 							<Center
-                w={isNotSmallerScreen ? "70%" : "100%"}
+								w={isNotSmallerScreen ? '70%' : '100%'}
-                mt={isNotSmallerScreen ? "0" : "2"}
+								mt={isNotSmallerScreen ? '0' : '2'}
 							>
 								<InputField
 									borderRadius={5}
@@ -104,13 +151,13 @@ const JSTConfigurations = ({
 								/>
 							</Center>
 						</Flex>
-            <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+						<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
 							<Flex w="30%" justifyContent="start" alignItems="center">
 								<Text fontSize="sm">Private Key</Text>
 							</Flex>
 							<Center
-                w={isNotSmallerScreen ? "70%" : "100%"}
+								w={isNotSmallerScreen ? '70%' : '100%'}
-                mt={isNotSmallerScreen ? "0" : "2"}
+								mt={isNotSmallerScreen ? '0' : '2'}
 							>
 								<InputField
 									borderRadius={5}
@@ -124,9 +171,9 @@ const JSTConfigurations = ({
 						</Flex>
 					</>
 				)}
-        <Flex direction={isNotSmallerScreen ? "row" : "column"}>
+				<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
 					<Flex
-            w={isNotSmallerScreen ? "30%" : "40%"}
+						w={isNotSmallerScreen ? '30%' : '40%'}
 						justifyContent="start"
 						alignItems="center"
 					>
@@ -135,8 +182,8 @@ const JSTConfigurations = ({
 						</Text>
 					</Flex>
 					<Center
-            w={isNotSmallerScreen ? "70%" : "100%"}
+						w={isNotSmallerScreen ? '70%' : '100%'}
-            mt={isNotSmallerScreen ? "0" : "2"}
+						mt={isNotSmallerScreen ? '0' : '2'}
 					>
 						<InputField
 							borderRadius={5}

dashboard/src/components/EnvComponents/OAuthConfig.tsx

@@ -15,6 +15,7 @@ import {
 	FaFacebookF,
 	FaLinkedin,
 	FaApple,
+	FaTwitter,
 } from 'react-icons/fa';
 import { TextInputType, HiddenInputType } from '../../constants';
 
@@ -264,6 +265,44 @@ const OAuthConfig = ({
 							/>
 						</Center>
 					</Flex>
+					<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
+						<Center
+							w={isNotSmallerScreen ? '55px' : '35px'}
+							h="35px"
+							marginRight="1.5%"
+							border="1px solid #3b5998"
+							borderRadius="5px"
+						>
+							<FaTwitter />
+						</Center>
+						<Center
+							w={isNotSmallerScreen ? '70%' : '100%'}
+							mt={isNotSmallerScreen ? '0' : '3'}
+							marginRight="1.5%"
+						>
+							<InputField
+								borderRadius={5}
+								variables={envVariables}
+								setVariables={setVariables}
+								inputType={TextInputType.TWITTER_CLIENT_ID}
+								placeholder="Twitter Client ID"
+							/>
+						</Center>
+						<Center
+							w={isNotSmallerScreen ? '70%' : '100%'}
+							mt={isNotSmallerScreen ? '0' : '3'}
+						>
+							<InputField
+								borderRadius={5}
+								variables={envVariables}
+								setVariables={setVariables}
+								fieldVisibility={fieldVisibility}
+								setFieldVisibility={setFieldVisibility}
+								inputType={HiddenInputType.TWITTER_CLIENT_SECRET}
+								placeholder="Twitter Client Secret"
+							/>
+						</Center>
+					</Flex>
 				</Stack>
 			</Box>
 		</div>

dashboard/src/components/InputField.tsx

@@ -12,7 +12,6 @@ import {
 	Select,
 	Textarea,
 	Switch,
-	Code,
 	Text,
 } from '@chakra-ui/react';
 import {

dashboard/src/components/Menu.tsx

@@ -31,6 +31,7 @@ import {
 	FiUsers,
 	FiChevronDown,
 	FiLink,
+	FiFileText,
 } from 'react-icons/fi';
 import { BiCustomize } from 'react-icons/bi';
 import { AiOutlineKey } from 'react-icons/ai';
@@ -113,6 +114,7 @@ const LinkItems: Array<LinkItemProps> = [
 	},
 	{ name: 'Users', icon: FiUsers, route: '/users' },
 	{ name: 'Webhooks', icon: FiLink, route: '/webhooks' },
+	{ name: 'Email Templates', icon: FiFileText, route: '/email-templates' },
 ];
 
 interface SidebarProps extends BoxProps {

dashboard/src/components/UpdateEmailTemplateModal.tsx

@@ -0,0 +1,457 @@
+import React, { useEffect, useRef, useState } from 'react';
+import {
+	Button,
+	Center,
+	Flex,
+	Input,
+	InputGroup,
+	MenuItem,
+	Modal,
+	ModalBody,
+	ModalCloseButton,
+	ModalContent,
+	ModalFooter,
+	ModalHeader,
+	ModalOverlay,
+	Select,
+	Text,
+	useDisclosure,
+	useToast,
+	Alert,
+	AlertIcon,
+	Collapse,
+	Box,
+	TableContainer,
+	Table,
+	Thead,
+	Tr,
+	Th,
+	Tbody,
+	Td,
+	Code,
+} from '@chakra-ui/react';
+import { FaPlus, FaAngleDown, FaAngleUp } from 'react-icons/fa';
+import { useClient } from 'urql';
+import EmailEditor from 'react-email-editor';
+import {
+	UpdateModalViews,
+	EmailTemplateInputDataFields,
+	emailTemplateEventNames,
+	emailTemplateVariables,
+} from '../constants';
+import { capitalizeFirstLetter } from '../utils';
+import { AddEmailTemplate, EditEmailTemplate } from '../graphql/mutation';
+
+interface selectedEmailTemplateDataTypes {
+	[EmailTemplateInputDataFields.ID]: string;
+	[EmailTemplateInputDataFields.EVENT_NAME]: string;
+	[EmailTemplateInputDataFields.SUBJECT]: string;
+	[EmailTemplateInputDataFields.CREATED_AT]: number;
+	[EmailTemplateInputDataFields.TEMPLATE]: string;
+	[EmailTemplateInputDataFields.DESIGN]: string;
+}
+
+interface UpdateEmailTemplateInputPropTypes {
+	view: UpdateModalViews;
+	selectedTemplate?: selectedEmailTemplateDataTypes;
+	fetchEmailTemplatesData: Function;
+}
+
+interface templateVariableDataTypes {
+	text: string;
+	value: string;
+	description: string;
+}
+
+interface emailTemplateDataType {
+	[EmailTemplateInputDataFields.EVENT_NAME]: string;
+	[EmailTemplateInputDataFields.SUBJECT]: string;
+}
+
+interface validatorDataType {
+	[EmailTemplateInputDataFields.SUBJECT]: boolean;
+}
+
+const initTemplateData: emailTemplateDataType = {
+	[EmailTemplateInputDataFields.EVENT_NAME]: emailTemplateEventNames.Signup,
+	[EmailTemplateInputDataFields.SUBJECT]: '',
+};
+
+const initTemplateValidatorData: validatorDataType = {
+	[EmailTemplateInputDataFields.SUBJECT]: true,
+};
+
+const UpdateEmailTemplate = ({
+	view,
+	selectedTemplate,
+	fetchEmailTemplatesData,
+}: UpdateEmailTemplateInputPropTypes) => {
+	const client = useClient();
+	const toast = useToast();
+	const emailEditorRef = useRef(null);
+	const { isOpen, onOpen, onClose } = useDisclosure();
+	const [loading, setLoading] = useState<boolean>(false);
+	const [templateVariables, setTemplateVariables] = useState<
+		templateVariableDataTypes[]
+	>([]);
+	const [templateData, setTemplateData] = useState<emailTemplateDataType>({
+		...initTemplateData,
+	});
+	const [validator, setValidator] = useState<validatorDataType>({
+		...initTemplateValidatorData,
+	});
+	const [isDynamicVariableInfoOpen, setIsDynamicVariableInfoOpen] =
+		useState<boolean>(false);
+
+	const onReady = () => {
+		if (selectedTemplate) {
+			const { design } = selectedTemplate;
+			try {
+				const designData = JSON.parse(design);
+				// @ts-ignore
+				emailEditorRef.current.editor.loadDesign(designData);
+			} catch (error) {
+				console.error(error);
+				onClose();
+			}
+		}
+	};
+
+	const inputChangehandler = (inputType: string, value: any) => {
+		if (inputType !== EmailTemplateInputDataFields.EVENT_NAME) {
+			setValidator({
+				...validator,
+				[inputType]: value?.trim().length,
+			});
+		}
+		setTemplateData({ ...templateData, [inputType]: value });
+	};
+
+	const validateData = () => {
+		return (
+			!loading &&
+			templateData[EmailTemplateInputDataFields.EVENT_NAME].length > 0 &&
+			templateData[EmailTemplateInputDataFields.SUBJECT].length > 0 &&
+			validator[EmailTemplateInputDataFields.SUBJECT]
+		);
+	};
+
+	const saveData = async () => {
+		if (!validateData()) return;
+		setLoading(true);
+		// @ts-ignore
+		return await emailEditorRef.current.editor.exportHtml(async (data) => {
+			const { design, html } = data;
+			if (!html || !design) {
+				setLoading(false);
+				return;
+			}
+			const params = {
+				[EmailTemplateInputDataFields.EVENT_NAME]:
+					templateData[EmailTemplateInputDataFields.EVENT_NAME],
+				[EmailTemplateInputDataFields.SUBJECT]:
+					templateData[EmailTemplateInputDataFields.SUBJECT],
+				[EmailTemplateInputDataFields.TEMPLATE]: html.trim(),
+				[EmailTemplateInputDataFields.DESIGN]: JSON.stringify(design),
+			};
+			let res: any = {};
+			if (
+				view === UpdateModalViews.Edit &&
+				selectedTemplate?.[EmailTemplateInputDataFields.ID]
+			) {
+				res = await client
+					.mutation(EditEmailTemplate, {
+						params: {
+							...params,
+							id: selectedTemplate[EmailTemplateInputDataFields.ID],
+						},
+					})
+					.toPromise();
+			} else {
+				res = await client.mutation(AddEmailTemplate, { params }).toPromise();
+			}
+			setLoading(false);
+			if (res.error) {
+				toast({
+					title: capitalizeFirstLetter(res.error.message),
+					isClosable: true,
+					status: 'error',
+					position: 'bottom-right',
+				});
+			} else if (
+				res.data?._add_email_template ||
+				res.data?._update_email_template
+			) {
+				toast({
+					title: capitalizeFirstLetter(
+						res.data?._add_email_template?.message ||
+							res.data?._update_email_template?.message
+					),
+					isClosable: true,
+					status: 'success',
+					position: 'bottom-right',
+				});
+				setTemplateData({
+					...initTemplateData,
+				});
+				setValidator({ ...initTemplateValidatorData });
+				fetchEmailTemplatesData();
+			}
+			view === UpdateModalViews.ADD && onClose();
+		});
+	};
+	const resetData = () => {
+		if (selectedTemplate) {
+			setTemplateData(selectedTemplate);
+		} else {
+			setTemplateData({ ...initTemplateData });
+		}
+	};
+	useEffect(() => {
+		if (
+			isOpen &&
+			view === UpdateModalViews.Edit &&
+			selectedTemplate &&
+			Object.keys(selectedTemplate || {}).length
+		) {
+			const { id, created_at, template, design, ...rest } = selectedTemplate;
+			setTemplateData(rest);
+		}
+	}, [isOpen]);
+	useEffect(() => {
+		const updatedTemplateVariables = Object.entries(
+			emailTemplateVariables
+		).reduce((acc, [key, val]): any => {
+			if (
+				(templateData[EmailTemplateInputDataFields.EVENT_NAME] !==
+					emailTemplateEventNames['Verify Otp'] &&
+					val === emailTemplateVariables.otp) ||
+				(templateData[EmailTemplateInputDataFields.EVENT_NAME] ===
+					emailTemplateEventNames['Verify Otp'] &&
+					val === emailTemplateVariables.verification_url)
+			) {
+				return acc;
+			}
+			return [
+				...acc,
+				{
+					text: key,
+					value: val.value,
+					description: val.description,
+				},
+			];
+		}, []);
+		setTemplateVariables(updatedTemplateVariables);
+	}, [templateData[EmailTemplateInputDataFields.EVENT_NAME]]);
+
+	return (
+		<>
+			{view === UpdateModalViews.ADD ? (
+				<Button
+					leftIcon={<FaPlus />}
+					colorScheme="blue"
+					variant="solid"
+					onClick={onOpen}
+					isDisabled={false}
+					size="sm"
+				>
+					<Center h="100%">Add Template</Center>{' '}
+				</Button>
+			) : (
+				<MenuItem onClick={onOpen}>Edit</MenuItem>
+			)}
+			<Modal
+				isOpen={isOpen}
+				onClose={() => {
+					resetData();
+					onClose();
+				}}
+				size="6xl"
+			>
+				<ModalOverlay />
+				<ModalContent>
+					<ModalHeader>
+						{view === UpdateModalViews.ADD
+							? 'Add New Email Template'
+							: 'Edit Email Template'}
+					</ModalHeader>
+					<ModalCloseButton />
+					<ModalBody>
+						<Flex
+							flexDirection="column"
+							border="1px"
+							borderRadius="md"
+							borderColor="gray.200"
+							p="5"
+						>
+							<Alert
+								status="info"
+								onClick={() =>
+									setIsDynamicVariableInfoOpen(!isDynamicVariableInfoOpen)
+								}
+								borderRadius="5"
+								marginBottom={5}
+								cursor="pointer"
+								fontSize="sm"
+							>
+								<AlertIcon />
+								<Flex
+									width="100%"
+									justifyContent="space-between"
+									alignItems="center"
+								>
+									<Box width="85%">
+										<b>Note:</b> You can add set of dynamic variables to subject
+										and email body. Click here to see the set of dynamic
+										variables.
+									</Box>
+									{isDynamicVariableInfoOpen ? <FaAngleUp /> : <FaAngleDown />}
+								</Flex>
+							</Alert>
+							<Collapse
+								style={{
+									width: '100%',
+								}}
+								in={isDynamicVariableInfoOpen}
+							>
+								<TableContainer
+									background="gray.100"
+									borderRadius={5}
+									height={200}
+									width="100%"
+									overflowY="auto"
+									overflowWrap="break-word"
+								>
+									<Table variant="simple">
+										<Thead>
+											<Tr>
+												<Th>Variable</Th>
+												<Th>Description</Th>
+											</Tr>
+										</Thead>
+										<Tbody>
+											{templateVariables.map((i) => (
+												<Tr key={i.text}>
+													<Td>
+														<Code fontSize="sm">{`{{.${i.text}}}`}</Code>
+													</Td>
+													<Td>
+														<Text
+															size="sm"
+															fontSize="sm"
+															overflowWrap="break-word"
+															width="100%"
+														>
+															{i.description}
+														</Text>
+													</Td>
+												</Tr>
+											))}
+										</Tbody>
+									</Table>
+								</TableContainer>
+							</Collapse>
+							<Flex
+								width="100%"
+								justifyContent="space-between"
+								alignItems="center"
+								marginBottom="2%"
+							>
+								<Flex flex="1">Event Name</Flex>
+								<Flex flex="3">
+									<Select
+										size="md"
+										value={
+											templateData[EmailTemplateInputDataFields.EVENT_NAME]
+										}
+										onChange={(e) =>
+											inputChangehandler(
+												EmailTemplateInputDataFields.EVENT_NAME,
+												e.currentTarget.value
+											)
+										}
+									>
+										{Object.entries(emailTemplateEventNames).map(
+											([key, value]: any) => (
+												<option value={value} key={key}>
+													{key}
+												</option>
+											)
+										)}
+									</Select>
+								</Flex>
+							</Flex>
+							<Flex
+								width="100%"
+								justifyContent="start"
+								alignItems="center"
+								marginBottom="2%"
+							>
+								<Flex flex="1">Subject</Flex>
+								<Flex flex="3">
+									<InputGroup size="md">
+										<Input
+											pr="4.5rem"
+											type="text"
+											placeholder="Subject Line"
+											value={templateData[EmailTemplateInputDataFields.SUBJECT]}
+											isInvalid={
+												!validator[EmailTemplateInputDataFields.SUBJECT]
+											}
+											onChange={(e) =>
+												inputChangehandler(
+													EmailTemplateInputDataFields.SUBJECT,
+													e.currentTarget.value
+												)
+											}
+										/>
+									</InputGroup>
+								</Flex>
+							</Flex>
+							<Flex
+								width="100%"
+								justifyContent="flex-start"
+								alignItems="center"
+								marginBottom="2%"
+							>
+								Template Body
+							</Flex>
+							<Flex
+								width="100%"
+								justifyContent="flex-start"
+								alignItems="center"
+								border="1px solid"
+								borderColor="gray.200"
+							>
+								<EmailEditor ref={emailEditorRef} onReady={onReady} />
+							</Flex>
+						</Flex>
+					</ModalBody>
+					<ModalFooter>
+						<Button
+							variant="outline"
+							onClick={resetData}
+							isDisabled={loading}
+							marginRight="5"
+						>
+							Reset
+						</Button>
+						<Button
+							colorScheme="blue"
+							variant="solid"
+							isLoading={loading}
+							onClick={saveData}
+							isDisabled={!validateData()}
+						>
+							<Center h="100%" pt="5%">
+								Save
+							</Center>
+						</Button>
+					</ModalFooter>
+				</ModalContent>
+			</Modal>
+		</>
+	);
+};
+
+export default UpdateEmailTemplate;

dashboard/src/components/UpdateWebhookModal.tsx

@@ -2,6 +2,8 @@ import React, { useEffect, useState } from 'react';
 import {
 	Button,
 	Center,
+	Code,
+	Collapse,
 	Flex,
 	Input,
 	InputGroup,
@@ -19,20 +21,33 @@ import {
 	Text,
 	useDisclosure,
 	useToast,
+	Alert,
+	AlertIcon,
+	Divider,
 } from '@chakra-ui/react';
-import { FaMinusCircle, FaPlus } from 'react-icons/fa';
+import {
+	FaAngleDown,
+	FaAngleUp,
+	FaMinusCircle,
+	FaPlus,
+	FaRegClone,
+} from 'react-icons/fa';
 import { useClient } from 'urql';
 import {
 	webhookEventNames,
 	ArrayInputOperations,
 	WebhookInputDataFields,
 	WebhookInputHeaderFields,
-	UpdateWebhookModalViews,
+	UpdateModalViews,
 	webhookVerifiedStatus,
+	webhookPayloadExample,
 } from '../constants';
-import { capitalizeFirstLetter, validateURI } from '../utils';
+import {
+	capitalizeFirstLetter,
+	copyTextToClipboard,
+	validateURI,
+} from '../utils';
 import { AddWebhook, EditWebhook, TestEndpoint } from '../graphql/mutation';
-import { rest } from 'lodash';
 import { BiCheckCircle, BiError, BiErrorCircle } from 'react-icons/bi';
 
 interface headersDataType {
@@ -54,7 +69,7 @@ interface selecetdWebhookDataTypes {
 }
 
 interface UpdateWebhookModalInputPropTypes {
-	view: UpdateWebhookModalViews;
+	view: UpdateModalViews;
 	selectedWebhook?: selecetdWebhookDataTypes;
 	fetchWebookData: Function;
 }
@@ -82,7 +97,7 @@ interface validatorDataType {
 }
 
 const initWebhookData: webhookDataType = {
-	[WebhookInputDataFields.EVENT_NAME]: webhookEventNames.USER_LOGIN,
+	[WebhookInputDataFields.EVENT_NAME]: webhookEventNames['User login'],
 	[WebhookInputDataFields.ENDPOINT]: '',
 	[WebhookInputDataFields.ENABLED]: true,
 	[WebhookInputDataFields.HEADERS]: [{ ...initHeadersData }],
@@ -103,6 +118,7 @@ const UpdateWebhookModal = ({
 	const { isOpen, onOpen, onClose } = useDisclosure();
 	const [loading, setLoading] = useState<boolean>(false);
 	const [verifyingEndpoint, setVerifyingEndpoint] = useState<boolean>(false);
+	const [isShowingPayload, setIsShowingPayload] = useState<boolean>(false);
 	const [webhook, setWebhook] = useState<webhookDataType>({
 		...initWebhookData,
 	});
@@ -254,7 +270,7 @@ const UpdateWebhookModal = ({
 		const params = getParams();
 		let res: any = {};
 		if (
-			view === UpdateWebhookModalViews.Edit &&
+			view === UpdateModalViews.Edit &&
 			selectedWebhook?.[WebhookInputDataFields.ID]
 		) {
 			res = await client
@@ -292,12 +308,12 @@ const UpdateWebhookModal = ({
 			setValidator({ ...initWebhookValidatorData });
 			fetchWebookData();
 		}
-		view === UpdateWebhookModalViews.ADD && onClose();
+		view === UpdateModalViews.ADD && onClose();
 	};
 	useEffect(() => {
 		if (
 			isOpen &&
-			view === UpdateWebhookModalViews.Edit &&
+			view === UpdateModalViews.Edit &&
 			selectedWebhook &&
 			Object.keys(selectedWebhook || {}).length
 		) {
@@ -347,7 +363,7 @@ const UpdateWebhookModal = ({
 	};
 	return (
 		<>
-			{view === UpdateWebhookModalViews.ADD ? (
+			{view === UpdateModalViews.ADD ? (
 				<Button
 					leftIcon={<FaPlus />}
 					colorScheme="blue"
@@ -365,9 +381,7 @@ const UpdateWebhookModal = ({
 				<ModalOverlay />
 				<ModalContent>
 					<ModalHeader>
-						{view === UpdateWebhookModalViews.ADD
+						{view === UpdateModalViews.ADD ? 'Add New Webhook' : 'Edit Webhook'}
-							? 'Add New Webhook'
-							: 'Edit Webhook'}
 					</ModalHeader>
 					<ModalCloseButton />
 					<ModalBody>
@@ -457,11 +471,12 @@ const UpdateWebhookModal = ({
 									</Text>
 								</Flex>
 							</Flex>
+
 							<Flex
 								width="100%"
 								justifyContent="space-between"
 								alignItems="center"
-								marginBottom="2%"
+								marginBottom="5%"
 							>
 								<Flex>Headers</Flex>
 								<Flex>
@@ -478,7 +493,8 @@ const UpdateWebhookModal = ({
 									</Button>
 								</Flex>
 							</Flex>
-							<Flex flexDirection="column" maxH={220} overflowY="scroll">
+
+							<Flex flexDirection="column" maxH={220} overflowY="auto">
 								{webhook[WebhookInputDataFields.HEADERS]?.map(
 									(headerData, index) => (
 										<Flex
@@ -547,6 +563,54 @@ const UpdateWebhookModal = ({
 									)
 								)}
 							</Flex>
+							<Divider marginY={5} />
+
+							<Alert
+								status="info"
+								onClick={() => setIsShowingPayload(!isShowingPayload)}
+								borderRadius="5"
+								cursor="pointer"
+								fontSize="sm"
+							>
+								<AlertIcon />
+								<Flex
+									width="100%"
+									justifyContent="space-between"
+									alignItems="center"
+								>
+									Checkout the example payload
+									{isShowingPayload ? <FaAngleUp /> : <FaAngleDown />}
+								</Flex>
+							</Alert>
+							<Collapse
+								style={{
+									marginTop: 10,
+									width: '100%',
+								}}
+								in={isShowingPayload}
+							>
+								<Code
+									width="inherit"
+									borderRadius={5}
+									padding={2}
+									position="relative"
+								>
+									<pre style={{ overflow: 'auto' }}>
+										{webhookPayloadExample}
+									</pre>
+									{isShowingPayload && (
+										<Flex
+											position="absolute"
+											top={4}
+											right={4}
+											cursor="pointer"
+											onClick={() => copyTextToClipboard(webhookPayloadExample)}
+										>
+											<FaRegClone color="#bfbfbf" />
+										</Flex>
+									)}
+								</Code>
+							</Collapse>
 						</Flex>
 					</ModalBody>
 					<ModalFooter>

dashboard/src/constants.ts

@@ -9,6 +9,7 @@ export const TextInputType = {
 	FACEBOOK_CLIENT_ID: 'FACEBOOK_CLIENT_ID',
 	LINKEDIN_CLIENT_ID: 'LINKEDIN_CLIENT_ID',
 	APPLE_CLIENT_ID: 'APPLE_CLIENT_ID',
+	TWITTER_CLIENT_ID: 'TWITTER_CLIENT_ID',
 	JWT_ROLE_CLAIM: 'JWT_ROLE_CLAIM',
 	REDIS_URL: 'REDIS_URL',
 	SMTP_HOST: 'SMTP_HOST',
@@ -35,6 +36,7 @@ export const HiddenInputType = {
 	FACEBOOK_CLIENT_SECRET: 'FACEBOOK_CLIENT_SECRET',
 	LINKEDIN_CLIENT_SECRET: 'LINKEDIN_CLIENT_SECRET',
 	APPLE_CLIENT_SECRET: 'APPLE_CLIENT_SECRET',
+	TWITTER_CLIENT_SECRET: 'TWITTER_CLIENT_SECRET',
 	JWT_SECRET: 'JWT_SECRET',
 	SMTP_PASSWORD: 'SMTP_PASSWORD',
 	ADMIN_SECRET: 'ADMIN_SECRET',
@@ -68,6 +70,8 @@ export const SwitchInputType = {
 	DISABLE_SIGN_UP: 'DISABLE_SIGN_UP',
 	DISABLE_REDIS_FOR_ENV: 'DISABLE_REDIS_FOR_ENV',
 	DISABLE_STRONG_PASSWORD: 'DISABLE_STRONG_PASSWORD',
+	DISABLE_MULTI_FACTOR_AUTHENTICATION: 'DISABLE_MULTI_FACTOR_AUTHENTICATION',
+	ENFORCE_MULTI_FACTOR_AUTHENTICATION: 'ENFORCE_MULTI_FACTOR_AUTHENTICATION',
 };
 
 export const DateInputType = {
@@ -108,6 +112,8 @@ export interface envVarTypes {
 	LINKEDIN_CLIENT_SECRET: string;
 	APPLE_CLIENT_ID: string;
 	APPLE_CLIENT_SECRET: string;
+	TWITTER_CLIENT_ID: string;
+	TWITTER_CLIENT_SECRET: string;
 	ROLES: [string] | [];
 	DEFAULT_ROLES: [string] | [];
 	PROTECTED_ROLES: [string] | [];
@@ -138,6 +144,8 @@ export interface envVarTypes {
 	DATABASE_TYPE: string;
 	DATABASE_URL: string;
 	ACCESS_TOKEN_EXPIRY_TIME: string;
+	DISABLE_MULTI_FACTOR_AUTHENTICATION: boolean;
+	ENFORCE_MULTI_FACTOR_AUTHENTICATION: boolean;
 }
 
 export const envSubViews = {
@@ -162,12 +170,21 @@ export enum WebhookInputDataFields {
 	HEADERS = 'headers',
 }
 
+export enum EmailTemplateInputDataFields {
+	ID = 'id',
+	EVENT_NAME = 'event_name',
+	SUBJECT = 'subject',
+	CREATED_AT = 'created_at',
+	TEMPLATE = 'template',
+	DESIGN = 'design',
+}
+
 export enum WebhookInputHeaderFields {
 	KEY = 'key',
 	VALUE = 'value',
 }
 
-export enum UpdateWebhookModalViews {
+export enum UpdateModalViews {
 	ADD = 'add',
 	Edit = 'edit',
 }
@@ -175,12 +192,21 @@ export enum UpdateWebhookModalViews {
 export const pageLimits: number[] = [5, 10, 15];
 
 export const webhookEventNames = {
-	USER_SIGNUP: 'user.signup',
+	'User signup': 'user.signup',
-	USER_CREATED: 'user.created',
+	'User created': 'user.created',
-	USER_LOGIN: 'user.login',
+	'User login': 'user.login',
-	USER_DELETED: 'user.deleted',
+	'User deleted': 'user.deleted',
-	USER_ACCESS_ENABLED: 'user.access_enabled',
+	'User access enabled': 'user.access_enabled',
-	USER_ACCESS_REVOKED: 'user.access_revoked',
+	'User access revoked': 'user.access_revoked',
+};
+
+export const emailTemplateEventNames = {
+	Signup: 'basic_auth_signup',
+	'Magic Link Login': 'magic_link_login',
+	'Update Email': 'update_email',
+	'Forgot Password': 'forgot_password',
+	'Verify Otp': 'verify_otp',
+	'Invite member': 'invite_member',
 };
 
 export enum webhookVerifiedStatus {
@@ -188,3 +214,117 @@ export enum webhookVerifiedStatus {
 	NOT_VERIFIED = 'not_verified',
 	PENDING = 'verification_pending',
 }
+
+export const emailTemplateVariables = {
+	'user.id': {
+		description: `User identifier`,
+		value: '{.user.id}}',
+	},
+	'user.email': {
+		description: 'User email address',
+		value: '{.user.email}}',
+	},
+	'user.given_name': {
+		description: `User first name`,
+		value: '{.user.given_name}}',
+	},
+	'user.family_name': {
+		description: `User last name`,
+		value: '{.user.family_name}}',
+	},
+	'user.middle_name': {
+		description: `Middle name of user`,
+		value: '{.user.middle_name}}',
+	},
+	'user.nickname': {
+		description: `Nick name of user`,
+		value: '{.user.nickname}}',
+	},
+	'user.preferred_username': {
+		description: `Username, by default it is email`,
+		value: '{.user.preferred_username}}',
+	},
+	'user.signup_methods': {
+		description: `Comma separated list of methods using which user has signed up`,
+		value: '{.user.signup_methods}}',
+	},
+	'user.email_verified': {
+		description: `Whether email is verified or not`,
+		value: '{.user.email_verified}}',
+	},
+	'user.picture': {
+		description: `URL of the user profile picture`,
+		value: '{.user.picture}}',
+	},
+	'user.roles': {
+		description: `Comma separated list of roles assigned to user`,
+		value: '{.user.roles}}',
+	},
+	'user.gender': {
+		description: `Gender of user`,
+		value: '{.user.gender}}',
+	},
+	'user.birthdate': {
+		description: `BirthDate of user`,
+		value: '{.user.birthdate}}',
+	},
+	'user.phone_number': {
+		description: `Phone number of user`,
+		value: '{.user.phone_number}}',
+	},
+	'user.phone_number_verified': {
+		description: `Whether phone number is verified or not`,
+		value: '{.user.phone_number_verified}}',
+	},
+	'user.created_at': {
+		description: `User created at time`,
+		value: '{.user.created_at}}',
+	},
+	'user.updated_at': {
+		description: `Last updated time at user`,
+		value: '{.user.updated_at}}',
+	},
+	'organization.name': {
+		description: `Organization name`,
+		value: '{.organization.name}}',
+	},
+	'organization.logo': {
+		description: `Organization logo`,
+		value: '{.organization.logo}}',
+	},
+	verification_url: {
+		description: `Verification URL in case of events other than verify otp`,
+		value: '{.verification_url}}',
+	},
+	otp: {
+		description: `OTP sent during login with Multi factor authentication`,
+		value: '{.otp}}',
+	},
+};
+
+export const webhookPayloadExample: string = `{
+	"event_name":"user.login",
+	"user":{
+	   "birthdate":null,
+	   "created_at":1657524721,
+	   "email":"lakhan.m.samani@gmail.com",
+	   "email_verified":true,
+	   "family_name":"Samani",
+	   "gender":null,
+	   "given_name":"Lakhan",
+	   "id":"466d0b31-1b87-420e-bea5-09d05d79c586",
+	   "middle_name":null,
+	   "nickname":null,
+	   "phone_number":null,
+	   "phone_number_verified":false,
+	   "picture":"https://lh3.googleusercontent.com/a-/AFdZucppvU6a2zIDkX0wvhhapVjT0ZMKDlYCkQDi3NxcUg=s96-c",
+	   "preferred_username":"lakhan.m.samani@gmail.com",
+	   "revoked_timestamp":null,
+	   "roles":[
+		  "user"
+	   ],
+	   "signup_methods":"google",
+	   "updated_at":1657526492
+	},
+	"auth_recipe":"google"
+ }`;

dashboard/src/graphql/mutation/index.ts

@@ -112,3 +112,27 @@ export const TestEndpoint = `
     }
   }
 `;
+
+export const AddEmailTemplate = `
+  mutation addEmailTemplate($params: AddEmailTemplateRequest!) {
+    _add_email_template(params: $params) {
+      message
+    }
+  }
+`;
+
+export const EditEmailTemplate = `
+  mutation editEmailTemplate($params: UpdateEmailTemplateRequest!) {
+    _update_email_template(params: $params) {
+      message
+    }
+  }
+`;
+
+export const DeleteEmailTemplate = `
+  mutation deleteEmailTemplate($params: DeleteEmailTemplateRequest!) {
+    _delete_email_template(params: $params) {
+      message
+    }
+  }
+`;

dashboard/src/graphql/queries/index.ts

@@ -18,48 +18,52 @@ export const AdminSessionQuery = `
 export const EnvVariablesQuery = `
   query {
     _env{
-      CLIENT_ID,
+      CLIENT_ID
-      CLIENT_SECRET,
+      CLIENT_SECRET
-	    GOOGLE_CLIENT_ID,
+      GOOGLE_CLIENT_ID
-      GOOGLE_CLIENT_SECRET,
+      GOOGLE_CLIENT_SECRET
-      GITHUB_CLIENT_ID,
+      GITHUB_CLIENT_ID
-      GITHUB_CLIENT_SECRET,
+      GITHUB_CLIENT_SECRET
-      FACEBOOK_CLIENT_ID,
+      FACEBOOK_CLIENT_ID
-      FACEBOOK_CLIENT_SECRET,
+      FACEBOOK_CLIENT_SECRET
-      LINKEDIN_CLIENT_ID,
+      LINKEDIN_CLIENT_ID
-      LINKEDIN_CLIENT_SECRET,
+      LINKEDIN_CLIENT_SECRET
-      APPLE_CLIENT_ID,
+      APPLE_CLIENT_ID
-      APPLE_CLIENT_SECRET,
+      APPLE_CLIENT_SECRET
-      DEFAULT_ROLES,
+      TWITTER_CLIENT_ID
-      PROTECTED_ROLES,
+      TWITTER_CLIENT_SECRET
-      ROLES,
+      DEFAULT_ROLES
-      JWT_TYPE,
+      PROTECTED_ROLES
-      JWT_SECRET,
+      ROLES
-      JWT_ROLE_CLAIM,
+      JWT_TYPE
-      JWT_PRIVATE_KEY,
+      JWT_SECRET
-      JWT_PUBLIC_KEY,
+      JWT_ROLE_CLAIM
-      REDIS_URL,
+      JWT_PRIVATE_KEY
-      SMTP_HOST,
+      JWT_PUBLIC_KEY
-      SMTP_PORT,
+      REDIS_URL
-      SMTP_USERNAME,
+      SMTP_HOST
-      SMTP_PASSWORD,
+      SMTP_PORT
-      SENDER_EMAIL,
+      SMTP_USERNAME
-      ALLOWED_ORIGINS,
+      SMTP_PASSWORD
-      ORGANIZATION_NAME,
+      SENDER_EMAIL
-      ORGANIZATION_LOGO,
+      ALLOWED_ORIGINS
-      ADMIN_SECRET,
+      ORGANIZATION_NAME
-      DISABLE_LOGIN_PAGE,
+      ORGANIZATION_LOGO
-      DISABLE_MAGIC_LINK_LOGIN,
+      ADMIN_SECRET
-      DISABLE_EMAIL_VERIFICATION,
+      DISABLE_LOGIN_PAGE
-      DISABLE_BASIC_AUTHENTICATION,
+      DISABLE_MAGIC_LINK_LOGIN
-      DISABLE_SIGN_UP,
+      DISABLE_EMAIL_VERIFICATION
-      DISABLE_STRONG_PASSWORD,
+      DISABLE_BASIC_AUTHENTICATION
-      DISABLE_REDIS_FOR_ENV,
+      DISABLE_SIGN_UP
-      CUSTOM_ACCESS_TOKEN_SCRIPT,
+      DISABLE_STRONG_PASSWORD
-      DATABASE_NAME,
+      DISABLE_REDIS_FOR_ENV
-      DATABASE_TYPE,
+      CUSTOM_ACCESS_TOKEN_SCRIPT
-      DATABASE_URL,
+      DATABASE_NAME
-      ACCESS_TOKEN_EXPIRY_TIME,
+      DATABASE_TYPE
+      DATABASE_URL
+      ACCESS_TOKEN_EXPIRY_TIME
+      DISABLE_MULTI_FACTOR_AUTHENTICATION
+      ENFORCE_MULTI_FACTOR_AUTHENTICATION
     }
   }
 `;
@@ -123,6 +127,27 @@ export const WebhooksDataQuery = `
   }
 `;
 
+export const EmailTemplatesQuery = `
+  query getEmailTemplates($params: PaginatedInput!) {
+    _email_templates(params: $params) {
+      email_templates {
+        id
+        event_name
+        subject
+        created_at
+        template
+        design
+      }
+      pagination {
+        limit
+        page
+        offset
+        total
+      }
+    }
+  }
+`;
+
 export const WebhookLogsQuery = `
   query getWebhookLogs($params: ListWebhookLogRequest!) {
     _webhook_logs(params: $params) {

dashboard/src/pages/EmailTemplates.tsx

@@ -0,0 +1,348 @@
+import React, { useEffect, useState } from 'react';
+import { useClient } from 'urql';
+import {
+	Box,
+	Button,
+	Center,
+	Flex,
+	IconButton,
+	Menu,
+	MenuButton,
+	MenuList,
+	NumberDecrementStepper,
+	NumberIncrementStepper,
+	NumberInput,
+	NumberInputField,
+	NumberInputStepper,
+	Select,
+	Spinner,
+	Table,
+	TableCaption,
+	Tbody,
+	Td,
+	Text,
+	Th,
+	Thead,
+	Tooltip,
+	Tr,
+} from '@chakra-ui/react';
+import {
+	FaAngleDoubleLeft,
+	FaAngleDoubleRight,
+	FaAngleDown,
+	FaAngleLeft,
+	FaAngleRight,
+	FaExclamationCircle,
+} from 'react-icons/fa';
+import UpdateEmailTemplateModal from '../components/UpdateEmailTemplateModal';
+import {
+	pageLimits,
+	UpdateModalViews,
+	EmailTemplateInputDataFields,
+} from '../constants';
+import { EmailTemplatesQuery } from '../graphql/queries';
+import dayjs from 'dayjs';
+import DeleteEmailTemplateModal from '../components/DeleteEmailTemplateModal';
+
+interface paginationPropTypes {
+	limit: number;
+	page: number;
+	offset: number;
+	total: number;
+	maxPages: number;
+}
+
+interface EmailTemplateDataType {
+	[EmailTemplateInputDataFields.ID]: string;
+	[EmailTemplateInputDataFields.EVENT_NAME]: string;
+	[EmailTemplateInputDataFields.SUBJECT]: string;
+	[EmailTemplateInputDataFields.CREATED_AT]: number;
+	[EmailTemplateInputDataFields.TEMPLATE]: string;
+	[EmailTemplateInputDataFields.DESIGN]: string;
+}
+
+const EmailTemplates = () => {
+	const client = useClient();
+	const [loading, setLoading] = useState<boolean>(false);
+	const [emailTemplatesData, setEmailTemplatesData] = useState<
+		EmailTemplateDataType[]
+	>([]);
+	const [paginationProps, setPaginationProps] = useState<paginationPropTypes>({
+		limit: 5,
+		page: 1,
+		offset: 0,
+		total: 0,
+		maxPages: 1,
+	});
+	const getMaxPages = (pagination: paginationPropTypes) => {
+		const { limit, total } = pagination;
+		if (total > 1) {
+			return total % limit === 0
+				? total / limit
+				: parseInt(`${total / limit}`) + 1;
+		} else return 1;
+	};
+	const fetchEmailTemplatesData = async () => {
+		setLoading(true);
+		const res = await client
+			.query(EmailTemplatesQuery, {
+				params: {
+					pagination: {
+						limit: paginationProps.limit,
+						page: paginationProps.page,
+					},
+				},
+			})
+			.toPromise();
+		if (res.data?._email_templates) {
+			const { pagination, email_templates: emailTemplates } =
+				res.data?._email_templates;
+			const maxPages = getMaxPages(pagination);
+			if (emailTemplates?.length) {
+				setEmailTemplatesData(emailTemplates);
+				setPaginationProps({ ...paginationProps, ...pagination, maxPages });
+			} else {
+				if (paginationProps.page !== 1) {
+					setPaginationProps({
+						...paginationProps,
+						...pagination,
+						maxPages,
+						page: 1,
+					});
+				}
+			}
+		}
+		setLoading(false);
+	};
+	const paginationHandler = (value: Record<string, number>) => {
+		setPaginationProps({ ...paginationProps, ...value });
+	};
+	useEffect(() => {
+		fetchEmailTemplatesData();
+	}, [paginationProps.page, paginationProps.limit]);
+	return (
+		<Box m="5" py="5" px="10" bg="white" rounded="md">
+			<Flex margin="2% 0" justifyContent="space-between" alignItems="center">
+				<Text fontSize="md" fontWeight="bold">
+					Email Templates
+				</Text>
+				<UpdateEmailTemplateModal
+					view={UpdateModalViews.ADD}
+					fetchEmailTemplatesData={fetchEmailTemplatesData}
+				/>
+			</Flex>
+			{!loading ? (
+				emailTemplatesData.length ? (
+					<Table variant="simple">
+						<Thead>
+							<Tr>
+								<Th>Event Name</Th>
+								<Th>Subject</Th>
+								<Th>Created At</Th>
+								<Th>Actions</Th>
+							</Tr>
+						</Thead>
+						<Tbody>
+							{emailTemplatesData.map((templateData: EmailTemplateDataType) => (
+								<Tr
+									key={templateData[EmailTemplateInputDataFields.ID]}
+									style={{ fontSize: 14 }}
+								>
+									<Td maxW="300">
+										{templateData[EmailTemplateInputDataFields.EVENT_NAME]}
+									</Td>
+									<Td>{templateData[EmailTemplateInputDataFields.SUBJECT]}</Td>
+									<Td>
+										{dayjs(templateData.created_at * 1000).format(
+											'MMM DD, YYYY'
+										)}
+									</Td>
+									<Td>
+										<Menu>
+											<MenuButton as={Button} variant="unstyled" size="sm">
+												<Flex
+													justifyContent="space-between"
+													alignItems="center"
+												>
+													<Text fontSize="sm" fontWeight="light">
+														Menu
+													</Text>
+													<FaAngleDown style={{ marginLeft: 10 }} />
+												</Flex>
+											</MenuButton>
+											<MenuList>
+												<UpdateEmailTemplateModal
+													view={UpdateModalViews.Edit}
+													selectedTemplate={templateData}
+													fetchEmailTemplatesData={fetchEmailTemplatesData}
+												/>
+												<DeleteEmailTemplateModal
+													emailTemplateId={
+														templateData[EmailTemplateInputDataFields.ID]
+													}
+													eventName={
+														templateData[
+															EmailTemplateInputDataFields.EVENT_NAME
+														]
+													}
+													fetchEmailTemplatesData={fetchEmailTemplatesData}
+												/>
+											</MenuList>
+										</Menu>
+									</Td>
+								</Tr>
+							))}
+						</Tbody>
+						{(paginationProps.maxPages > 1 || paginationProps.total >= 5) && (
+							<TableCaption>
+								<Flex
+									justifyContent="space-between"
+									alignItems="center"
+									m="2% 0"
+								>
+									<Flex flex="1">
+										<Tooltip label="First Page">
+											<IconButton
+												aria-label="icon button"
+												onClick={() =>
+													paginationHandler({
+														page: 1,
+													})
+												}
+												isDisabled={paginationProps.page <= 1}
+												mr={4}
+												icon={<FaAngleDoubleLeft />}
+											/>
+										</Tooltip>
+										<Tooltip label="Previous Page">
+											<IconButton
+												aria-label="icon button"
+												onClick={() =>
+													paginationHandler({
+														page: paginationProps.page - 1,
+													})
+												}
+												isDisabled={paginationProps.page <= 1}
+												icon={<FaAngleLeft />}
+											/>
+										</Tooltip>
+									</Flex>
+									<Flex
+										flex="8"
+										justifyContent="space-evenly"
+										alignItems="center"
+									>
+										<Text mr={8}>
+											Page{' '}
+											<Text fontWeight="bold" as="span">
+												{paginationProps.page}
+											</Text>{' '}
+											of{' '}
+											<Text fontWeight="bold" as="span">
+												{paginationProps.maxPages}
+											</Text>
+										</Text>
+										<Flex alignItems="center">
+											<Text flexShrink="0">Go to page:</Text>{' '}
+											<NumberInput
+												ml={2}
+												mr={8}
+												w={28}
+												min={1}
+												max={paginationProps.maxPages}
+												onChange={(value) =>
+													paginationHandler({
+														page: parseInt(value),
+													})
+												}
+												value={paginationProps.page}
+											>
+												<NumberInputField />
+												<NumberInputStepper>
+													<NumberIncrementStepper />
+													<NumberDecrementStepper />
+												</NumberInputStepper>
+											</NumberInput>
+										</Flex>
+										<Select
+											w={32}
+											value={paginationProps.limit}
+											onChange={(e) =>
+												paginationHandler({
+													page: 1,
+													limit: parseInt(e.target.value),
+												})
+											}
+										>
+											{pageLimits.map((pageSize) => (
+												<option key={pageSize} value={pageSize}>
+													Show {pageSize}
+												</option>
+											))}
+										</Select>
+									</Flex>
+									<Flex flex="1">
+										<Tooltip label="Next Page">
+											<IconButton
+												aria-label="icon button"
+												onClick={() =>
+													paginationHandler({
+														page: paginationProps.page + 1,
+													})
+												}
+												isDisabled={
+													paginationProps.page >= paginationProps.maxPages
+												}
+												icon={<FaAngleRight />}
+											/>
+										</Tooltip>
+										<Tooltip label="Last Page">
+											<IconButton
+												aria-label="icon button"
+												onClick={() =>
+													paginationHandler({
+														page: paginationProps.maxPages,
+													})
+												}
+												isDisabled={
+													paginationProps.page >= paginationProps.maxPages
+												}
+												ml={4}
+												icon={<FaAngleDoubleRight />}
+											/>
+										</Tooltip>
+									</Flex>
+								</Flex>
+							</TableCaption>
+						)}
+					</Table>
+				) : (
+					<Flex
+						flexDirection="column"
+						minH="25vh"
+						justifyContent="center"
+						alignItems="center"
+					>
+						<Center w="50px" marginRight="1.5%">
+							<FaExclamationCircle style={{ color: '#f0f0f0', fontSize: 70 }} />
+						</Center>
+						<Text
+							fontSize="2xl"
+							paddingRight="1%"
+							fontWeight="bold"
+							color="#d9d9d9"
+						>
+							No Data
+						</Text>
+					</Flex>
+				)
+			) : (
+				<Center minH="25vh">
+					<Spinner />
+				</Center>
+			)}
+		</Box>
+	);
+};
+
+export default EmailTemplates;

dashboard/src/pages/Environment.tsx

@@ -50,6 +50,8 @@ const Environment = () => {
 		LINKEDIN_CLIENT_SECRET: '',
 		APPLE_CLIENT_ID: '',
 		APPLE_CLIENT_SECRET: '',
+		TWITTER_CLIENT_ID: '',
+		TWITTER_CLIENT_SECRET: '',
 		ROLES: [],
 		DEFAULT_ROLES: [],
 		PROTECTED_ROLES: [],
@@ -80,6 +82,8 @@ const Environment = () => {
 		DATABASE_TYPE: '',
 		DATABASE_URL: '',
 		ACCESS_TOKEN_EXPIRY_TIME: '',
+		DISABLE_MULTI_FACTOR_AUTHENTICATION: false,
+		ENFORCE_MULTI_FACTOR_AUTHENTICATION: false,
 	});
 
 	const [fieldVisibility, setFieldVisibility] = React.useState<
@@ -90,6 +94,7 @@ const Environment = () => {
 		FACEBOOK_CLIENT_SECRET: false,
 		LINKEDIN_CLIENT_SECRET: false,
 		APPLE_CLIENT_SECRET: false,
+		TWITTER_CLIENT_SECRET: false,
 		JWT_SECRET: false,
 		SMTP_PASSWORD: false,
 		ADMIN_SECRET: false,

dashboard/src/pages/Users.tsx

@@ -29,6 +29,7 @@ import {
 	MenuItem,
 	useToast,
 	Spinner,
+	TableContainer
 } from '@chakra-ui/react';
 import {
 	FaAngleLeft,
@@ -262,8 +263,7 @@ export default function Users() {
 			.toPromise();
 		if (res.data?._update_user?.id) {
 			toast({
-				title: `Multi factor authentication ${
+				title: `Multi factor authentication ${user.is_multi_factor_auth_enabled ? 'disabled' : 'enabled'
-					user.is_multi_factor_auth_enabled ? 'disabled' : 'enabled'
 					} for user`,
 				isClosable: true,
 				status: 'success',
@@ -293,6 +293,7 @@ export default function Users() {
 			</Flex>
 			{!loading ? (
 				userList.length > 0 ? (
+					<TableContainer>
 						<Table variant="simple">
 							<Thead>
 								<Tr>
@@ -302,7 +303,11 @@ export default function Users() {
 									<Th>Roles</Th>
 									<Th>Verified</Th>
 									<Th>Access</Th>
-								<Th>MFA</Th>
+									<Th>
+										<Tooltip label="MultiFactor Authentication Enabled / Disabled">
+											MFA
+										</Tooltip>
+									</Th>
 									<Th>Actions</Th>
 								</Tr>
 							</Thead>
@@ -404,13 +409,13 @@ export default function Users() {
 															<MenuItem
 																onClick={() => multiFactorAuthUpdateHandler(user)}
 															>
-															Disable MFA
+																Disable MultiFactor Authentication
 															</MenuItem>
 														) : (
 															<MenuItem
 																onClick={() => multiFactorAuthUpdateHandler(user)}
 															>
-															Enable MFA
+																Enable MultiFactor Authentication
 															</MenuItem>
 														)}
 													</MenuList>
@@ -543,6 +548,7 @@ export default function Users() {
 								</TableCaption>
 							)}
 						</Table>
+					</TableContainer>
 				) : (
 					<Flex
 						flexDirection="column"

dashboard/src/pages/Webhooks.tsx

@@ -8,7 +8,6 @@ import {
 	IconButton,
 	Menu,
 	MenuButton,
-	MenuItem,
 	MenuList,
 	NumberDecrementStepper,
 	NumberIncrementStepper,
@@ -40,7 +39,7 @@ import UpdateWebhookModal from '../components/UpdateWebhookModal';
 import {
 	pageLimits,
 	WebhookInputDataFields,
-	UpdateWebhookModalViews,
+	UpdateModalViews,
 } from '../constants';
 import { WebhooksDataQuery } from '../graphql/queries';
 import DeleteWebhookModal from '../components/DeleteWebhookModal';
@@ -125,7 +124,7 @@ const Webhooks = () => {
 					Webhooks
 				</Text>
 				<UpdateWebhookModal
-					view={UpdateWebhookModalViews.ADD}
+					view={UpdateModalViews.ADD}
 					fetchWebookData={fetchWebookData}
 				/>
 			</Flex>
@@ -196,7 +195,7 @@ const Webhooks = () => {
 											</MenuButton>
 											<MenuList>
 												<UpdateWebhookModal
-													view={UpdateWebhookModalViews.Edit}
+													view={UpdateModalViews.Edit}
 													selectedWebhook={webhook}
 													fetchWebookData={fetchWebookData}
 												/>

dashboard/src/routes/index.tsx

@@ -3,6 +3,7 @@ import { Outlet, Route, Routes } from 'react-router-dom';
 
 import { useAuthContext } from '../contexts/AuthContext';
 import { DashboardLayout } from '../layouts/DashboardLayout';
+import EmailTemplates from '../pages/EmailTemplates';
 
 const Auth = lazy(() => import('../pages/Auth'));
 const Environment = lazy(() => import('../pages/Environment'));
@@ -31,6 +32,7 @@ export const AppRoutes = () => {
 							</Route>
 							<Route path="users" element={<Users />} />
 							<Route path="webhooks" element={<Webhooks />} />
+							<Route path="email-templates" element={<EmailTemplates />} />
 							<Route path="*" element={<Home />} />
 						</Route>
 					</Routes>

dashboard/src/utils/index.ts

@@ -29,19 +29,16 @@ const fallbackCopyTextToClipboard = (text: string) => {
 	document.body.removeChild(textArea);
 };
 
-export const copyTextToClipboard = (text: string) => {
+export const copyTextToClipboard = async (text: string) => {
 	if (!navigator.clipboard) {
 		fallbackCopyTextToClipboard(text);
 		return;
 	}
-	navigator.clipboard.writeText(text).then(
+	try {
-		() => {
+		navigator.clipboard.writeText(text);
-			console.log('Async: Copying to clipboard was successful!');
+	} catch (err) {
-		},
+		throw err;
-		(err) => {
-			console.error('Async: Could not copy text: ', err);
 	}
-	);
 };
 
 export const getObjectDiff = (obj1: any, obj2: any) => {

server/constants/auth_methods.go

@@ -15,4 +15,6 @@ const (
 	AuthRecipeMethodLinkedIn = "linkedin"
 	// AuthRecipeMethodApple is the apple auth method
 	AuthRecipeMethodApple = "apple"
+	// AuthRecipeMethodTwitter is the twitter auth method
+	AuthRecipeMethodTwitter = "twitter"
 )

server/constants/env.go

@@ -49,6 +49,10 @@ const (
 	EnvKeySenderEmail = "SENDER_EMAIL"
 	// EnvKeyIsEmailServiceEnabled key for env variable IS_EMAIL_SERVICE_ENABLED
 	EnvKeyIsEmailServiceEnabled = "IS_EMAIL_SERVICE_ENABLED"
+	// EnvKeyAppCookieSecure key for env variable APP_COOKIE_SECURE
+	EnvKeyAppCookieSecure = "APP_COOKIE_SECURE"
+	// EnvKeyAdminCookieSecure key for env variable ADMIN_COOKIE_SECURE
+	EnvKeyAdminCookieSecure = "ADMIN_COOKIE_SECURE"
 	// EnvKeyJwtType key for env variable JWT_TYPE
 	EnvKeyJwtType = "JWT_TYPE"
 	// EnvKeyJwtSecret key for env variable JWT_SECRET
@@ -85,6 +89,10 @@ const (
 	EnvKeyAppleClientID = "APPLE_CLIENT_ID"
 	// EnvKeyAppleClientSecret key for env variable APPLE_CLIENT_SECRET
 	EnvKeyAppleClientSecret = "APPLE_CLIENT_SECRET"
+	// EnvKeyTwitterClientID key for env variable TWITTER_CLIENT_ID
+	EnvKeyTwitterClientID = "TWITTER_CLIENT_ID"
+	// EnvKeyTwitterClientSecret key for env variable TWITTER_CLIENT_SECRET
+	EnvKeyTwitterClientSecret = "TWITTER_CLIENT_SECRET"
 	// EnvKeyOrganizationName key for env variable ORGANIZATION_NAME
 	EnvKeyOrganizationName = "ORGANIZATION_NAME"
 	// EnvKeyOrganizationLogo key for env variable ORGANIZATION_LOGO

server/constants/oauth_info_urls.go

@@ -9,9 +9,11 @@ const (
 	// Ref: https://docs.github.com/en/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps#3-your-github-app-accesses-the-api-with-the-users-access-token
 	GithubUserInfoURL = "https://api.github.com/user"
 	// Get github user emails when user info email is empty Ref: https://stackoverflow.com/a/35387123
-	GithubUserEmails = "https://api/github.com/user/emails"
+	GithubUserEmails = "https://api.github.com/user/emails"
 
 	// Ref: https://docs.microsoft.com/en-us/linkedin/shared/integrations/people/profile-api
 	LinkedInUserInfoURL = "https://api.linkedin.com/v2/me?projection=(id,localizedFirstName,localizedLastName,emailAddress,profilePicture(displayImage~:playableStreams))"
 	LinkedInEmailURL    = "https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~))"
+
+	TwitterUserInfoURL = "https://api.twitter.com/2/users/me?user.fields=id,name,profile_image_url,username"
 )

server/constants/verification_types.go

@@ -9,4 +9,19 @@ const (
 	VerificationTypeUpdateEmail = "update_email"
 	// VerificationTypeForgotPassword is the forgot_password verification type
 	VerificationTypeForgotPassword = "forgot_password"
+	// VerificationTypeInviteMember is the invite_member verification type
+	VerificationTypeInviteMember = "invite_member"
+	// VerificationTypeOTP is the otp verification type
+	VerificationTypeOTP = "verify_otp"
+)
+
+var (
+	// VerificationTypes is slice of all verification types
+	VerificationTypes = []string{
+		VerificationTypeBasicAuthSignup,
+		VerificationTypeMagicLinkLogin,
+		VerificationTypeUpdateEmail,
+		VerificationTypeForgotPassword,
+		VerificationTypeInviteMember,
+	}
 )

server/cookie/admin_cookie.go

@@ -3,15 +3,24 @@ package cookie
 import (
 	"net/url"
 
+	log "github.com/sirupsen/logrus"
+
 	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/parsers"
 	"github.com/gin-gonic/gin"
 )
 
 // SetAdminCookie sets the admin cookie in the response
 func SetAdminCookie(gc *gin.Context, token string) {
-	secure := true
+	adminCookieSecure, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyAdminCookieSecure)
-	httpOnly := true
+	if err != nil {
+		log.Debug("Error while getting admin cookie secure from env variable: %v", err)
+		adminCookieSecure = true
+	}
+
+	secure := adminCookieSecure
+	httpOnly := adminCookieSecure
 	hostname := parsers.GetHost(gc)
 	host, _ := parsers.GetHostParts(hostname)
 	gc.SetCookie(constants.AdminCookieName, token, 3600, "/", host, secure, httpOnly)
@@ -35,8 +44,14 @@ func GetAdminCookie(gc *gin.Context) (string, error) {
 
 // DeleteAdminCookie sets the response cookie to empty
 func DeleteAdminCookie(gc *gin.Context) {
-	secure := true
+	adminCookieSecure, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyAdminCookieSecure)
-	httpOnly := true
+	if err != nil {
+		log.Debug("Error while getting admin cookie secure from env variable: %v", err)
+		adminCookieSecure = true
+	}
+
+	secure := adminCookieSecure
+	httpOnly := adminCookieSecure
 	hostname := parsers.GetHost(gc)
 	host, _ := parsers.GetHostParts(hostname)
 	gc.SetCookie(constants.AdminCookieName, "", -1, "/", host, secure, httpOnly)

server/cookie/cookie.go

@@ -4,15 +4,24 @@ import (
 	"net/http"
 	"net/url"
 
+	log "github.com/sirupsen/logrus"
+
 	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/parsers"
 	"github.com/gin-gonic/gin"
 )
 
 // SetSession sets the session cookie in the response
 func SetSession(gc *gin.Context, sessionID string) {
-	secure := true
+	appCookieSecure, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyAppCookieSecure)
-	httpOnly := true
+	if err != nil {
+		log.Debug("Error while getting app cookie secure from env variable: %v", err)
+		appCookieSecure = true
+	}
+
+	secure := appCookieSecure
+	httpOnly := appCookieSecure
 	hostname := parsers.GetHost(gc)
 	host, _ := parsers.GetHostParts(hostname)
 	domain := parsers.GetDomainName(hostname)
@@ -20,18 +29,35 @@ func SetSession(gc *gin.Context, sessionID string) {
 		domain = "." + domain
 	}
 
+	// Use sameSite = lax by default
+	// Since app cookie can come from cross site it becomes important to set this in lax mode.
+	// Example person using custom UI on their app domain and making request to authorizer domain.
+	// For more information check:
+	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
+	// https://github.com/gin-gonic/gin/blob/master/context.go#L86
+	// TODO add ability to sameSite = none / strict from dashboard
+	if !appCookieSecure {
+		gc.SetSameSite(http.SameSiteLaxMode)
+	} else {
+		gc.SetSameSite(http.SameSiteNoneMode)
+	}
 	// TODO allow configuring from dashboard
 	year := 60 * 60 * 24 * 365
 
-	gc.SetSameSite(http.SameSiteNoneMode)
 	gc.SetCookie(constants.AppCookieName+"_session", sessionID, year, "/", host, secure, httpOnly)
 	gc.SetCookie(constants.AppCookieName+"_session_domain", sessionID, year, "/", domain, secure, httpOnly)
 }
 
 // DeleteSession sets session cookies to expire
 func DeleteSession(gc *gin.Context) {
-	secure := true
+	appCookieSecure, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyAppCookieSecure)
-	httpOnly := true
+	if err != nil {
+		log.Debug("Error while getting app cookie secure from env variable: %v", err)
+		appCookieSecure = true
+	}
+
+	secure := appCookieSecure
+	httpOnly := appCookieSecure
 	hostname := parsers.GetHost(gc)
 	host, _ := parsers.GetHostParts(hostname)
 	domain := parsers.GetDomainName(hostname)

server/db/models/email_templates.go

@@ -12,7 +12,9 @@ type EmailTemplate struct {
 	Key       string `json:"_key,omitempty" bson:"_key,omitempty" cql:"_key,omitempty"` // for arangodb
 	ID        string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id" cql:"id"`
 	EventName string `gorm:"unique" json:"event_name" bson:"event_name" cql:"event_name"`
+	Subject   string `gorm:"type:text" json:"subject" bson:"subject" cql:"subject"`
 	Template  string `gorm:"type:text" json:"template" bson:"template" cql:"template"`
+	Design    string `gorm:"type:text" json:"design" bson:"design" cql:"design"`
 	CreatedAt int64  `json:"created_at" bson:"created_at" cql:"created_at"`
 	UpdatedAt int64  `json:"updated_at" bson:"updated_at" cql:"updated_at"`
 }
@@ -26,7 +28,9 @@ func (e *EmailTemplate) AsAPIEmailTemplate() *model.EmailTemplate {
 	return &model.EmailTemplate{
 		ID:        id,
 		EventName: e.EventName,
+		Subject:   e.Subject,
 		Template:  e.Template,
+		Design:    e.Design,
 		CreatedAt: refs.NewInt64Ref(e.CreatedAt),
 		UpdatedAt: refs.NewInt64Ref(e.UpdatedAt),
 	}

server/db/models/user.go

@@ -1,6 +1,7 @@
 package models
 
 import (
+	"encoding/json"
 	"strings"
 
 	"github.com/authorizerdev/authorizer/server/graph/model"
@@ -64,3 +65,10 @@ func (user *User) AsAPIUser() *model.User {
 		UpdatedAt:                refs.NewInt64Ref(user.UpdatedAt),
 	}
 }
+
+func (user *User) ToMap() map[string]interface{} {
+	res := map[string]interface{}{}
+	data, _ := json.Marshal(user) // Convert to a json string
+	json.Unmarshal(data, &res)    // Convert to a map
+	return res
+}

server/db/providers/cassandradb/email_template.go

@@ -29,7 +29,7 @@ func (p *provider) AddEmailTemplate(ctx context.Context, emailTemplate models.Em
 		return nil, fmt.Errorf("Email template with %s event_name already exists", emailTemplate.EventName)
 	}
 
-	insertQuery := fmt.Sprintf("INSERT INTO %s (id, event_name, template,  created_at, updated_at) VALUES ('%s', '%s', '%s', %d, %d)", KeySpace+"."+models.Collections.EmailTemplate, emailTemplate.ID, emailTemplate.EventName, emailTemplate.Template, emailTemplate.CreatedAt, emailTemplate.UpdatedAt)
+	insertQuery := fmt.Sprintf("INSERT INTO %s (id, event_name, subject, design, template,  created_at, updated_at) VALUES ('%s', '%s', '%s','%s','%s', %d, %d)", KeySpace+"."+models.Collections.EmailTemplate, emailTemplate.ID, emailTemplate.EventName, emailTemplate.Subject, emailTemplate.Design, emailTemplate.Template, emailTemplate.CreatedAt, emailTemplate.UpdatedAt)
 	err := p.db.Query(insertQuery).Exec()
 	if err != nil {
 		return nil, err
@@ -103,14 +103,14 @@ func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagin
 	// there is no offset in cassandra
 	// so we fetch till limit + offset
 	// and return the results from offset to limit
-	query := fmt.Sprintf("SELECT id, event_name, template, created_at, updated_at FROM %s LIMIT %d", KeySpace+"."+models.Collections.EmailTemplate, pagination.Limit+pagination.Offset)
+	query := fmt.Sprintf("SELECT id, event_name, subject, design, template, created_at, updated_at FROM %s LIMIT %d", KeySpace+"."+models.Collections.EmailTemplate, pagination.Limit+pagination.Offset)
 
 	scanner := p.db.Query(query).Iter().Scanner()
 	counter := int64(0)
 	for scanner.Next() {
 		if counter >= pagination.Offset {
 			var emailTemplate models.EmailTemplate
-			err := scanner.Scan(&emailTemplate.ID, &emailTemplate.EventName, &emailTemplate.Template, &emailTemplate.CreatedAt, &emailTemplate.UpdatedAt)
+			err := scanner.Scan(&emailTemplate.ID, &emailTemplate.EventName, &emailTemplate.Subject, &emailTemplate.Design, &emailTemplate.Template, &emailTemplate.CreatedAt, &emailTemplate.UpdatedAt)
 			if err != nil {
 				return nil, err
 			}
@@ -128,8 +128,8 @@ func (p *provider) ListEmailTemplate(ctx context.Context, pagination model.Pagin
 // GetEmailTemplateByID to get EmailTemplate by id
 func (p *provider) GetEmailTemplateByID(ctx context.Context, emailTemplateID string) (*model.EmailTemplate, error) {
 	var emailTemplate models.EmailTemplate
-	query := fmt.Sprintf(`SELECT id, event_name, template, created_at, updated_at FROM %s WHERE id = '%s' LIMIT 1`, KeySpace+"."+models.Collections.EmailTemplate, emailTemplateID)
+	query := fmt.Sprintf(`SELECT id, event_name, subject, design, template, created_at, updated_at FROM %s WHERE id = '%s' LIMIT 1`, KeySpace+"."+models.Collections.EmailTemplate, emailTemplateID)
-	err := p.db.Query(query).Consistency(gocql.One).Scan(&emailTemplate.ID, &emailTemplate.EventName, &emailTemplate.Template, &emailTemplate.CreatedAt, &emailTemplate.UpdatedAt)
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&emailTemplate.ID, &emailTemplate.EventName, &emailTemplate.Subject, &emailTemplate.Design, &emailTemplate.Template, &emailTemplate.CreatedAt, &emailTemplate.UpdatedAt)
 	if err != nil {
 		return nil, err
 	}
@@ -139,8 +139,8 @@ func (p *provider) GetEmailTemplateByID(ctx context.Context, emailTemplateID str
 // GetEmailTemplateByEventName to get EmailTemplate by event_name
 func (p *provider) GetEmailTemplateByEventName(ctx context.Context, eventName string) (*model.EmailTemplate, error) {
 	var emailTemplate models.EmailTemplate
-	query := fmt.Sprintf(`SELECT id, event_name, template, created_at, updated_at FROM %s WHERE event_name = '%s' LIMIT 1 ALLOW FILTERING`, KeySpace+"."+models.Collections.EmailTemplate, eventName)
+	query := fmt.Sprintf(`SELECT id, event_name, subject, design, template, created_at, updated_at FROM %s WHERE event_name = '%s' LIMIT 1 ALLOW FILTERING`, KeySpace+"."+models.Collections.EmailTemplate, eventName)
-	err := p.db.Query(query).Consistency(gocql.One).Scan(&emailTemplate.ID, &emailTemplate.EventName, &emailTemplate.Template, &emailTemplate.CreatedAt, &emailTemplate.UpdatedAt)
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&emailTemplate.ID, &emailTemplate.EventName, &emailTemplate.Subject, &emailTemplate.Design, &emailTemplate.Template, &emailTemplate.CreatedAt, &emailTemplate.UpdatedAt)
 	if err != nil {
 		return nil, err
 	}

server/db/providers/cassandradb/provider.go

@@ -223,6 +223,13 @@ func NewProvider() (*provider, error) {
 	if err != nil {
 		return nil, err
 	}
+	// add subject on email_templates table
+	emailTemplateAlterQuery := fmt.Sprintf(`ALTER TABLE %s.%s ADD (subject text, design text);`, KeySpace, models.Collections.EmailTemplate)
+	err = session.Query(emailTemplateAlterQuery).Exec()
+	if err != nil {
+		log.Debug("Failed to alter table as column exists: ", err)
+		// continue
+	}
 
 	otpCollection := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, email text, otp text, expires_at bigint, updated_at bigint, created_at bigint, PRIMARY KEY (id))", KeySpace, models.Collections.OTP)
 	err = session.Query(otpCollection).Exec()

server/email/email.go

@@ -2,8 +2,8 @@ package email
 
 import (
 	"bytes"
+	"context"
 	"crypto/tls"
-	"encoding/json"
 	"strconv"
 	"text/template"
 
@@ -11,27 +11,75 @@ import (
 	gomail "gopkg.in/mail.v2"
 
 	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
 )
 
-// addEmailTemplate is used to add html template in email body
+func getDefaultTemplate(event string) *model.EmailTemplate {
-func addEmailTemplate(a string, b map[string]interface{}, templateName string) string {
+	switch event {
-	tmpl, err := template.New(templateName).Parse(a)
+	case constants.VerificationTypeBasicAuthSignup, constants.VerificationTypeMagicLinkLogin, constants.VerificationTypeUpdateEmail:
-	if err != nil {
+		return &model.EmailTemplate{
-		output, _ := json.Marshal(b)
+			Subject:  emailVerificationSubject,
-		return string(output)
+			Template: emailVerificationTemplate,
 		}
-	buf := &bytes.Buffer{}
+	case constants.VerificationTypeForgotPassword:
-	err = tmpl.Execute(buf, b)
+		return &model.EmailTemplate{
-	if err != nil {
+			Subject:  forgotPasswordSubject,
-		panic(err)
+			Template: forgotPasswordTemplate,
+		}
+	case constants.VerificationTypeInviteMember:
+		return &model.EmailTemplate{
+			Subject:  inviteEmailSubject,
+			Template: inviteEmailTemplate,
+		}
+	case constants.VerificationTypeOTP:
+		return &model.EmailTemplate{
+			Subject:  otpEmailSubject,
+			Template: otpEmailTemplate,
+		}
+	default:
+		return nil
 	}
-	s := buf.String()
-	return s
 }
 
-// SendMail function to send mail
+func getEmailTemplate(event string, data map[string]interface{}) (*model.EmailTemplate, error) {
-func SendMail(to []string, Subject, bodyMessage string) error {
+	ctx := context.Background()
+	tmp, err := db.Provider.GetEmailTemplateByEventName(ctx, event)
+	if err != nil || tmp == nil {
+		tmp = getDefaultTemplate(event)
+	}
+
+	templ, err := template.New(event + "_template.tmpl").Parse(tmp.Template)
+	if err != nil {
+		return nil, err
+	}
+	buf := &bytes.Buffer{}
+	err = templ.Execute(buf, data)
+	if err != nil {
+		return nil, err
+	}
+	templateString := buf.String()
+
+	subject, err := template.New(event + "_subject.tmpl").Parse(tmp.Subject)
+	if err != nil {
+		return nil, err
+	}
+	buf = &bytes.Buffer{}
+	err = subject.Execute(buf, data)
+	if err != nil {
+		return nil, err
+	}
+	subjectString := buf.String()
+
+	return &model.EmailTemplate{
+		Template: templateString,
+		Subject:  subjectString,
+	}, nil
+}
+
+// SendEmail function to send mail
+func SendEmail(to []string, event string, data map[string]interface{}) error {
 	// dont trigger email sending in case of test
 	envKey, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyEnv)
 	if err != nil {
@@ -40,6 +88,13 @@ func SendMail(to []string, Subject, bodyMessage string) error {
 	if envKey == constants.TestEnv {
 		return nil
 	}
+
+	tmp, err := getEmailTemplate(event, data)
+	if err != nil {
+		log.Errorf("Failed to get event template: ", err)
+		return err
+	}
+
 	m := gomail.NewMessage()
 	senderEmail, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeySenderEmail)
 	if err != nil {
@@ -79,8 +134,8 @@ func SendMail(to []string, Subject, bodyMessage string) error {
 
 	m.SetHeader("From", senderEmail)
 	m.SetHeader("To", to...)
-	m.SetHeader("Subject", Subject)
+	m.SetHeader("Subject", tmp.Subject)
-	m.SetBody("text/html", bodyMessage)
+	m.SetBody("text/html", tmp.Template)
 	port, _ := strconv.Atoi(smtpPort)
 	d := gomail.NewDialer(smtpHost, port, smtpUsername, smtpPassword)
 	if !isProd {

server/email/email_verification.go

@@ -1,19 +1,8 @@
 package email
 
-import (
+const (
-	log "github.com/sirupsen/logrus"
+	emailVerificationSubject  = "Please verify your email"
-
+	emailVerificationTemplate = `
-	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/memorystore"
-)
-
-// SendVerificationMail to send verification email
-func SendVerificationMail(toEmail, token, hostname string) error {
-	// The receiver needs to be in slice as the receive supports multiple receiver
-	Receiver := []string{toEmail}
-
-	Subject := "Please verify your email"
-	message := `
 	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
     <html xmlns="http://www.w3.org/1999/xhtml" xmlns:o="urn:schemas-microsoft-com:office:office">
         <head>
@@ -98,23 +87,4 @@ func SendVerificationMail(toEmail, token, hostname string) error {
         </body>
     </html>
 	`
-	data := make(map[string]interface{}, 3)
+)
-	var err error
-	data["org_logo"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
-	if err != nil {
-		return err
-	}
-	data["org_name"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
-	if err != nil {
-		return err
-	}
-	data["verification_url"] = hostname + "/verify_email?token=" + token
-	message = addEmailTemplate(message, data, "verify_email.tmpl")
-	// bodyMessage := sender.WriteHTMLEmail(Receiver, Subject, message)
-
-	err = SendMail(Receiver, Subject, message)
-	if err != nil {
-		log.Warn("error sending email: ", err)
-	}
-	return err
-}

server/email/forgot_password_email.go

@@ -1,28 +1,8 @@
 package email
 
-import (
+const (
-	"github.com/authorizerdev/authorizer/server/constants"
+	forgotPasswordSubject  = "Reset Password"
-	"github.com/authorizerdev/authorizer/server/memorystore"
+	forgotPasswordTemplate = `
-)
-
-// SendForgotPasswordMail to send forgot password email
-func SendForgotPasswordMail(toEmail, token, hostname string) error {
-	resetPasswordUrl, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyResetPasswordURL)
-	if err != nil {
-		return err
-	}
-	if resetPasswordUrl == "" {
-		if err := memorystore.Provider.UpdateEnvVariable(constants.EnvKeyResetPasswordURL, hostname+"/app/reset-password"); err != nil {
-			return err
-		}
-	}
-
-	// The receiver needs to be in slice as the receive supports multiple receiver
-	Receiver := []string{toEmail}
-
-	Subject := "Reset Password"
-
-	message := `
 	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
     <html xmlns="http://www.w3.org/1999/xhtml" xmlns:o="urn:schemas-microsoft-com:office:office">
         <head>
@@ -73,13 +53,13 @@ func SendForgotPasswordMail(toEmail, token, hostname string) error {
                                                                                 <table width="100%%" cellspacing="0" cellpadding="0">
                                                                                     <tbody>
                                                                                         <tr>
-                                                                                            <td class="esd-block-image es-m-txt-c es-p5b" style="font-size:0;padding:10px" align="center"><a target="_blank" clicktracking="off"><img src="{{.org_logo}}" alt="icon" style="display: block;" title="icon" width="30"></a></td>
+                                                                                            <td class="esd-block-image es-m-txt-c es-p5b" style="font-size:0;padding:10px" align="center"><a target="_blank" clicktracking="off"><img src="{{.organization.logo}}" alt="icon" style="display: block;" title="icon" width="30"></a></td>
                                                                                         </tr>
                                                                                         
                                                                                         <tr style="background: rgb(249,250,251);padding: 10px;margin-bottom:10px;border-radius:5px;">
                                                                                             <td class="esd-block-text es-m-txt-c es-p15t" align="center" style="padding:10px;padding-bottom:30px;">
                                                                                                 <p>Hey there 👋</p>
-                                                                                                <p>We have received a request to reset password for email: <b>{{.org_name}}</b>. If this is correct, please reset the password clicking the button below.</p> <br/>
+                                                                                                <p>We have received a request to reset password for email: <b>{{.organization.name}}</b>. If this is correct, please reset the password clicking the button below.</p> <br/>
                                                                                                 <a clicktracking="off" href="{{.verification_url}}" class="es-button" target="_blank" style="text-decoration: none;padding:10px 15px;background-color: rgba(59,130,246,1);color: #fff;font-size: 1em;border-radius:5px;">Reset Password</a>
                                                                                             </td>
                                                                                         </tr>
@@ -106,18 +86,4 @@ func SendForgotPasswordMail(toEmail, token, hostname string) error {
         </body>
     </html>
 	`
-
+)
-	data := make(map[string]interface{}, 3)
-	data["org_logo"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
-	if err != nil {
-		return err
-	}
-	data["org_name"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
-	if err != nil {
-		return err
-	}
-	data["verification_url"] = resetPasswordUrl + "?token=" + token
-	message = addEmailTemplate(message, data, "reset_password_email.tmpl")
-
-	return SendMail(Receiver, Subject, message)
-}

server/email/invite_email.go

@@ -1,19 +1,8 @@
 package email
 
-import (
+const (
-	log "github.com/sirupsen/logrus"
+	inviteEmailSubject  = "Please accept the invitation"
-
+	inviteEmailTemplate = `
-	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/memorystore"
-)
-
-// InviteEmail to send invite email
-func InviteEmail(toEmail, token, verificationURL, redirectURI string) error {
-	// The receiver needs to be in slice as the receive supports multiple receiver
-	Receiver := []string{toEmail}
-
-	Subject := "Please accept the invitation"
-	message := `
 	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
     <html xmlns="http://www.w3.org/1999/xhtml" xmlns:o="urn:schemas-microsoft-com:office:office">
         <head>
@@ -64,13 +53,13 @@ func InviteEmail(toEmail, token, verificationURL, redirectURI string) error {
                                                                                 <table width="100%%" cellspacing="0" cellpadding="0">
                                                                                     <tbody>
                                                                                         <tr>
-                                                                                            <td class="esd-block-image es-m-txt-c es-p5b" style="font-size:0;padding:10px" align="center"><a target="_blank" clicktracking="off"><img src="{{.org_logo}}" alt="icon" style="display: block;" title="icon" width="30"></a></td>
+                                                                                            <td class="esd-block-image es-m-txt-c es-p5b" style="font-size:0;padding:10px" align="center"><a target="_blank" clicktracking="off"><img src="{{.organization.logo}}" alt="icon" style="display: block;" title="icon" width="30"></a></td>
                                                                                         </tr>
                                                                                         
                                                                                         <tr style="background: rgb(249,250,251);padding: 10px;margin-bottom:10px;border-radius:5px;">
                                                                                             <td class="esd-block-text es-m-txt-c es-p15t" align="center" style="padding:10px;padding-bottom:30px;">
                                                                                                 <p>Hi there 👋</p>
-                                                                                                <p>Join us! You are invited to sign-up for <b>{{.org_name}}</b>. Please accept the invitation by clicking the button below.</p> <br/>
+                                                                                                <p>Join us! You are invited to sign-up for <b>{{.organization.name}}</b>. Please accept the invitation by clicking the button below.</p> <br/>
                                                                                                 <a 
                                                                                                 clicktracking="off" href="{{.verification_url}}" class="es-button" target="_blank" style="text-decoration: none;padding:10px 15px;background-color: rgba(59,130,246,1);color: #fff;font-size: 1em;border-radius:5px;">Get Started</a>
                                                                                             </td>
@@ -98,23 +87,4 @@ func InviteEmail(toEmail, token, verificationURL, redirectURI string) error {
         </body>
     </html>
 	`
-	data := make(map[string]interface{}, 3)
+)
-	var err error
-	data["org_logo"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
-	if err != nil {
-		return err
-	}
-	data["org_name"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
-	if err != nil {
-		return err
-	}
-	data["verification_url"] = verificationURL + "?token=" + token + "&redirect_uri=" + redirectURI
-	message = addEmailTemplate(message, data, "invite_email.tmpl")
-	// bodyMessage := sender.WriteHTMLEmail(Receiver, Subject, message)
-
-	err = SendMail(Receiver, Subject, message)
-	if err != nil {
-		log.Warn("error sending email: ", err)
-	}
-	return err
-}

server/email/otp.go

@@ -1,19 +1,8 @@
 package email
 
-import (
+const (
-	log "github.com/sirupsen/logrus"
+	otpEmailSubject  = "OTP for your multi factor authentication"
-
+	otpEmailTemplate = `
-	"github.com/authorizerdev/authorizer/server/constants"
-	"github.com/authorizerdev/authorizer/server/memorystore"
-)
-
-// SendOtpMail to send otp email
-func SendOtpMail(toEmail, otp string) error {
-	// The receiver needs to be in slice as the receive supports multiple receiver
-	Receiver := []string{toEmail}
-
-	Subject := "OTP for your multi factor authentication"
-	message := `
 	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
     <html xmlns="http://www.w3.org/1999/xhtml" xmlns:o="urn:schemas-microsoft-com:office:office">
         <head>
@@ -64,13 +53,13 @@ func SendOtpMail(toEmail, otp string) error {
                                                                                 <table width="100%%" cellspacing="0" cellpadding="0">
                                                                                     <tbody>
                                                                                         <tr>
-                                                                                            <td class="esd-block-image es-m-txt-c es-p5b" style="font-size:0;padding:10px" align="center"><a target="_blank" clicktracking="off"><img src="{{.org_logo}}" alt="icon" style="display: block;" title="icon" width="30"></a></td>
+                                                                                            <td class="esd-block-image es-m-txt-c es-p5b" style="font-size:0;padding:10px" align="center"><a target="_blank" clicktracking="off"><img src="{{.organization.logo}}" alt="icon" style="display: block;" title="icon" width="30"></a></td>
                                                                                         </tr>
                                                                                         
                                                                                         <tr style="background: rgb(249,250,251);padding: 10px;margin-bottom:10px;border-radius:5px;">
                                                                                             <td class="esd-block-text es-m-txt-c es-p15t" align="center" style="padding:10px;padding-bottom:30px;">
                                                                                                 <p>Hey there 👋</p>
-                                                                                                <b>{{.otp}}</b> is your one time password (OTP) for accessing {{.org_name}}. Please keep your OTP confidential and it will expire in 1 minute.
+                                                                                                <b>{{.otp}}</b> is your one time password (OTP) for accessing {{.organization.name}}. Please keep your OTP confidential and it will expire in 1 minute.
                                                                                             </td>
                                                                                         </tr>
                                                                                     </tbody>
@@ -96,23 +85,4 @@ func SendOtpMail(toEmail, otp string) error {
         </body>
     </html>
 	`
-	data := make(map[string]interface{}, 3)
+)
-	var err error
-	data["org_logo"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
-	if err != nil {
-		return err
-	}
-	data["org_name"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
-	if err != nil {
-		return err
-	}
-	data["otp"] = otp
-	message = addEmailTemplate(message, data, "otp.tmpl")
-	// bodyMessage := sender.WriteHTMLEmail(Receiver, Subject, message)
-
-	err = SendMail(Receiver, Subject, message)
-	if err != nil {
-		log.Warn("error sending email: ", err)
-	}
-	return err
-}

server/env/env.go

@@ -72,11 +72,15 @@ func InitAllEnv() error {
 	osLinkedInClientSecret := os.Getenv(constants.EnvKeyLinkedInClientSecret)
 	osAppleClientID := os.Getenv(constants.EnvKeyAppleClientID)
 	osAppleClientSecret := os.Getenv(constants.EnvKeyAppleClientSecret)
+	osTwitterClientID := os.Getenv(constants.EnvKeyTwitterClientID)
+	osTwitterClientSecret := os.Getenv(constants.EnvKeyTwitterClientSecret)
 	osResetPasswordURL := os.Getenv(constants.EnvKeyResetPasswordURL)
 	osOrganizationName := os.Getenv(constants.EnvKeyOrganizationName)
 	osOrganizationLogo := os.Getenv(constants.EnvKeyOrganizationLogo)
 
 	// os bool vars
+	osAppCookieSecure := os.Getenv(constants.EnvKeyAppCookieSecure)
+	osAdminCookieSecure := os.Getenv(constants.EnvKeyAdminCookieSecure)
 	osDisableBasicAuthentication := os.Getenv(constants.EnvKeyDisableBasicAuthentication)
 	osDisableEmailVerification := os.Getenv(constants.EnvKeyDisableEmailVerification)
 	osDisableMagicLinkLogin := os.Getenv(constants.EnvKeyDisableMagicLinkLogin)
@@ -355,31 +359,45 @@ func InitAllEnv() error {
 	if val, ok := envData[constants.EnvKeyLinkedInClientID]; !ok || val == "" {
 		envData[constants.EnvKeyLinkedInClientID] = osLinkedInClientID
 	}
-	if osFacebookClientID != "" && envData[constants.EnvKeyLinkedInClientID] != osFacebookClientID {
+	if osLinkedInClientID != "" && envData[constants.EnvKeyLinkedInClientID] != osLinkedInClientID {
 		envData[constants.EnvKeyLinkedInClientID] = osLinkedInClientID
 	}
 
 	if val, ok := envData[constants.EnvKeyLinkedInClientSecret]; !ok || val == "" {
 		envData[constants.EnvKeyLinkedInClientSecret] = osLinkedInClientSecret
 	}
-	if osFacebookClientSecret != "" && envData[constants.EnvKeyLinkedInClientSecret] != osFacebookClientSecret {
+	if osLinkedInClientSecret != "" && envData[constants.EnvKeyLinkedInClientSecret] != osLinkedInClientSecret {
 		envData[constants.EnvKeyLinkedInClientSecret] = osLinkedInClientSecret
 	}
 
 	if val, ok := envData[constants.EnvKeyAppleClientID]; !ok || val == "" {
 		envData[constants.EnvKeyAppleClientID] = osAppleClientID
 	}
-	if osFacebookClientID != "" && envData[constants.EnvKeyAppleClientID] != osFacebookClientID {
+	if osAppleClientID != "" && envData[constants.EnvKeyAppleClientID] != osAppleClientID {
 		envData[constants.EnvKeyAppleClientID] = osAppleClientID
 	}
 
 	if val, ok := envData[constants.EnvKeyAppleClientSecret]; !ok || val == "" {
 		envData[constants.EnvKeyAppleClientSecret] = osAppleClientSecret
 	}
-	if osFacebookClientSecret != "" && envData[constants.EnvKeyAppleClientSecret] != osFacebookClientSecret {
+	if osAppleClientSecret != "" && envData[constants.EnvKeyAppleClientSecret] != osAppleClientSecret {
 		envData[constants.EnvKeyAppleClientSecret] = osAppleClientSecret
 	}
 
+	if val, ok := envData[constants.EnvKeyTwitterClientID]; !ok || val == "" {
+		envData[constants.EnvKeyTwitterClientID] = osTwitterClientID
+	}
+	if osTwitterClientID != "" && envData[constants.EnvKeyTwitterClientID] != osTwitterClientID {
+		envData[constants.EnvKeyTwitterClientID] = osTwitterClientID
+	}
+
+	if val, ok := envData[constants.EnvKeyTwitterClientSecret]; !ok || val == "" {
+		envData[constants.EnvKeyTwitterClientSecret] = osTwitterClientSecret
+	}
+	if osTwitterClientSecret != "" && envData[constants.EnvKeyTwitterClientSecret] != osTwitterClientSecret {
+		envData[constants.EnvKeyTwitterClientSecret] = osTwitterClientSecret
+	}
+
 	if val, ok := envData[constants.EnvKeyResetPasswordURL]; !ok || val == "" {
 		envData[constants.EnvKeyResetPasswordURL] = strings.TrimPrefix(osResetPasswordURL, "/")
 	}
@@ -401,6 +419,40 @@ func InitAllEnv() error {
 		envData[constants.EnvKeyOrganizationLogo] = osOrganizationLogo
 	}
 
+	if _, ok := envData[constants.EnvKeyAppCookieSecure]; !ok {
+		if osAppCookieSecure == "" {
+			envData[constants.EnvKeyAppCookieSecure] = true
+		} else {
+			envData[constants.EnvKeyAppCookieSecure] = osAppCookieSecure == "true"
+		}
+	}
+	if osAppCookieSecure != "" {
+		boolValue, err := strconv.ParseBool(osAppCookieSecure)
+		if err != nil {
+			return err
+		}
+		if boolValue != envData[constants.EnvKeyAppCookieSecure].(bool) {
+			envData[constants.EnvKeyAppCookieSecure] = boolValue
+		}
+	}
+
+	if _, ok := envData[constants.EnvKeyAdminCookieSecure]; !ok {
+		if osAdminCookieSecure == "" {
+			envData[constants.EnvKeyAdminCookieSecure] = true
+		} else {
+			envData[constants.EnvKeyAdminCookieSecure] = osAdminCookieSecure == "true"
+		}
+	}
+	if osAdminCookieSecure != "" {
+		boolValue, err := strconv.ParseBool(osAdminCookieSecure)
+		if err != nil {
+			return err
+		}
+		if boolValue != envData[constants.EnvKeyAdminCookieSecure].(bool) {
+			envData[constants.EnvKeyAdminCookieSecure] = boolValue
+		}
+	}
+
 	if _, ok := envData[constants.EnvKeyDisableBasicAuthentication]; !ok {
 		envData[constants.EnvKeyDisableBasicAuthentication] = osDisableBasicAuthentication == "true"
 	}

server/env/persist_env.go

@@ -201,7 +201,7 @@ func PersistEnv() error {
 				envValue := strings.TrimSpace(os.Getenv(key))
 				if envValue != "" {
 					switch key {
-					case constants.EnvKeyIsProd, constants.EnvKeyDisableBasicAuthentication, constants.EnvKeyDisableEmailVerification, constants.EnvKeyDisableLoginPage, constants.EnvKeyDisableMagicLinkLogin, constants.EnvKeyDisableSignUp, constants.EnvKeyDisableRedisForEnv, constants.EnvKeyDisableStrongPassword, constants.EnvKeyIsEmailServiceEnabled, constants.EnvKeyEnforceMultiFactorAuthentication, constants.EnvKeyDisableMultiFactorAuthentication:
+					case constants.EnvKeyIsProd, constants.EnvKeyDisableBasicAuthentication, constants.EnvKeyDisableEmailVerification, constants.EnvKeyDisableLoginPage, constants.EnvKeyDisableMagicLinkLogin, constants.EnvKeyDisableSignUp, constants.EnvKeyDisableRedisForEnv, constants.EnvKeyDisableStrongPassword, constants.EnvKeyIsEmailServiceEnabled, constants.EnvKeyEnforceMultiFactorAuthentication, constants.EnvKeyDisableMultiFactorAuthentication, constants.EnvKeyAdminCookieSecure, constants.EnvKeyAppCookieSecure:
 						if envValueBool, err := strconv.ParseBool(envValue); err == nil {
 							if value.(bool) != envValueBool {
 								storeData[key] = envValueBool

server/graph/generated/generated.go

@@ -55,8 +55,10 @@ type ComplexityRoot struct {
 
 	EmailTemplate struct {
 		CreatedAt func(childComplexity int) int
+		Design    func(childComplexity int) int
 		EventName func(childComplexity int) int
 		ID        func(childComplexity int) int
+		Subject   func(childComplexity int) int
 		Template  func(childComplexity int) int
 		UpdatedAt func(childComplexity int) int
 	}
@@ -117,6 +119,8 @@ type ComplexityRoot struct {
 		SMTPPort                         func(childComplexity int) int
 		SMTPUsername                     func(childComplexity int) int
 		SenderEmail                      func(childComplexity int) int
+		TwitterClientID                  func(childComplexity int) int
+		TwitterClientSecret              func(childComplexity int) int
 	}
 
 	Error struct {
@@ -143,6 +147,7 @@ type ComplexityRoot struct {
 		IsMultiFactorAuthEnabled     func(childComplexity int) int
 		IsSignUpEnabled              func(childComplexity int) int
 		IsStrongPasswordEnabled      func(childComplexity int) int
+		IsTwitterLoginEnabled        func(childComplexity int) int
 		Version                      func(childComplexity int) int
 	}
 
@@ -405,6 +410,13 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in
 
 		return e.complexity.EmailTemplate.CreatedAt(childComplexity), true
 
+	case "EmailTemplate.design":
+		if e.complexity.EmailTemplate.Design == nil {
+			break
+		}
+
+		return e.complexity.EmailTemplate.Design(childComplexity), true
+
 	case "EmailTemplate.event_name":
 		if e.complexity.EmailTemplate.EventName == nil {
 			break
@@ -419,6 +431,13 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in
 
 		return e.complexity.EmailTemplate.ID(childComplexity), true
 
+	case "EmailTemplate.subject":
+		if e.complexity.EmailTemplate.Subject == nil {
+			break
+		}
+
+		return e.complexity.EmailTemplate.Subject(childComplexity), true
+
 	case "EmailTemplate.template":
 		if e.complexity.EmailTemplate.Template == nil {
 			break
@@ -433,7 +452,7 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in
 
 		return e.complexity.EmailTemplate.UpdatedAt(childComplexity), true
 
-	case "EmailTemplates.EmailTemplates":
+	case "EmailTemplates.email_templates":
 		if e.complexity.EmailTemplates.EmailTemplates == nil {
 			break
 		}
@@ -797,6 +816,20 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in
 
 		return e.complexity.Env.SenderEmail(childComplexity), true
 
+	case "Env.TWITTER_CLIENT_ID":
+		if e.complexity.Env.TwitterClientID == nil {
+			break
+		}
+
+		return e.complexity.Env.TwitterClientID(childComplexity), true
+
+	case "Env.TWITTER_CLIENT_SECRET":
+		if e.complexity.Env.TwitterClientSecret == nil {
+			break
+		}
+
+		return e.complexity.Env.TwitterClientSecret(childComplexity), true
+
 	case "Error.message":
 		if e.complexity.Error.Message == nil {
 			break
@@ -916,6 +949,13 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in
 
 		return e.complexity.Meta.IsStrongPasswordEnabled(childComplexity), true
 
+	case "Meta.is_twitter_login_enabled":
+		if e.complexity.Meta.IsTwitterLoginEnabled == nil {
+			break
+		}
+
+		return e.complexity.Meta.IsTwitterLoginEnabled(childComplexity), true
+
 	case "Meta.version":
 		if e.complexity.Meta.Version == nil {
 			break
@@ -1877,6 +1917,7 @@ type Meta {
 	is_github_login_enabled: Boolean!
 	is_linkedin_login_enabled: Boolean!
 	is_apple_login_enabled: Boolean!
+	is_twitter_login_enabled: Boolean!
 	is_email_verification_enabled: Boolean!
 	is_basic_authentication_enabled: Boolean!
 	is_magic_link_login_enabled: Boolean!
@@ -1998,6 +2039,8 @@ type Env {
 	LINKEDIN_CLIENT_SECRET: String
 	APPLE_CLIENT_ID: String
 	APPLE_CLIENT_SECRET: String
+	TWITTER_CLIENT_ID: String
+	TWITTER_CLIENT_SECRET: String
 	ORGANIZATION_NAME: String
 	ORGANIZATION_LOGO: String
 }
@@ -2051,13 +2094,15 @@ type EmailTemplate {
 	id: ID!
 	event_name: String!
 	template: String!
+	design: String!
+	subject: String!
 	created_at: Int64
 	updated_at: Int64
 }
 
 type EmailTemplates {
 	pagination: Pagination!
-	EmailTemplates: [EmailTemplate!]!
+	email_templates: [EmailTemplate!]!
 }
 
 input UpdateEnvInput {
@@ -2100,6 +2145,8 @@ input UpdateEnvInput {
 	LINKEDIN_CLIENT_SECRET: String
 	APPLE_CLIENT_ID: String
 	APPLE_CLIENT_SECRET: String
+	TWITTER_CLIENT_ID: String
+	TWITTER_CLIENT_SECRET: String
 	ORGANIZATION_NAME: String
 	ORGANIZATION_LOGO: String
 }
@@ -2271,13 +2318,17 @@ input TestEndpointRequest {
 
 input AddEmailTemplateRequest {
 	event_name: String!
+	subject: String!
 	template: String!
+	design: String!
 }
 
 input UpdateEmailTemplateRequest {
 	id: ID!
 	event_name: String
 	template: String
+	subject: String
+	design: String
 }
 
 input DeleteEmailTemplateRequest {
@@ -3259,6 +3310,76 @@ func (ec *executionContext) _EmailTemplate_template(ctx context.Context, field g
 	return ec.marshalNString2string(ctx, field.Selections, res)
 }
 
+func (ec *executionContext) _EmailTemplate_design(ctx context.Context, field graphql.CollectedField, obj *model.EmailTemplate) (ret graphql.Marshaler) {
+	defer func() {
+		if r := recover(); r != nil {
+			ec.Error(ctx, ec.Recover(ctx, r))
+			ret = graphql.Null
+		}
+	}()
+	fc := &graphql.FieldContext{
+		Object:     "EmailTemplate",
+		Field:      field,
+		Args:       nil,
+		IsMethod:   false,
+		IsResolver: false,
+	}
+
+	ctx = graphql.WithFieldContext(ctx, fc)
+	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
+		ctx = rctx // use context from middleware stack in children
+		return obj.Design, nil
+	})
+	if err != nil {
+		ec.Error(ctx, err)
+		return graphql.Null
+	}
+	if resTmp == nil {
+		if !graphql.HasFieldError(ctx, fc) {
+			ec.Errorf(ctx, "must not be null")
+		}
+		return graphql.Null
+	}
+	res := resTmp.(string)
+	fc.Result = res
+	return ec.marshalNString2string(ctx, field.Selections, res)
+}
+
+func (ec *executionContext) _EmailTemplate_subject(ctx context.Context, field graphql.CollectedField, obj *model.EmailTemplate) (ret graphql.Marshaler) {
+	defer func() {
+		if r := recover(); r != nil {
+			ec.Error(ctx, ec.Recover(ctx, r))
+			ret = graphql.Null
+		}
+	}()
+	fc := &graphql.FieldContext{
+		Object:     "EmailTemplate",
+		Field:      field,
+		Args:       nil,
+		IsMethod:   false,
+		IsResolver: false,
+	}
+
+	ctx = graphql.WithFieldContext(ctx, fc)
+	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
+		ctx = rctx // use context from middleware stack in children
+		return obj.Subject, nil
+	})
+	if err != nil {
+		ec.Error(ctx, err)
+		return graphql.Null
+	}
+	if resTmp == nil {
+		if !graphql.HasFieldError(ctx, fc) {
+			ec.Errorf(ctx, "must not be null")
+		}
+		return graphql.Null
+	}
+	res := resTmp.(string)
+	fc.Result = res
+	return ec.marshalNString2string(ctx, field.Selections, res)
+}
+
 func (ec *executionContext) _EmailTemplate_created_at(ctx context.Context, field graphql.CollectedField, obj *model.EmailTemplate) (ret graphql.Marshaler) {
 	defer func() {
 		if r := recover(); r != nil {
@@ -3358,7 +3479,7 @@ func (ec *executionContext) _EmailTemplates_pagination(ctx context.Context, fiel
 	return ec.marshalNPagination2ᚖgithubᚗcomᚋauthorizerdevᚋauthorizerᚋserverᚋgraphᚋmodelᚐPagination(ctx, field.Selections, res)
 }
 
-func (ec *executionContext) _EmailTemplates_EmailTemplates(ctx context.Context, field graphql.CollectedField, obj *model.EmailTemplates) (ret graphql.Marshaler) {
+func (ec *executionContext) _EmailTemplates_email_templates(ctx context.Context, field graphql.CollectedField, obj *model.EmailTemplates) (ret graphql.Marshaler) {
 	defer func() {
 		if r := recover(); r != nil {
 			ec.Error(ctx, ec.Recover(ctx, r))
@@ -4962,6 +5083,70 @@ func (ec *executionContext) _Env_APPLE_CLIENT_SECRET(ctx context.Context, field
 	return ec.marshalOString2ᚖstring(ctx, field.Selections, res)
 }
 
+func (ec *executionContext) _Env_TWITTER_CLIENT_ID(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
+	defer func() {
+		if r := recover(); r != nil {
+			ec.Error(ctx, ec.Recover(ctx, r))
+			ret = graphql.Null
+		}
+	}()
+	fc := &graphql.FieldContext{
+		Object:     "Env",
+		Field:      field,
+		Args:       nil,
+		IsMethod:   false,
+		IsResolver: false,
+	}
+
+	ctx = graphql.WithFieldContext(ctx, fc)
+	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
+		ctx = rctx // use context from middleware stack in children
+		return obj.TwitterClientID, nil
+	})
+	if err != nil {
+		ec.Error(ctx, err)
+		return graphql.Null
+	}
+	if resTmp == nil {
+		return graphql.Null
+	}
+	res := resTmp.(*string)
+	fc.Result = res
+	return ec.marshalOString2ᚖstring(ctx, field.Selections, res)
+}
+
+func (ec *executionContext) _Env_TWITTER_CLIENT_SECRET(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
+	defer func() {
+		if r := recover(); r != nil {
+			ec.Error(ctx, ec.Recover(ctx, r))
+			ret = graphql.Null
+		}
+	}()
+	fc := &graphql.FieldContext{
+		Object:     "Env",
+		Field:      field,
+		Args:       nil,
+		IsMethod:   false,
+		IsResolver: false,
+	}
+
+	ctx = graphql.WithFieldContext(ctx, fc)
+	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
+		ctx = rctx // use context from middleware stack in children
+		return obj.TwitterClientSecret, nil
+	})
+	if err != nil {
+		ec.Error(ctx, err)
+		return graphql.Null
+	}
+	if resTmp == nil {
+		return graphql.Null
+	}
+	res := resTmp.(*string)
+	fc.Result = res
+	return ec.marshalOString2ᚖstring(ctx, field.Selections, res)
+}
+
 func (ec *executionContext) _Env_ORGANIZATION_NAME(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
 	defer func() {
 		if r := recover(); r != nil {
@@ -5437,6 +5622,41 @@ func (ec *executionContext) _Meta_is_apple_login_enabled(ctx context.Context, fi
 	return ec.marshalNBoolean2bool(ctx, field.Selections, res)
 }
 
+func (ec *executionContext) _Meta_is_twitter_login_enabled(ctx context.Context, field graphql.CollectedField, obj *model.Meta) (ret graphql.Marshaler) {
+	defer func() {
+		if r := recover(); r != nil {
+			ec.Error(ctx, ec.Recover(ctx, r))
+			ret = graphql.Null
+		}
+	}()
+	fc := &graphql.FieldContext{
+		Object:     "Meta",
+		Field:      field,
+		Args:       nil,
+		IsMethod:   false,
+		IsResolver: false,
+	}
+
+	ctx = graphql.WithFieldContext(ctx, fc)
+	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
+		ctx = rctx // use context from middleware stack in children
+		return obj.IsTwitterLoginEnabled, nil
+	})
+	if err != nil {
+		ec.Error(ctx, err)
+		return graphql.Null
+	}
+	if resTmp == nil {
+		if !graphql.HasFieldError(ctx, fc) {
+			ec.Errorf(ctx, "must not be null")
+		}
+		return graphql.Null
+	}
+	res := resTmp.(bool)
+	fc.Result = res
+	return ec.marshalNBoolean2bool(ctx, field.Selections, res)
+}
+
 func (ec *executionContext) _Meta_is_email_verification_enabled(ctx context.Context, field graphql.CollectedField, obj *model.Meta) (ret graphql.Marshaler) {
 	defer func() {
 		if r := recover(); r != nil {
@@ -10459,6 +10679,14 @@ func (ec *executionContext) unmarshalInputAddEmailTemplateRequest(ctx context.Co
 			if err != nil {
 				return it, err
 			}
+		case "subject":
+			var err error
+
+			ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("subject"))
+			it.Subject, err = ec.unmarshalNString2string(ctx, v)
+			if err != nil {
+				return it, err
+			}
 		case "template":
 			var err error
 
@@ -10467,6 +10695,14 @@ func (ec *executionContext) unmarshalInputAddEmailTemplateRequest(ctx context.Co
 			if err != nil {
 				return it, err
 			}
+		case "design":
+			var err error
+
+			ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("design"))
+			it.Design, err = ec.unmarshalNString2string(ctx, v)
+			if err != nil {
+				return it, err
+			}
 		}
 	}
 
@@ -11269,6 +11505,22 @@ func (ec *executionContext) unmarshalInputUpdateEmailTemplateRequest(ctx context
 			if err != nil {
 				return it, err
 			}
+		case "subject":
+			var err error
+
+			ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("subject"))
+			it.Subject, err = ec.unmarshalOString2ᚖstring(ctx, v)
+			if err != nil {
+				return it, err
+			}
+		case "design":
+			var err error
+
+			ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("design"))
+			it.Design, err = ec.unmarshalOString2ᚖstring(ctx, v)
+			if err != nil {
+				return it, err
+			}
 		}
 	}
 
@@ -11596,6 +11848,22 @@ func (ec *executionContext) unmarshalInputUpdateEnvInput(ctx context.Context, ob
 			if err != nil {
 				return it, err
 			}
+		case "TWITTER_CLIENT_ID":
+			var err error
+
+			ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("TWITTER_CLIENT_ID"))
+			it.TwitterClientID, err = ec.unmarshalOString2ᚖstring(ctx, v)
+			if err != nil {
+				return it, err
+			}
+		case "TWITTER_CLIENT_SECRET":
+			var err error
+
+			ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("TWITTER_CLIENT_SECRET"))
+			it.TwitterClientSecret, err = ec.unmarshalOString2ᚖstring(ctx, v)
+			if err != nil {
+				return it, err
+			}
 		case "ORGANIZATION_NAME":
 			var err error
 
@@ -12100,6 +12368,16 @@ func (ec *executionContext) _EmailTemplate(ctx context.Context, sel ast.Selectio
 			if out.Values[i] == graphql.Null {
 				invalids++
 			}
+		case "design":
+			out.Values[i] = ec._EmailTemplate_design(ctx, field, obj)
+			if out.Values[i] == graphql.Null {
+				invalids++
+			}
+		case "subject":
+			out.Values[i] = ec._EmailTemplate_subject(ctx, field, obj)
+			if out.Values[i] == graphql.Null {
+				invalids++
+			}
 		case "created_at":
 			out.Values[i] = ec._EmailTemplate_created_at(ctx, field, obj)
 		case "updated_at":
@@ -12131,8 +12409,8 @@ func (ec *executionContext) _EmailTemplates(ctx context.Context, sel ast.Selecti
 			if out.Values[i] == graphql.Null {
 				invalids++
 			}
-		case "EmailTemplates":
+		case "email_templates":
-			out.Values[i] = ec._EmailTemplates_EmailTemplates(ctx, field, obj)
+			out.Values[i] = ec._EmailTemplates_email_templates(ctx, field, obj)
 			if out.Values[i] == graphql.Null {
 				invalids++
 			}
@@ -12287,6 +12565,10 @@ func (ec *executionContext) _Env(ctx context.Context, sel ast.SelectionSet, obj
 			out.Values[i] = ec._Env_APPLE_CLIENT_ID(ctx, field, obj)
 		case "APPLE_CLIENT_SECRET":
 			out.Values[i] = ec._Env_APPLE_CLIENT_SECRET(ctx, field, obj)
+		case "TWITTER_CLIENT_ID":
+			out.Values[i] = ec._Env_TWITTER_CLIENT_ID(ctx, field, obj)
+		case "TWITTER_CLIENT_SECRET":
+			out.Values[i] = ec._Env_TWITTER_CLIENT_SECRET(ctx, field, obj)
 		case "ORGANIZATION_NAME":
 			out.Values[i] = ec._Env_ORGANIZATION_NAME(ctx, field, obj)
 		case "ORGANIZATION_LOGO":
@@ -12408,6 +12690,11 @@ func (ec *executionContext) _Meta(ctx context.Context, sel ast.SelectionSet, obj
 			if out.Values[i] == graphql.Null {
 				invalids++
 			}
+		case "is_twitter_login_enabled":
+			out.Values[i] = ec._Meta_is_twitter_login_enabled(ctx, field, obj)
+			if out.Values[i] == graphql.Null {
+				invalids++
+			}
 		case "is_email_verification_enabled":
 			out.Values[i] = ec._Meta_is_email_verification_enabled(ctx, field, obj)
 			if out.Values[i] == graphql.Null {

server/graph/model/models_gen.go

@@ -4,7 +4,9 @@ package model
 
 type AddEmailTemplateRequest struct {
 	EventName string `json:"event_name"`
+	Subject   string `json:"subject"`
 	Template  string `json:"template"`
+	Design    string `json:"design"`
 }
 
 type AddWebhookRequest struct {
@@ -44,13 +46,15 @@ type EmailTemplate struct {
 	ID        string `json:"id"`
 	EventName string `json:"event_name"`
 	Template  string `json:"template"`
+	Design    string `json:"design"`
+	Subject   string `json:"subject"`
 	CreatedAt *int64 `json:"created_at"`
 	UpdatedAt *int64 `json:"updated_at"`
 }
 
 type EmailTemplates struct {
 	Pagination     *Pagination      `json:"pagination"`
-	EmailTemplates []*EmailTemplate `json:"EmailTemplates"`
+	EmailTemplates []*EmailTemplate `json:"email_templates"`
 }
 
 type Env struct {
@@ -102,6 +106,8 @@ type Env struct {
 	LinkedinClientSecret             *string  `json:"LINKEDIN_CLIENT_SECRET"`
 	AppleClientID                    *string  `json:"APPLE_CLIENT_ID"`
 	AppleClientSecret                *string  `json:"APPLE_CLIENT_SECRET"`
+	TwitterClientID                  *string  `json:"TWITTER_CLIENT_ID"`
+	TwitterClientSecret              *string  `json:"TWITTER_CLIENT_SECRET"`
 	OrganizationName                 *string  `json:"ORGANIZATION_NAME"`
 	OrganizationLogo                 *string  `json:"ORGANIZATION_LOGO"`
 }
@@ -160,6 +166,7 @@ type Meta struct {
 	IsGithubLoginEnabled         bool   `json:"is_github_login_enabled"`
 	IsLinkedinLoginEnabled       bool   `json:"is_linkedin_login_enabled"`
 	IsAppleLoginEnabled          bool   `json:"is_apple_login_enabled"`
+	IsTwitterLoginEnabled        bool   `json:"is_twitter_login_enabled"`
 	IsEmailVerificationEnabled   bool   `json:"is_email_verification_enabled"`
 	IsBasicAuthenticationEnabled bool   `json:"is_basic_authentication_enabled"`
 	IsMagicLinkLoginEnabled      bool   `json:"is_magic_link_login_enabled"`
@@ -249,6 +256,8 @@ type UpdateEmailTemplateRequest struct {
 	ID        string  `json:"id"`
 	EventName *string `json:"event_name"`
 	Template  *string `json:"template"`
+	Subject   *string `json:"subject"`
+	Design    *string `json:"design"`
 }
 
 type UpdateEnvInput struct {
@@ -291,6 +300,8 @@ type UpdateEnvInput struct {
 	LinkedinClientSecret             *string  `json:"LINKEDIN_CLIENT_SECRET"`
 	AppleClientID                    *string  `json:"APPLE_CLIENT_ID"`
 	AppleClientSecret                *string  `json:"APPLE_CLIENT_SECRET"`
+	TwitterClientID                  *string  `json:"TWITTER_CLIENT_ID"`
+	TwitterClientSecret              *string  `json:"TWITTER_CLIENT_SECRET"`
 	OrganizationName                 *string  `json:"ORGANIZATION_NAME"`
 	OrganizationLogo                 *string  `json:"ORGANIZATION_LOGO"`
 }

server/graph/schema.graphqls

@@ -20,6 +20,7 @@ type Meta {
 	is_github_login_enabled: Boolean!
 	is_linkedin_login_enabled: Boolean!
 	is_apple_login_enabled: Boolean!
+	is_twitter_login_enabled: Boolean!
 	is_email_verification_enabled: Boolean!
 	is_basic_authentication_enabled: Boolean!
 	is_magic_link_login_enabled: Boolean!
@@ -141,6 +142,8 @@ type Env {
 	LINKEDIN_CLIENT_SECRET: String
 	APPLE_CLIENT_ID: String
 	APPLE_CLIENT_SECRET: String
+	TWITTER_CLIENT_ID: String
+	TWITTER_CLIENT_SECRET: String
 	ORGANIZATION_NAME: String
 	ORGANIZATION_LOGO: String
 }
@@ -194,13 +197,15 @@ type EmailTemplate {
 	id: ID!
 	event_name: String!
 	template: String!
+	design: String!
+	subject: String!
 	created_at: Int64
 	updated_at: Int64
 }
 
 type EmailTemplates {
 	pagination: Pagination!
-	EmailTemplates: [EmailTemplate!]!
+	email_templates: [EmailTemplate!]!
 }
 
 input UpdateEnvInput {
@@ -243,6 +248,8 @@ input UpdateEnvInput {
 	LINKEDIN_CLIENT_SECRET: String
 	APPLE_CLIENT_ID: String
 	APPLE_CLIENT_SECRET: String
+	TWITTER_CLIENT_ID: String
+	TWITTER_CLIENT_SECRET: String
 	ORGANIZATION_NAME: String
 	ORGANIZATION_LOGO: String
 }
@@ -414,13 +421,17 @@ input TestEndpointRequest {
 
 input AddEmailTemplateRequest {
 	event_name: String!
+	subject: String!
 	template: String!
+	design: String!
 }
 
 input UpdateEmailTemplateRequest {
 	id: ID!
 	event_name: String
 	template: String
+	subject: String
+	design: String
 }
 
 input DeleteEmailTemplateRequest {

server/handlers/authorize.go

@@ -248,7 +248,7 @@ func AuthorizeHandler() gin.HandlerFunc {
 				return
 			}
 
-			memorystore.Provider.SetUserSession(user.ID, constants.TokenTypeSessionToken+"_"+newSessionTokenData.Nonce, newSessionToken)
+			memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeSessionToken+"_"+newSessionTokenData.Nonce, newSessionToken)
 			cookie.SetSession(gc, newSessionToken)
 			code := uuid.New().String()
 			memorystore.Provider.SetState(codeChallenge, code+"@"+newSessionToken)

server/handlers/oauth_callback.go

@@ -67,6 +67,8 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 			user, err = processLinkedInUserInfo(code)
 		case constants.AuthRecipeMethodApple:
 			user, err = processAppleUserInfo(code)
+		case constants.AuthRecipeMethodTwitter:
+			user, err = processTwitterUserInfo(code, sessionState)
 		default:
 			log.Info("Invalid oauth provider")
 			err = fmt.Errorf(`invalid oauth provider`)
@@ -285,9 +287,9 @@ func processGithubUserInfo(code string) (models.User, error) {
 		log.Debug("Failed to create github user info request: ", err)
 		return user, fmt.Errorf("error creating github user info request: %s", err.Error())
 	}
-	req.Header = http.Header{
+	req.Header.Set(
-		"Authorization": []string{fmt.Sprintf("token %s", oauth2Token.AccessToken)},
+		"Authorization", fmt.Sprintf("token %s", oauth2Token.AccessToken),
-	}
+	)
 
 	response, err := client.Do(req)
 	if err != nil {
@@ -329,14 +331,14 @@ func processGithubUserInfo(code string) (models.User, error) {
 		}
 
 		// fetch using /users/email endpoint
-		req, err := http.NewRequest("GET", constants.GithubUserEmails, nil)
+		req, err := http.NewRequest(http.MethodGet, constants.GithubUserEmails, nil)
 		if err != nil {
 			log.Debug("Failed to create github emails request: ", err)
 			return user, fmt.Errorf("error creating github user info request: %s", err.Error())
 		}
-		req.Header = http.Header{
+		req.Header.Set(
-			"Authorization": []string{fmt.Sprintf("token %s", oauth2Token.AccessToken)},
+			"Authorization", fmt.Sprintf("token %s", oauth2Token.AccessToken),
-		}
+		)
 
 		response, err := client.Do(req)
 		if err != nil {
@@ -564,3 +566,70 @@ func processAppleUserInfo(code string) (models.User, error) {
 
 	return user, err
 }
+
+func processTwitterUserInfo(code, verifier string) (models.User, error) {
+	user := models.User{}
+	oauth2Token, err := oauth.OAuthProviders.TwitterConfig.Exchange(oauth2.NoContext, code, oauth2.SetAuthURLParam("code_verifier", verifier))
+	if err != nil {
+		log.Debug("Failed to exchange code for token: ", err)
+		return user, fmt.Errorf("invalid twitter exchange code: %s", err.Error())
+	}
+
+	client := http.Client{}
+	req, err := http.NewRequest("GET", constants.TwitterUserInfoURL, nil)
+	if err != nil {
+		log.Debug("Failed to create Twitter user info request: ", err)
+		return user, fmt.Errorf("error creating Twitter user info request: %s", err.Error())
+	}
+	req.Header = http.Header{
+		"Authorization": []string{fmt.Sprintf("Bearer %s", oauth2Token.AccessToken)},
+	}
+
+	response, err := client.Do(req)
+	if err != nil {
+		log.Debug("Failed to request Twitter user info: ", err)
+		return user, err
+	}
+
+	defer response.Body.Close()
+	body, err := ioutil.ReadAll(response.Body)
+	if err != nil {
+		log.Debug("Failed to read Twitter user info response body: ", err)
+		return user, fmt.Errorf("failed to read Twitter response body: %s", err.Error())
+	}
+
+	if response.StatusCode >= 400 {
+		log.Debug("Failed to request Twitter user info: ", string(body))
+		return user, fmt.Errorf("failed to request Twitter user info: %s", string(body))
+	}
+
+	responseRawData := make(map[string]interface{})
+	json.Unmarshal(body, &responseRawData)
+
+	userRawData := responseRawData["data"].(map[string]interface{})
+
+	// log.Info(userRawData)
+	// Twitter API does not return E-Mail adresses by default. For that case special privileges have
+	// to be granted on a per-App basis. See https://developer.twitter.com/en/docs/twitter-api/v1/accounts-and-users/manage-account-settings/api-reference/get-account-verify_credentials
+
+	// Currently Twitter API only provides the full name of a user. To fill givenName and familyName
+	// the full name will be split at the first whitespace. This approach will not be valid for all name combinations
+	nameArr := strings.SplitAfterN(userRawData["name"].(string), " ", 2)
+
+	firstName := nameArr[0]
+	lastName := ""
+	if len(nameArr) == 2 {
+		lastName = nameArr[1]
+	}
+	nickname := userRawData["username"].(string)
+	profilePicture := userRawData["profile_image_url"].(string)
+
+	user = models.User{
+		GivenName:  &firstName,
+		FamilyName: &lastName,
+		Picture:    &profilePicture,
+		Nickname:   &nickname,
+	}
+
+	return user, nil
+}

server/handlers/oauth_login.go

@@ -12,6 +12,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/oauth"
 	"github.com/authorizerdev/authorizer/server/parsers"
+	"github.com/authorizerdev/authorizer/server/utils"
 	"github.com/authorizerdev/authorizer/server/validators"
 )
 
@@ -95,7 +96,7 @@ func OAuthLoginHandler() gin.HandlerFunc {
 
 		}
 
-		oauthStateString := state + "___" + redirectURI + "___" + roles + "___" + strings.Join(scope, ",")
+		oauthStateString := state + "___" + redirectURI + "___" + roles + "___" + strings.Join(scope, " ")
 
 		provider := c.Param("oauth_provider")
 		isProviderConfigured := true
@@ -169,6 +170,26 @@ func OAuthLoginHandler() gin.HandlerFunc {
 			oauth.OAuthProviders.LinkedInConfig.RedirectURL = hostname + "/oauth_callback/" + constants.AuthRecipeMethodLinkedIn
 			url := oauth.OAuthProviders.LinkedInConfig.AuthCodeURL(oauthStateString)
 			c.Redirect(http.StatusTemporaryRedirect, url)
+		case constants.AuthRecipeMethodTwitter:
+			if oauth.OAuthProviders.TwitterConfig == nil {
+				log.Debug("Twitter OAuth provider is not configured")
+				isProviderConfigured = false
+				break
+			}
+
+			verifier, challenge := utils.GenerateCodeChallenge()
+
+			err := memorystore.Provider.SetState(oauthStateString, verifier)
+			if err != nil {
+				log.Debug("Error setting state: ", err)
+				c.JSON(500, gin.H{
+					"error": "internal server error",
+				})
+				return
+			}
+			oauth.OAuthProviders.TwitterConfig.RedirectURL = hostname + "/oauth_callback/" + constants.AuthRecipeMethodTwitter
+			url := oauth.OAuthProviders.TwitterConfig.AuthCodeURL(oauthStateString, oauth2.SetAuthURLParam("code_challenge", challenge), oauth2.SetAuthURLParam("code_challenge_method", "S256"))
+			c.Redirect(http.StatusTemporaryRedirect, url)
 		case constants.AuthRecipeMethodApple:
 			if oauth.OAuthProviders.AppleConfig == nil {
 				log.Debug("Apple OAuth provider is not configured")

server/handlers/token.go

@@ -76,7 +76,6 @@ func TokenHandler() gin.HandlerFunc {
 		sessionKey := ""
 
 		if isAuthorizationCodeGrant {
-
 			if codeVerifier == "" {
 				log.Debug("Code verifier is empty")
 				gc.JSON(http.StatusBadRequest, gin.H{
@@ -134,15 +133,18 @@ func TokenHandler() gin.HandlerFunc {
 				})
 				return
 			}
+
 			userID = claims.Subject
 			roles = claims.Roles
 			scope = claims.Scope
 			loginMethod = claims.LoginMethod
+
 			// rollover the session for security
 			sessionKey = userID
 			if loginMethod != "" {
 				sessionKey = loginMethod + ":" + userID
 			}
+
 			go memorystore.Provider.DeleteUserSession(sessionKey, claims.Nonce)
 		} else {
 			// validate refresh token

server/main.go

@@ -109,6 +109,7 @@ func main() {
 	router := routes.InitRouter(log)
 	log.Info("Starting Authorizer: ", VERSION)
 	port, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyPort)
+	log.Info("Authorizer running at PORT: ", port)
 	if err != nil {
 		log.Info("Error while getting port from env using default port 8080: ", err)
 		port = "8080"

server/memorystore/memory_store.go

@@ -34,6 +34,8 @@ func InitMemStore() error {
 		constants.EnvKeyIsEmailServiceEnabled:            false,
 		constants.EnvKeyEnforceMultiFactorAuthentication: false,
 		constants.EnvKeyDisableMultiFactorAuthentication: false,
+		constants.EnvKeyAppCookieSecure:                  true,
+		constants.EnvKeyAdminCookieSecure:                true,
 	}
 
 	requiredEnvs := RequiredEnvStoreObj.GetRequiredEnv()

server/memorystore/providers/inmemory/store.go

@@ -7,7 +7,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/constants"
 )
 
-// SetUserSession sets the user session
+// SetUserSession sets the user session for given user identifier in form recipe:user_id
 func (c *provider) SetUserSession(userId, key, token string) error {
 	c.sessionStore.Set(userId, key, token)
 	return nil
@@ -34,6 +34,7 @@ func (c *provider) DeleteAllUserSessions(userId string) error {
 		constants.AuthRecipeMethodGithub,
 		constants.AuthRecipeMethodGoogle,
 		constants.AuthRecipeMethodLinkedIn,
+		constants.AuthRecipeMethodTwitter,
 	}
 
 	for _, namespace := range namespaces {

server/memorystore/providers/providers.go

@@ -2,7 +2,7 @@ package providers
 
 // Provider defines current memory store provider
 type Provider interface {
-	// SetUserSession sets the user session
+	// SetUserSession sets the user session for given user identifier in form recipe:user_id
 	SetUserSession(userId, key, token string) error
 	// GetAllUserSessions returns all the user sessions from the session store
 	GetAllUserSessions(userId string) (map[string]string, error)

server/memorystore/providers/redis/store.go

@@ -14,7 +14,7 @@ var (
 	envStorePrefix = "authorizer_env"
 )
 
-// SetUserSession sets the user session in redis store.
+// SetUserSession sets the user session for given user identifier in form recipe:user_id
 func (c *provider) SetUserSession(userId, key, token string) error {
 	err := c.store.HSet(c.ctx, userId, key, token).Err()
 	if err != nil {
@@ -71,6 +71,7 @@ func (c *provider) DeleteAllUserSessions(userID string) error {
 		constants.AuthRecipeMethodGithub,
 		constants.AuthRecipeMethodGoogle,
 		constants.AuthRecipeMethodLinkedIn,
+		constants.AuthRecipeMethodTwitter,
 	}
 	for _, namespace := range namespaces {
 		err := c.store.Del(c.ctx, namespace+":"+userID).Err()
@@ -160,7 +161,7 @@ func (c *provider) GetEnvStore() (map[string]interface{}, error) {
 		return nil, err
 	}
 	for key, value := range data {
-		if key == constants.EnvKeyDisableBasicAuthentication || key == constants.EnvKeyDisableEmailVerification || key == constants.EnvKeyDisableLoginPage || key == constants.EnvKeyDisableMagicLinkLogin || key == constants.EnvKeyDisableRedisForEnv || key == constants.EnvKeyDisableSignUp || key == constants.EnvKeyDisableStrongPassword || key == constants.EnvKeyIsEmailServiceEnabled || key == constants.EnvKeyEnforceMultiFactorAuthentication || key == constants.EnvKeyDisableMultiFactorAuthentication {
+		if key == constants.EnvKeyDisableBasicAuthentication || key == constants.EnvKeyDisableEmailVerification || key == constants.EnvKeyDisableLoginPage || key == constants.EnvKeyDisableMagicLinkLogin || key == constants.EnvKeyDisableRedisForEnv || key == constants.EnvKeyDisableSignUp || key == constants.EnvKeyDisableStrongPassword || key == constants.EnvKeyIsEmailServiceEnabled || key == constants.EnvKeyEnforceMultiFactorAuthentication || key == constants.EnvKeyDisableMultiFactorAuthentication || key == constants.EnvKeyAppCookieSecure || key == constants.EnvKeyAdminCookieSecure {
 			boolValue, err := strconv.ParseBool(value)
 			if err != nil {
 				return res, err

server/oauth/oauth.go

@@ -20,6 +20,7 @@ type OAuthProvider struct {
 	FacebookConfig *oauth2.Config
 	LinkedInConfig *oauth2.Config
 	AppleConfig    *oauth2.Config
+	TwitterConfig  *oauth2.Config
 }
 
 // OIDCProviders is a struct that contains reference all the OpenID providers
@@ -74,6 +75,7 @@ func InitOAuth() error {
 			ClientSecret: githubClientSecret,
 			RedirectURL:  "/oauth_callback/github",
 			Endpoint:     githubOAuth2.Endpoint,
+			Scopes:       []string{"read:user", "user:email"},
 		}
 	}
 
@@ -133,5 +135,28 @@ func InitOAuth() error {
 		}
 	}
 
+	twitterClientID, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyTwitterClientID)
+	if err != nil {
+		twitterClientID = ""
+	}
+	twitterClientSecret, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyTwitterClientSecret)
+	if err != nil {
+		twitterClientSecret = ""
+	}
+	if twitterClientID != "" && twitterClientSecret != "" {
+		OAuthProviders.TwitterConfig = &oauth2.Config{
+			ClientID:     twitterClientID,
+			ClientSecret: twitterClientSecret,
+			RedirectURL:  "/oauth_callback/twitter",
+			Endpoint: oauth2.Endpoint{
+				// Endpoint is currently not yet part of oauth2-package. See https://go-review.googlesource.com/c/oauth2/+/350889 for status
+				AuthURL:   "https://twitter.com/i/oauth2/authorize",
+				TokenURL:  "https://api.twitter.com/2/oauth2/token",
+				AuthStyle: oauth2.AuthStyleInHeader,
+			},
+			Scopes: []string{"tweet.read", "users.read"},
+		}
+	}
+
 	return nil
 }

server/parsers/url.go

@@ -11,8 +11,8 @@ import (
 )
 
 // GetHost returns hostname from request context
-// if X-Authorizer-URL header is set it is given highest priority
+// if EnvKeyAuthorizerURL is set it is given highest priority.
-// if EnvKeyAuthorizerURL is set it is given second highest priority.
+// if X-Authorizer-URL header is set it is given second highest priority
 // if above 2 are not set the requesting host name is used
 func GetHost(c *gin.Context) string {
 	authorizerURL, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyAuthorizerURL)

server/resolvers/add_email_template.go

@@ -14,8 +14,6 @@ import (
 	log "github.com/sirupsen/logrus"
 )
 
-// TODO add template validator
-
 // AddEmailTemplateResolver resolver for add email template mutation
 func AddEmailTemplateResolver(ctx context.Context, params model.AddEmailTemplateRequest) (*model.Response, error) {
 	gc, err := utils.GinContextFromContext(ctx)
@@ -34,13 +32,23 @@ func AddEmailTemplateResolver(ctx context.Context, params model.AddEmailTemplate
 		return nil, fmt.Errorf("invalid event name %s", params.EventName)
 	}
 
+	if strings.TrimSpace(params.Subject) == "" {
+		return nil, fmt.Errorf("empty subject not allowed")
+	}
+
 	if strings.TrimSpace(params.Template) == "" {
 		return nil, fmt.Errorf("empty template not allowed")
 	}
 
+	if strings.TrimSpace(params.Design) == "" {
+		return nil, fmt.Errorf("empty design not allowed")
+	}
+
 	_, err = db.Provider.AddEmailTemplate(ctx, models.EmailTemplate{
 		EventName: params.EventName,
 		Template:  params.Template,
+		Subject:   params.Subject,
+		Design:    params.Design,
 	})
 	if err != nil {
 		log.Debug("Failed to add email template: ", err)

server/resolvers/delete_user.go

@@ -50,6 +50,34 @@ func DeleteUserResolver(ctx context.Context, params model.DeleteUserInput) (*mod
 	}
 
 	go func() {
+		// delete otp for given email
+		otp, err := db.Provider.GetOTPByEmail(ctx, user.Email)
+		if err != nil {
+			log.Infof("No OTP found for email (%s): %v", user.Email, err)
+			// continue
+		} else {
+			err := db.Provider.DeleteOTP(ctx, otp)
+			if err != nil {
+				log.Debugf("Failed to delete otp for given email (%s): %v", user.Email, err)
+				// continue
+			}
+		}
+
+		// delete verification requests for given email
+		for _, vt := range constants.VerificationTypes {
+			verificationRequest, err := db.Provider.GetVerificationRequestByEmail(ctx, user.Email, vt)
+			if err != nil {
+				log.Infof("No verification verification request found for email: %s, verification_request_type: %s. %v", user.Email, vt, err)
+				// continue
+			} else {
+				err := db.Provider.DeleteVerificationRequest(ctx, verificationRequest)
+				if err != nil {
+					log.Debugf("Failed to DeleteVerificationRequest for email: %s, verification_request_type: %s. %v", user.Email, vt, err)
+					// continue
+				}
+			}
+		}
+
 		memorystore.Provider.DeleteAllUserSessions(user.ID)
 		utils.RegisterEvent(ctx, constants.UserDeletedWebhookEvent, "", user)
 	}()

server/resolvers/env.go

@@ -143,6 +143,13 @@ func EnvResolver(ctx context.Context) (*model.Env, error) {
 	if val, ok := store[constants.EnvKeyAppleClientSecret]; ok {
 		res.AppleClientSecret = refs.NewStringRef(val.(string))
 	}
+	if val, ok := store[constants.EnvKeyTwitterClientID]; ok {
+		res.TwitterClientID = refs.NewStringRef(val.(string))
+	}
+	if val, ok := store[constants.EnvKeyTwitterClientSecret]; ok {
+		res.TwitterClientSecret = refs.NewStringRef(val.(string))
+	}
+
 	if val, ok := store[constants.EnvKeyOrganizationName]; ok {
 		res.OrganizationName = refs.NewStringRef(val.(string))
 	}

server/resolvers/forgot_password.go

@@ -15,6 +15,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/parsers"
+	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
 	"github.com/authorizerdev/authorizer/server/validators"
@@ -49,7 +50,7 @@ func ForgotPasswordResolver(ctx context.Context, params model.ForgotPasswordInpu
 	log := log.WithFields(log.Fields{
 		"email": params.Email,
 	})
-	_, err = db.Provider.GetUserByEmail(ctx, params.Email)
+	user, err := db.Provider.GetUserByEmail(ctx, params.Email)
 	if err != nil {
 		log.Debug("User not found: ", err)
 		return res, fmt.Errorf(`user with this email not found`)
@@ -61,9 +62,9 @@ func ForgotPasswordResolver(ctx context.Context, params model.ForgotPasswordInpu
 		log.Debug("Failed to generate nonce: ", err)
 		return res, err
 	}
-	redirectURL := parsers.GetAppURL(gc) + "/reset-password"
+	redirectURL := parsers.GetAppURL(gc)
-	if params.RedirectURI != nil {
+	if strings.TrimSpace(refs.StringValue(params.RedirectURI)) != "" {
-		redirectURL = *params.RedirectURI
+		redirectURL = refs.StringValue(params.RedirectURI)
 	}
 
 	verificationToken, err := token.CreateVerificationToken(params.Email, constants.VerificationTypeForgotPassword, hostname, nonceHash, redirectURL)
@@ -84,8 +85,12 @@ func ForgotPasswordResolver(ctx context.Context, params model.ForgotPasswordInpu
 		return res, err
 	}
 
-	// exec it as go routin so that we can reduce the api latency
+	// exec it as go routine so that we can reduce the api latency
-	go email.SendForgotPasswordMail(params.Email, verificationToken, hostname)
+	go email.SendEmail([]string{params.Email}, constants.VerificationTypeForgotPassword, map[string]interface{}{
+		"user":             user.ToMap(),
+		"organization":     utils.GetOrganization(),
+		"verification_url": utils.GetForgotPasswordURL(verificationToken, hostname),
+	})
 
 	res = &model.Response{
 		Message: `Please check your inbox! We have sent a password reset link.`,

server/resolvers/invite_members.go

@@ -115,7 +115,7 @@ func InviteMembersResolver(ctx context.Context, params model.InviteMemberInput)
 			return nil, err
 		}
 
-		verificationToken, err := token.CreateVerificationToken(email, constants.VerificationTypeForgotPassword, hostname, nonceHash, redirectURL)
+		verificationToken, err := token.CreateVerificationToken(email, constants.VerificationTypeInviteMember, hostname, nonceHash, redirectURL)
 		if err != nil {
 			log.Debug("Failed to create verification token: ", err)
 		}
@@ -135,7 +135,7 @@ func InviteMembersResolver(ctx context.Context, params model.InviteMemberInput)
 		} else {
 			// use basic authentication if that option is on
 			user.SignupMethods = constants.AuthRecipeMethodBasicAuth
-			verificationRequest.Identifier = constants.VerificationTypeForgotPassword
+			verificationRequest.Identifier = constants.VerificationTypeInviteMember
 
 			isMFAEnforced, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyEnforceMultiFactorAuthentication)
 			if err != nil {
@@ -162,7 +162,12 @@ func InviteMembersResolver(ctx context.Context, params model.InviteMemberInput)
 			return nil, err
 		}
 
-		go emailservice.InviteEmail(email, verificationToken, verifyEmailURL, redirectURL)
+		// exec it as go routine so that we can reduce the api latency
+		go emailservice.SendEmail([]string{user.Email}, constants.VerificationTypeInviteMember, map[string]interface{}{
+			"user":             user.ToMap(),
+			"organization":     utils.GetOrganization(),
+			"verification_url": utils.GetInviteVerificationURL(verifyEmailURL, verificationToken, redirectURL),
+		})
 	}
 
 	return &model.Response{

server/resolvers/login.go

@@ -50,7 +50,7 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
 	user, err := db.Provider.GetUserByEmail(ctx, params.Email)
 	if err != nil {
 		log.Debug("Failed to get user by email: ", err)
-		return res, fmt.Errorf(`user with this email not found`)
+		return res, fmt.Errorf(`bad user credentials`)
 	}
 
 	if user.RevokedTimestamp != nil {
@@ -72,7 +72,7 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
 
 	if err != nil {
 		log.Debug("Failed to compare password: ", err)
-		return res, fmt.Errorf(`invalid password`)
+		return res, fmt.Errorf(`bad user credentials`)
 	}
 
 	defaultRolesString, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
@@ -123,7 +123,12 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
 		}
 
 		go func() {
-			err := email.SendOtpMail(user.Email, otpData.Otp)
+			// exec it as go routine so that we can reduce the api latency
+			go email.SendEmail([]string{params.Email}, constants.VerificationTypeOTP, map[string]interface{}{
+				"user":         user.ToMap(),
+				"organization": utils.GetOrganization(),
+				"otp":          otpData.Otp,
+			})
 			if err != nil {
 				log.Debug("Failed to send otp email: ", err)
 			}

server/resolvers/magic_link_login.go

@@ -219,8 +219,12 @@ func MagicLinkLoginResolver(ctx context.Context, params model.MagicLinkLoginInpu
 			return res, err
 		}
 
-		// exec it as go routing so that we can reduce the api latency
+		// exec it as go routine so that we can reduce the api latency
-		go email.SendVerificationMail(params.Email, verificationToken, hostname)
+		go email.SendEmail([]string{params.Email}, constants.VerificationTypeMagicLinkLogin, map[string]interface{}{
+			"user":             user.ToMap(),
+			"organization":     utils.GetOrganization(),
+			"verification_url": utils.GetEmailVerificationURL(verificationToken, hostname),
+		})
 	}
 
 	res = &model.Response{

server/resolvers/meta.go

@@ -77,6 +77,18 @@ func MetaResolver(ctx context.Context) (*model.Meta, error) {
 		githubClientSecret = ""
 	}
 
+	twitterClientID, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyTwitterClientID)
+	if err != nil {
+		log.Debug("Failed to get Twitter Client ID from environment variable", err)
+		twitterClientID = ""
+	}
+
+	twitterClientSecret, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyTwitterClientSecret)
+	if err != nil {
+		log.Debug("Failed to get Twitter Client Secret from environment variable", err)
+		twitterClientSecret = ""
+	}
+
 	isBasicAuthDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication)
 	if err != nil {
 		log.Debug("Failed to get Disable Basic Authentication from environment variable", err)
@@ -121,6 +133,7 @@ func MetaResolver(ctx context.Context) (*model.Meta, error) {
 		IsFacebookLoginEnabled:       facebookClientID != "" && facebookClientSecret != "",
 		IsLinkedinLoginEnabled:       linkedClientID != "" && linkedInClientSecret != "",
 		IsAppleLoginEnabled:          appleClientID != "" && appleClientSecret != "",
+		IsTwitterLoginEnabled:        twitterClientID != "" && twitterClientSecret != "",
 		IsBasicAuthenticationEnabled: !isBasicAuthDisabled,
 		IsEmailVerificationEnabled:   !isEmailVerificationDisabled,
 		IsMagicLinkLoginEnabled:      !isMagicLinkLoginDisabled,

server/resolvers/resend_otp.go

@@ -84,7 +84,12 @@ func ResendOTPResolver(ctx context.Context, params model.ResendOTPRequest) (*mod
 	}
 
 	go func() {
-		err := email.SendOtpMail(params.Email, otp)
+		// exec it as go routine so that we can reduce the api latency
+		go email.SendEmail([]string{params.Email}, constants.VerificationTypeOTP, map[string]interface{}{
+			"user":         user.ToMap(),
+			"organization": utils.GetOrganization(),
+			"otp":          otp,
+		})
 		if err != nil {
 			log.Debug("Error sending otp email: ", otp)
 		}

server/resolvers/resend_verify_email.go

@@ -39,6 +39,11 @@ func ResendVerifyEmailResolver(ctx context.Context, params model.ResendVerifyEma
 		return res, fmt.Errorf("invalid identifier")
 	}
 
+	user, err := db.Provider.GetUserByEmail(ctx, params.Email)
+	if err != nil {
+		return res, fmt.Errorf("invalid user")
+	}
+
 	verificationRequest, err := db.Provider.GetVerificationRequestByEmail(ctx, params.Email, params.Identifier)
 	if err != nil {
 		log.Debug("Failed to get verification request: ", err)
@@ -74,8 +79,12 @@ func ResendVerifyEmailResolver(ctx context.Context, params model.ResendVerifyEma
 		log.Debug("Failed to add verification request: ", err)
 	}
 
-	// exec it as go routin so that we can reduce the api latency
+	// exec it as go routine so that we can reduce the api latency
-	go email.SendVerificationMail(params.Email, verificationToken, hostname)
+	go email.SendEmail([]string{params.Email}, params.Identifier, map[string]interface{}{
+		"user":             user.ToMap(),
+		"organization":     utils.GetOrganization(),
+		"verification_url": utils.GetEmailVerificationURL(verificationToken, hostname),
+	})
 
 	res = &model.Response{
 		Message: `Verification email has been sent. Please check your inbox`,

server/resolvers/signup.go

@@ -221,9 +221,14 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
 			return res, err
 		}
 
-		// exec it as go routin so that we can reduce the api latency
+		// exec it as go routine so that we can reduce the api latency
 		go func() {
-			email.SendVerificationMail(params.Email, verificationToken, hostname)
+			// exec it as go routine so that we can reduce the api latency
+			email.SendEmail([]string{params.Email}, constants.VerificationTypeBasicAuthSignup, map[string]interface{}{
+				"user":             user.ToMap(),
+				"organization":     utils.GetOrganization(),
+				"verification_url": utils.GetEmailVerificationURL(verificationToken, hostname),
+			})
 			utils.RegisterEvent(ctx, constants.UserCreatedWebhookEvent, constants.AuthRecipeMethodBasicAuth, user)
 		}()
 

server/resolvers/update_email_template.go

@@ -15,8 +15,6 @@ import (
 	log "github.com/sirupsen/logrus"
 )
 
-// TODO add template validator
-
 // UpdateEmailTemplateResolver resolver for update email template mutation
 func UpdateEmailTemplateResolver(ctx context.Context, params model.UpdateEmailTemplateRequest) (*model.Response, error) {
 	gc, err := utils.GinContextFromContext(ctx)
@@ -51,6 +49,14 @@ func UpdateEmailTemplateResolver(ctx context.Context, params model.UpdateEmailTe
 		emailTemplateDetails.EventName = refs.StringValue(params.EventName)
 	}
 
+	if params.Subject != nil && emailTemplateDetails.Subject != refs.StringValue(params.Subject) {
+		if strings.TrimSpace(refs.StringValue(params.Subject)) == "" {
+			log.Debug("empty subject not allowed")
+			return nil, fmt.Errorf("empty subject not allowed")
+		}
+		emailTemplateDetails.Subject = refs.StringValue(params.Subject)
+	}
+
 	if params.Template != nil && emailTemplateDetails.Template != refs.StringValue(params.Template) {
 		if strings.TrimSpace(refs.StringValue(params.Template)) == "" {
 			log.Debug("empty template not allowed")
@@ -59,6 +65,14 @@ func UpdateEmailTemplateResolver(ctx context.Context, params model.UpdateEmailTe
 		emailTemplateDetails.Template = refs.StringValue(params.Template)
 	}
 
+	if params.Design != nil && emailTemplateDetails.Design != refs.StringValue(params.Design) {
+		if strings.TrimSpace(refs.StringValue(params.Design)) == "" {
+			log.Debug("empty design not allowed")
+			return nil, fmt.Errorf("empty design not allowed")
+		}
+		emailTemplateDetails.Design = refs.StringValue(params.Design)
+	}
+
 	_, err = db.Provider.UpdateEmailTemplate(ctx, emailTemplateDetails)
 	if err != nil {
 		return nil, err

server/resolvers/update_env.go

@@ -31,6 +31,7 @@ func clearSessionIfRequired(currentData, updatedData map[string]interface{}) {
 	isCurrentGoogleLoginEnabled := currentData[constants.EnvKeyGoogleClientID] != nil && currentData[constants.EnvKeyGoogleClientSecret] != nil && currentData[constants.EnvKeyGoogleClientID].(string) != "" && currentData[constants.EnvKeyGoogleClientSecret].(string) != ""
 	isCurrentGithubLoginEnabled := currentData[constants.EnvKeyGithubClientID] != nil && currentData[constants.EnvKeyGithubClientSecret] != nil && currentData[constants.EnvKeyGithubClientID].(string) != "" && currentData[constants.EnvKeyGithubClientSecret].(string) != ""
 	isCurrentLinkedInLoginEnabled := currentData[constants.EnvKeyLinkedInClientID] != nil && currentData[constants.EnvKeyLinkedInClientSecret] != nil && currentData[constants.EnvKeyLinkedInClientID].(string) != "" && currentData[constants.EnvKeyLinkedInClientSecret].(string) != ""
+	isCurrentTwitterLoginEnabled := currentData[constants.EnvKeyTwitterClientID] != nil && currentData[constants.EnvKeyTwitterClientSecret] != nil && currentData[constants.EnvKeyTwitterClientID].(string) != "" && currentData[constants.EnvKeyTwitterClientSecret].(string) != ""
 
 	isUpdatedBasicAuthEnabled := !updatedData[constants.EnvKeyDisableBasicAuthentication].(bool)
 	isUpdatedMagicLinkLoginEnabled := !updatedData[constants.EnvKeyDisableMagicLinkLogin].(bool)
@@ -39,6 +40,7 @@ func clearSessionIfRequired(currentData, updatedData map[string]interface{}) {
 	isUpdatedGoogleLoginEnabled := updatedData[constants.EnvKeyGoogleClientID] != nil && updatedData[constants.EnvKeyGoogleClientSecret] != nil && updatedData[constants.EnvKeyGoogleClientID].(string) != "" && updatedData[constants.EnvKeyGoogleClientSecret].(string) != ""
 	isUpdatedGithubLoginEnabled := updatedData[constants.EnvKeyGithubClientID] != nil && updatedData[constants.EnvKeyGithubClientSecret] != nil && updatedData[constants.EnvKeyGithubClientID].(string) != "" && updatedData[constants.EnvKeyGithubClientSecret].(string) != ""
 	isUpdatedLinkedInLoginEnabled := updatedData[constants.EnvKeyLinkedInClientID] != nil && updatedData[constants.EnvKeyLinkedInClientSecret] != nil && updatedData[constants.EnvKeyLinkedInClientID].(string) != "" && updatedData[constants.EnvKeyLinkedInClientSecret].(string) != ""
+	isUpdatedTwitterLoginEnabled := updatedData[constants.EnvKeyTwitterClientID] != nil && updatedData[constants.EnvKeyTwitterClientSecret] != nil && updatedData[constants.EnvKeyTwitterClientID].(string) != "" && updatedData[constants.EnvKeyTwitterClientSecret].(string) != ""
 
 	if isCurrentBasicAuthEnabled && !isUpdatedBasicAuthEnabled {
 		memorystore.Provider.DeleteSessionForNamespace(constants.AuthRecipeMethodBasicAuth)
@@ -67,6 +69,10 @@ func clearSessionIfRequired(currentData, updatedData map[string]interface{}) {
 	if isCurrentLinkedInLoginEnabled && !isUpdatedLinkedInLoginEnabled {
 		memorystore.Provider.DeleteSessionForNamespace(constants.AuthRecipeMethodLinkedIn)
 	}
+
+	if isCurrentTwitterLoginEnabled && !isUpdatedTwitterLoginEnabled {
+		memorystore.Provider.DeleteSessionForNamespace(constants.AuthRecipeMethodTwitter)
+	}
 }
 
 // UpdateEnvResolver is a resolver for update config mutation

server/resolvers/update_profile.go

@@ -244,8 +244,12 @@ func UpdateProfileResolver(ctx context.Context, params model.UpdateProfileInput)
 				return res, err
 			}
 
-			// exec it as go routin so that we can reduce the api latency
+			// exec it as go routine so that we can reduce the api latency
-			go email.SendVerificationMail(newEmail, verificationToken, hostname)
+			go email.SendEmail([]string{user.Email}, verificationType, map[string]interface{}{
+				"user":             user.ToMap(),
+				"organization":     utils.GetOrganization(),
+				"verification_url": utils.GetEmailVerificationURL(verificationToken, hostname),
+			})
 
 		}
 	}

server/resolvers/update_user.go

@@ -156,8 +156,12 @@ func UpdateUserResolver(ctx context.Context, params model.UpdateUserInput) (*mod
 			return res, err
 		}
 
-		// exec it as go routin so that we can reduce the api latency
+		// exec it as go routine so that we can reduce the api latency
-		go email.SendVerificationMail(newEmail, verificationToken, hostname)
+		go email.SendEmail([]string{user.Email}, constants.VerificationTypeBasicAuthSignup, map[string]interface{}{
+			"user":             user.ToMap(),
+			"organization":     utils.GetOrganization(),
+			"verification_url": utils.GetEmailVerificationURL(verificationToken, hostname),
+		})
 
 	}
 

server/test/add_email_template_test.go

@@ -31,19 +31,44 @@ func addEmailTemplateTest(t *testing.T, s TestSetup) {
 			assert.Nil(t, emailTemplate)
 		})
 
-		t.Run("should not add email template for empty template", func(t *testing.T) {
+		t.Run("should not add email template for empty subject", func(t *testing.T) {
 			emailTemplate, err := resolvers.AddEmailTemplateResolver(ctx, model.AddEmailTemplateRequest{
 				EventName: s.TestInfo.TestEmailTemplateEventTypes[0],
-				Template:  "     ",
+				Template:  " test ",
+				Subject:   "    ",
 			})
 			assert.Error(t, err)
 			assert.Nil(t, emailTemplate)
 		})
+
+		t.Run("should not add email template for empty template", func(t *testing.T) {
+			emailTemplate, err := resolvers.AddEmailTemplateResolver(ctx, model.AddEmailTemplateRequest{
+				EventName: s.TestInfo.TestEmailTemplateEventTypes[0],
+				Template:  "     ",
+				Subject:   "test",
+			})
+			assert.Error(t, err)
+			assert.Nil(t, emailTemplate)
+		})
+
+		t.Run("should not add email template with empty design", func(t *testing.T) {
+			emailTemplate, err := resolvers.AddEmailTemplateResolver(ctx, model.AddEmailTemplateRequest{
+				EventName: s.TestInfo.TestEmailTemplateEventTypes[0],
+				Template:  "test",
+				Subject:   "test",
+				Design:    "   ",
+			})
+			assert.Error(t, err)
+			assert.Nil(t, emailTemplate)
+		})
+
 		for _, eventType := range s.TestInfo.TestEmailTemplateEventTypes {
 			t.Run("should add email template for "+eventType, func(t *testing.T) {
 				emailTemplate, err := resolvers.AddEmailTemplateResolver(ctx, model.AddEmailTemplateRequest{
 					EventName: eventType,
-					Template:  `Test email`,
+					Template:  "Test email",
+					Subject:   "Test email",
+					Design:    "Test design",
 				})
 				assert.NoError(t, err)
 				assert.NotNil(t, emailTemplate)
@@ -52,6 +77,8 @@ func addEmailTemplateTest(t *testing.T, s TestSetup) {
 				et, err := db.Provider.GetEmailTemplateByEventName(ctx, eventType)
 				assert.NoError(t, err)
 				assert.Equal(t, et.EventName, eventType)
+				assert.Equal(t, "Test email", et.Subject)
+				assert.Equal(t, "Test design", et.Design)
 			})
 		}
 	})

server/test/update_email_template_test.go

@@ -31,6 +31,8 @@ func updateEmailTemplateTest(t *testing.T, s TestSetup) {
 		res, err := resolvers.UpdateEmailTemplateResolver(ctx, model.UpdateEmailTemplateRequest{
 			ID:       emailTemplate.ID,
 			Template: refs.NewStringRef("Updated test template"),
+			Subject:  refs.NewStringRef("Updated subject"),
+			Design:   refs.NewStringRef("Updated design"),
 		})
 
 		assert.NoError(t, err)
@@ -42,5 +44,7 @@ func updateEmailTemplateTest(t *testing.T, s TestSetup) {
 		assert.NotNil(t, updatedEmailTemplate)
 		assert.Equal(t, emailTemplate.ID, updatedEmailTemplate.ID)
 		assert.Equal(t, updatedEmailTemplate.Template, "Updated test template")
+		assert.Equal(t, updatedEmailTemplate.Subject, "Updated subject")
+		assert.Equal(t, updatedEmailTemplate.Design, "Updated design")
 	})
 }

server/token/auth_token.go

@@ -298,7 +298,6 @@ func ValidateBrowserSession(gc *gin.Context, encryptedSession string) (*SessionD
 	if res.LoginMethod != "" {
 		sessionStoreKey = res.LoginMethod + ":" + res.Subject
 	}
-
 	token, err := memorystore.Provider.GetUserSession(sessionStoreKey, constants.TokenTypeSessionToken+"_"+res.Nonce)
 	if token == "" || err != nil {
 		log.Debug("invalid browser session:", err)

server/utils/common.go

@@ -2,6 +2,9 @@ package utils
 
 import (
 	"reflect"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 )
 
 // StringSliceContains checks if a string slice contains a particular string
@@ -58,3 +61,46 @@ func ConvertInterfaceToStringSlice(slice interface{}) []string {
 	}
 	return resSlice
 }
+
+// GetOrganization to get organization object
+func GetOrganization() map[string]interface{} {
+	orgLogo, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
+	if err != nil {
+		return nil
+	}
+	orgName, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
+	if err != nil {
+		return nil
+	}
+	organization := map[string]interface{}{
+		"name": orgName,
+		"logo": orgLogo,
+	}
+
+	return organization
+}
+
+// GetForgotPasswordURL to get url for given token and hostname
+func GetForgotPasswordURL(token, hostname string) string {
+	resetPasswordUrl, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyResetPasswordURL)
+	if err != nil {
+		return ""
+	}
+	if resetPasswordUrl == "" {
+		if err := memorystore.Provider.UpdateEnvVariable(constants.EnvKeyResetPasswordURL, hostname+"/app/reset-password"); err != nil {
+			return ""
+		}
+	}
+	verificationURL := resetPasswordUrl + "?token=" + token
+	return verificationURL
+}
+
+// GetInviteVerificationURL to get url for invite email verification
+func GetInviteVerificationURL(verificationURL, token, redirectURI string) string {
+	return verificationURL + "?token=" + token + "&redirect_uri=" + redirectURI
+}
+
+// GetEmailVerificationURL to get url for invite email verification
+func GetEmailVerificationURL(token, hostname string) string {
+	return hostname + "/verify_email?token=" + token
+}

server/utils/pkce.go

@@ -0,0 +1,32 @@
+package utils
+
+import (
+	"crypto/sha256"
+	b64 "encoding/base64"
+	"math/rand"
+	"strings"
+	"time"
+)
+
+const (
+	length = 32
+)
+
+// GenerateCodeChallenge creates PKCE-Code-Challenge
+// and returns the verifier and challenge
+func GenerateCodeChallenge() (string, string) {
+	// Generate Verifier
+	randGenerator := rand.New(rand.NewSource(time.Now().UnixNano()))
+	randomBytes := make([]byte, length)
+	for i := 0; i < length; i++ {
+		randomBytes[i] = byte(randGenerator.Intn(255))
+	}
+	verifier := strings.Trim(b64.URLEncoding.EncodeToString(randomBytes), "=")
+
+	// Generate Challenge
+	rawChallenge := sha256.New()
+	rawChallenge.Write([]byte(verifier))
+	challenge := strings.Trim(b64.URLEncoding.EncodeToString(rawChallenge.Sum(nil)), "=")
+
+	return verifier, challenge
+}

server/validators/email_template.go

@@ -4,7 +4,7 @@ import "github.com/authorizerdev/authorizer/server/constants"
 
 // IsValidEmailTemplateEventName function to validate email template events
 func IsValidEmailTemplateEventName(eventName string) bool {
-	if eventName != constants.VerificationTypeBasicAuthSignup && eventName != constants.VerificationTypeForgotPassword && eventName != constants.VerificationTypeMagicLinkLogin && eventName != constants.VerificationTypeUpdateEmail {
+	if eventName != constants.VerificationTypeBasicAuthSignup && eventName != constants.VerificationTypeForgotPassword && eventName != constants.VerificationTypeMagicLinkLogin && eventName != constants.VerificationTypeUpdateEmail && eventName != constants.VerificationTypeOTP && eventName != constants.VerificationTypeInviteMember {
 		return false
 	}
 

server/validators/url.go

@@ -30,8 +30,8 @@ func IsValidOrigin(url string) bool {
 		replacedString := origin
 		// if has regex whitelisted domains
 		if strings.Contains(origin, "*") {
-			replacedString = strings.Replace(origin, ".", "\\.", -1)
+			replacedString = strings.ReplaceAll(origin, ".", "\\.")
-			replacedString = strings.Replace(replacedString, "*", ".*", -1)
+			replacedString = strings.ReplaceAll(replacedString, "*", ".*")
 
 			if strings.HasPrefix(replacedString, ".*") {
 				replacedString += "\\b"

templates/dashboard.tmpl

@@ -12,9 +12,901 @@
     <script>
      window.__authorizer__ = {{.data}}
     </script>
+    <style>
+      .rdw-option-wrapper {
+          border: 1px solid #F1F1F1;
+          padding: 5px;
+          min-width: 25px;
+          height: 20px;
+          border-radius: 2px;
+          margin: 0 4px;
+          display: flex;
+          justify-content: center;
+          align-items: center;
+          cursor: pointer;
+          background: white;
+          text-transform: capitalize;
+        }
+        .rdw-option-wrapper:hover {
+          box-shadow: 1px 1px 0px #BFBDBD;
+        }
+        .rdw-option-wrapper:active {
+          box-shadow: 1px 1px 0px #BFBDBD inset;
+        }
+        .rdw-option-active {
+          box-shadow: 1px 1px 0px #BFBDBD inset;
+        }
+        .rdw-option-disabled {
+          opacity: 0.3;
+          cursor: default;
+        }
+
+        .rdw-dropdown-wrapper {
+          height: 30px;
+          background: white;
+          cursor: pointer;
+          border: 1px solid #F1F1F1;
+          border-radius: 2px;
+          margin: 0 3px;
+          text-transform: capitalize;
+          background: white;
+        }
+        .rdw-dropdown-wrapper:focus {
+          outline: none;
+        }
+        .rdw-dropdown-wrapper:hover {
+          box-shadow: 1px 1px 0px #BFBDBD;
+          background-color: #FFFFFF;
+        }
+        .rdw-dropdown-wrapper:active {
+          box-shadow: 1px 1px 0px #BFBDBD inset;
+        }
+        .rdw-dropdown-carettoopen {
+          height: 0px;
+          width: 0px;
+          position: absolute;
+          top: 35%;
+          right: 10%;
+          border-top: 6px solid black;
+          border-left: 5px solid transparent;
+          border-right: 5px solid transparent;
+        }
+        .rdw-dropdown-carettoclose {
+          height: 0px;
+          width: 0px;
+          position: absolute;
+          top: 35%;
+          right: 10%;
+          border-bottom: 6px solid black;
+          border-left: 5px solid transparent;
+          border-right: 5px solid transparent;
+        }
+        .rdw-dropdown-selectedtext {
+          display: flex;
+          position: relative;
+          height: 100%;
+          align-items: center;
+          padding: 0 5px;
+        }
+        .rdw-dropdown-optionwrapper {
+          z-index: 100;
+          position: relative;
+          border: 1px solid #F1F1F1;
+          width: 98%;
+          background: white;
+          border-radius: 2px;
+          margin: 0;
+          padding: 0;
+          max-height: 250px;
+          overflow-y: scroll;
+        }
+        .rdw-dropdown-optionwrapper:hover {
+          box-shadow: 1px 1px 0px #BFBDBD;
+          background-color: #FFFFFF;
+        }
+
+        .rdw-dropdownoption-default {
+          min-height: 25px;
+          display: flex;
+          align-items: center;
+          padding: 0 5px;
+        }
+        .rdw-dropdownoption-highlighted {
+          background: #F1F1F1;
+        }
+        .rdw-dropdownoption-active {
+          background: #f5f5f5;
+        }
+        .rdw-dropdownoption-disabled {
+          opacity: 0.3;
+          cursor: default;
+        }
+
+        .rdw-inline-wrapper {
+          display: flex;
+          align-items: center;
+          margin-bottom: 6px;
+          flex-wrap: wrap
+        }
+        .rdw-inline-dropdown {
+          width: 50px;
+        }
+        .rdw-inline-dropdownoption {
+          height: 40px;
+          display: flex;
+          justify-content: center;
+        }
+
+        .rdw-block-wrapper {
+          display: flex;
+          align-items: center;
+          margin-bottom: 6px;
+          flex-wrap: wrap
+        }
+        .rdw-block-dropdown {
+          width: 110px;
+        }
+
+        .rdw-fontsize-wrapper {
+          display: flex;
+          align-items: center;
+          margin-bottom: 6px;
+          flex-wrap: wrap
+        }
+        .rdw-fontsize-dropdown {
+          min-width: 40px;
+        }
+        .rdw-fontsize-option {
+          display: flex;
+          justify-content: center;
+        }
+
+        .rdw-fontfamily-wrapper {
+          display: flex;
+          align-items: center;
+          margin-bottom: 6px;
+          flex-wrap: wrap
+        }
+        .rdw-fontfamily-dropdown {
+          width: 115px;
+        }
+        .rdw-fontfamily-placeholder {
+          white-space: nowrap;
+          max-width: 90px;
+          overflow: hidden;
+          text-overflow: ellipsis;
+        }
+        .rdw-fontfamily-optionwrapper {
+          width: 140px;
+        }
+
+        .rdw-list-wrapper {
+          display: flex;
+          align-items: center;
+          margin-bottom: 6px;
+          flex-wrap: wrap
+        }
+        .rdw-list-dropdown {
+          width: 50px;
+          z-index: 90;
+        }
+        .rdw-list-dropdownOption {
+          height: 40px;
+          display: flex;
+          justify-content: center;
+        }
+
+        .rdw-text-align-wrapper {
+          display: flex;
+          align-items: center;
+          margin-bottom: 6px;
+          flex-wrap: wrap
+        }
+        .rdw-text-align-dropdown {
+          width: 50px;
+          z-index: 90;
+        }
+        .rdw-text-align-dropdownOption {
+          height: 40px;
+          display: flex;
+          justify-content: center;
+        }
+        .rdw-right-aligned-block {
+          text-align: right;
+        }
+        .rdw-left-aligned-block {
+          text-align: left !important;
+        }
+        .rdw-center-aligned-block {
+          text-align: center !important;
+        }
+        .rdw-justify-aligned-block {
+          text-align: justify !important;
+        }
+        .rdw-right-aligned-block > div {
+          display: inline-block;
+        }
+        .rdw-left-aligned-block > div {
+          display: inline-block;
+        }
+        .rdw-center-aligned-block > div {
+          display: inline-block;
+        }
+        .rdw-justify-aligned-block > div {
+          display: inline-block;
+        }
+
+        .rdw-colorpicker-wrapper {
+          display: flex;
+          align-items: center;
+          margin-bottom: 6px;
+          position: relative;
+          flex-wrap: wrap
+        }
+        .rdw-colorpicker-modal {
+          position: absolute;
+          top: 35px;
+          left: 5px;
+          display: flex;
+          flex-direction: column;
+          width: 175px;
+          height: 175px;
+          border: 1px solid #F1F1F1;
+          padding: 15px;
+          border-radius: 2px;
+          z-index: 100;
+          background: white;
+          box-shadow: 3px 3px 5px #BFBDBD;
+        }
+        .rdw-colorpicker-modal-header {
+          display: flex;
+          padding-bottom: 5px;
+        }
+        .rdw-colorpicker-modal-style-label {
+          font-size: 15px;
+          width: 50%;
+          text-align: center;
+          cursor: pointer;
+          padding: 0 10px 5px;
+        }
+        .rdw-colorpicker-modal-style-label-active {
+          border-bottom: 2px solid #0a66b7;
+        }
+        .rdw-colorpicker-modal-options {
+          margin: 5px auto;
+          display: flex;
+          width: 100%;
+          height: 100%;
+          flex-wrap: wrap;
+          overflow: scroll;
+        }
+        .rdw-colorpicker-cube {
+          width: 22px;
+          height: 22px;
+          border: 1px solid #F1F1F1;
+        }
+        .rdw-colorpicker-option {
+          margin: 3px;
+          padding: 0;
+          min-height: 20px;
+          border: none;
+          width: 22px;
+          height: 22px;
+          min-width: 22px;
+          box-shadow: 1px 2px 1px #BFBDBD inset;
+        }
+        .rdw-colorpicker-option:hover {
+          box-shadow: 1px 2px 1px #BFBDBD;
+        }
+        .rdw-colorpicker-option:active {
+          box-shadow: -1px -2px 1px #BFBDBD;
+        }
+        .rdw-colorpicker-option-active {
+          box-shadow: 0px 0px 2px 2px #BFBDBD;
+        }
+
+        .rdw-link-wrapper {
+          display: flex;
+          align-items: center;
+          margin-bottom: 6px;
+          position: relative;
+          flex-wrap: wrap
+        }
+        .rdw-link-dropdown {
+          width: 50px;
+        }
+        .rdw-link-dropdownOption {
+          height: 40px;
+          display: flex;
+          justify-content: center;
+        }
+        .rdw-link-dropdownPlaceholder {
+          margin-left: 8px;
+        }
+        .rdw-link-modal {
+          position: absolute;
+          top: 35px;
+          left: 5px;
+          display: flex;
+          flex-direction: column;
+          width: 235px;
+          height: 205px;
+          border: 1px solid #F1F1F1;
+          padding: 15px;
+          border-radius: 2px;
+          z-index: 100;
+          background: white;
+          box-shadow: 3px 3px 5px #BFBDBD;
+        }
+        .rdw-link-modal-label {
+          font-size: 15px;
+        }
+        .rdw-link-modal-input {
+          margin-top: 5px;
+          border-radius: 2px;
+          border: 1px solid #F1F1F1;
+          height: 25px;
+          margin-bottom: 15px;
+          padding: 0 5px;
+        }
+        .rdw-link-modal-input:focus {
+          outline: none;
+        }
+        .rdw-link-modal-buttonsection {
+          margin: 0 auto;
+        }
+        .rdw-link-modal-target-option {
+          margin-bottom: 20px;
+        }
+        .rdw-link-modal-target-option > span {
+          margin-left: 5px;
+        }
+        .rdw-link-modal-btn {
+          margin-left: 10px;
+          width: 75px;
+          height: 30px;
+          border: 1px solid #F1F1F1;
+          border-radius: 2px;
+          cursor: pointer;
+          background: white;
+          text-transform: capitalize;
+        }
+        .rdw-link-modal-btn:hover {
+          box-shadow: 1px 1px 0px #BFBDBD;
+        }
+        .rdw-link-modal-btn:active {
+          box-shadow: 1px 1px 0px #BFBDBD inset;
+        }
+        .rdw-link-modal-btn:focus {
+          outline: none !important;
+        }
+        .rdw-link-modal-btn:disabled {
+          background: #ece9e9;
+        }
+        .rdw-link-dropdownoption {
+          height: 40px;
+          display: flex;
+          justify-content: center;
+        }
+        .rdw-history-dropdown {
+          width: 50px;
+        }
+
+        .rdw-embedded-wrapper {
+          display: flex;
+          align-items: center;
+          margin-bottom: 6px;
+          position: relative;
+          flex-wrap: wrap
+        }
+        .rdw-embedded-modal {
+          position: absolute;
+          top: 35px;
+          left: 5px;
+          display: flex;
+          flex-direction: column;
+          width: 235px;
+          height: 180px;
+          border: 1px solid #F1F1F1;
+          padding: 15px;
+          border-radius: 2px;
+          z-index: 100;
+          background: white;
+          justify-content: space-between;
+          box-shadow: 3px 3px 5px #BFBDBD;
+        }
+        .rdw-embedded-modal-header {
+          font-size: 15px;
+          display: flex;
+        }
+        .rdw-embedded-modal-header-option {
+          width: 50%;
+          cursor: pointer;
+          display: flex;
+          justify-content: center;
+          align-items: center;
+          flex-direction: column;
+        }
+        .rdw-embedded-modal-header-label {
+          width: 95px;
+          border: 1px solid #f1f1f1;
+          margin-top: 5px;
+          background: #6EB8D4;
+          border-bottom: 2px solid #0a66b7;
+        }
+        .rdw-embedded-modal-link-section {
+          display: flex;
+          flex-direction: column;
+        }
+        .rdw-embedded-modal-link-input {
+          width: 88%;
+          height: 35px;
+          margin: 10px 0;
+          border: 1px solid #F1F1F1;
+          border-radius: 2px;
+          font-size: 15px;
+          padding: 0 5px;
+        }
+        .rdw-embedded-modal-link-input-wrapper {
+          display: flex;
+          align-items: center;
+        }
+        .rdw-embedded-modal-link-input:focus {
+          outline: none;
+        }
+        .rdw-embedded-modal-btn-section {
+          display: flex;
+          justify-content: center;
+        }
+        .rdw-embedded-modal-btn {
+          margin: 0 3px;
+          width: 75px;
+          height: 30px;
+          border: 1px solid #F1F1F1;
+          border-radius: 2px;
+          cursor: pointer;
+          background: white;
+          text-transform: capitalize;
+        }
+        .rdw-embedded-modal-btn:hover {
+          box-shadow: 1px 1px 0px #BFBDBD;
+        }
+        .rdw-embedded-modal-btn:active {
+          box-shadow: 1px 1px 0px #BFBDBD inset;
+        }
+        .rdw-embedded-modal-btn:focus {
+          outline: none !important;
+        }
+        .rdw-embedded-modal-btn:disabled {
+          background: #ece9e9;
+        }
+        .rdw-embedded-modal-size {
+          align-items: center;
+          display: flex;
+          margin: 8px 0;
+          justify-content: space-between;
+        }
+        .rdw-embedded-modal-size-input {
+          width: 80%;
+          height: 20px;
+          border: 1px solid #F1F1F1;
+          border-radius: 2px;
+          font-size: 12px;
+        }
+        .rdw-embedded-modal-size-input:focus {
+          outline: none;
+        }
+
+        .rdw-emoji-wrapper {
+          display: flex;
+          align-items: center;
+          margin-bottom: 6px;
+          position: relative;
+          flex-wrap: wrap
+        }
+        .rdw-emoji-modal {
+          overflow: auto;
+          position: absolute;
+          top: 35px;
+          left: 5px;
+          display: flex;
+          flex-wrap: wrap;
+          width: 235px;
+          height: 180px;
+          border: 1px solid #F1F1F1;
+          padding: 15px;
+          border-radius: 2px;
+          z-index: 100;
+          background: white;
+          box-shadow: 3px 3px 5px #BFBDBD;
+        }
+        .rdw-emoji-icon {
+          margin: 2.5px;
+          height: 24px;
+          width: 24px;
+          cursor: pointer;
+          font-size: 22px;
+          display: flex;
+          justify-content: center;
+          align-items: center;
+        }
+
+        .rdw-spinner {
+          display: flex;
+          align-items: center;
+          justify-content: center;
+          height: 100%;
+          width: 100%;
+        }
+        .rdw-spinner > div {
+          width: 12px;
+          height: 12px;
+          background-color: #333;
+
+          border-radius: 100%;
+          display: inline-block;
+          -webkit-animation: sk-bouncedelay 1.4s infinite ease-in-out both;
+          animation: sk-bouncedelay 1.4s infinite ease-in-out both;
+        }
+        .rdw-spinner .rdw-bounce1 {
+          -webkit-animation-delay: -0.32s;
+          animation-delay: -0.32s;
+        }
+        .rdw-spinner .rdw-bounce2 {
+          -webkit-animation-delay: -0.16s;
+          animation-delay: -0.16s;
+        }
+        @-webkit-keyframes sk-bouncedelay {
+          0%, 80%, 100% { -webkit-transform: scale(0) }
+          40% { -webkit-transform: scale(1.0) }
+        }
+        @keyframes sk-bouncedelay {
+          0%, 80%, 100% {
+            -webkit-transform: scale(0);
+            transform: scale(0);
+          } 40% {
+            -webkit-transform: scale(1.0);
+            transform: scale(1.0);
+          }
+        }
+
+        .rdw-image-wrapper {
+          display: flex;
+          align-items: center;
+          margin-bottom: 6px;
+          position: relative;
+          flex-wrap: wrap
+        }
+        .rdw-image-modal {
+          position: absolute;
+          top: 35px;
+          left: 5px;
+          display: flex;
+          flex-direction: column;
+          width: 235px;
+          border: 1px solid #F1F1F1;
+          padding: 15px;
+          border-radius: 2px;
+          z-index: 100;
+          background: white;
+          box-shadow: 3px 3px 5px #BFBDBD;
+        }
+        .rdw-image-modal-header {
+          font-size: 15px;
+          margin: 10px 0;
+          display: flex;
+        }
+        .rdw-image-modal-header-option {
+          width: 50%;
+          cursor: pointer;
+          display: flex;
+          justify-content: center;
+          align-items: center;
+          flex-direction: column;
+        }
+        .rdw-image-modal-header-label {
+          width: 80px;
+          background: #f1f1f1;
+          border: 1px solid #f1f1f1;
+          margin-top: 5px;
+        }
+        .rdw-image-modal-header-label-highlighted {
+          background: #6EB8D4;
+          border-bottom: 2px solid #0a66b7;
+        }
+        .rdw-image-modal-upload-option {
+          width: 100%;
+          color: gray;
+          cursor: pointer;
+          display: flex;
+          border: none;
+          font-size: 15px;
+          align-items: center;
+          justify-content: center;
+          background-color: #f1f1f1;
+          outline: 2px dashed gray;
+          outline-offset: -10px;
+          margin: 10px 0;
+          padding: 9px 0;
+        }
+        .rdw-image-modal-upload-option-highlighted {
+          outline: 2px dashed #0a66b7;
+        }
+        .rdw-image-modal-upload-option-label {
+          cursor: pointer;
+          height: 100%;
+          width: 100%;
+          display: flex;
+          justify-content: center;
+          align-items: center;
+          padding: 15px;
+        }
+        .rdw-image-modal-upload-option-label span{
+          padding: 0 20px;
+        }
+        .rdw-image-modal-upload-option-image-preview {
+          max-width: 100%;
+          max-height: 200px;
+        }
+        .rdw-image-modal-upload-option-input {
+          width: 0.1px;
+          height: 0.1px;
+          opacity: 0;
+          overflow: hidden;
+          position: absolute;
+          z-index: -1;
+        }
+        .rdw-image-modal-url-section {
+          display: flex;
+          align-items: center;
+        }
+        .rdw-image-modal-url-input {
+          width: 90%;
+          height: 35px;
+          margin: 15px 0 12px;
+          border: 1px solid #F1F1F1;
+          border-radius: 2px;
+          font-size: 15px;
+          padding: 0 5px;
+        }
+        .rdw-image-modal-btn-section {
+          margin: 10px auto 0;
+        }
+        .rdw-image-modal-url-input:focus {
+          outline: none;
+        }
+        .rdw-image-modal-btn {
+          margin: 0 5px;
+          width: 75px;
+          height: 30px;
+          border: 1px solid #F1F1F1;
+          border-radius: 2px;
+          cursor: pointer;
+          background: white;
+          text-transform: capitalize;
+        }
+        .rdw-image-modal-btn:hover {
+          box-shadow: 1px 1px 0px #BFBDBD;
+        }
+        .rdw-image-modal-btn:active {
+          box-shadow: 1px 1px 0px #BFBDBD inset;
+        }
+        .rdw-image-modal-btn:focus {
+          outline: none !important;
+        }
+        .rdw-image-modal-btn:disabled {
+          background: #ece9e9;
+        }
+        .rdw-image-modal-spinner {
+          position: absolute;
+          top: -3px;
+          left: 0;
+          width: 100%;
+          height: 100%;
+          opacity: 0.5;
+        }
+        .rdw-image-modal-alt-input {
+          width: 70%;
+          height: 20px;
+          border: 1px solid #F1F1F1;
+          border-radius: 2px;
+          font-size: 12px;
+          margin-left: 5px;
+        }
+        .rdw-image-modal-alt-input:focus {
+          outline: none;
+        }
+        .rdw-image-modal-alt-lbl {
+          font-size: 12px;
+        }
+        .rdw-image-modal-size {
+          align-items: center;
+          display: flex;
+          margin: 8px 0;
+          justify-content: space-between;
+        }
+        .rdw-image-modal-size-input {
+          width: 40%;
+          height: 20px;
+          border: 1px solid #F1F1F1;
+          border-radius: 2px;
+          font-size: 12px;
+        }
+        .rdw-image-modal-size-input:focus {
+          outline: none;
+        }
+        .rdw-image-mandatory-sign {
+          color: red;
+          margin-left: 3px;
+          margin-right: 3px;
+        }
+
+        .rdw-remove-wrapper {
+          display: flex;
+          align-items: center;
+          margin-bottom: 6px;
+          position: relative;
+          flex-wrap: wrap
+        }
+
+        .rdw-history-wrapper {
+          display: flex;
+          align-items: center;
+          margin-bottom: 6px;
+          flex-wrap: wrap
+        }
+        .rdw-history-dropdownoption {
+          height: 40px;
+          display: flex;
+          justify-content: center;
+        }
+        .rdw-history-dropdown {
+          width: 50px;
+        }
+
+        .rdw-link-decorator-wrapper {
+          position: relative;
+        }
+        .rdw-link-decorator-icon {
+          position: absolute;
+          left: 40%;
+          top: 0;
+          cursor: pointer;
+          background-color: white;
+        }
+
+        .rdw-mention-link {
+          text-decoration: none;
+          color: #1236ff;
+          background-color: #f0fbff;
+          padding: 1px 2px;
+          border-radius: 2px;
+        }
+
+        .rdw-suggestion-wrapper {
+          position: relative;
+        }
+        .rdw-suggestion-dropdown {
+          position: absolute;
+          display: flex;
+          flex-direction: column;
+          border: 1px solid #F1F1F1;
+          min-width: 100px;
+          max-height: 150px;
+          overflow: auto;
+          background: white;
+          z-index: 100;
+        }
+        .rdw-suggestion-option {
+          padding: 7px 5px;
+          border-bottom: 1px solid #f1f1f1;
+        }
+        .rdw-suggestion-option-active {
+          background-color: #F1F1F1;
+        }
+
+        .rdw-hashtag-link {
+          text-decoration: none;
+          color: #1236ff;
+          background-color: #f0fbff;
+          padding: 1px 2px;
+          border-radius: 2px;
+        }
+
+        .rdw-image-alignment-options-popup {
+          position: absolute;
+          background: white;
+          display: flex;
+          padding: 5px 2px;
+          border-radius: 2px;
+          border: 1px solid #F1F1F1;
+          width: 105px;
+          cursor: pointer;
+          z-index: 100;
+        }
+        .rdw-alignment-option-left {
+          justify-content: flex-start;
+        }
+        .rdw-image-alignment-option {
+          height: 15px;
+          width: 15px;
+          min-width: 15px;
+        }
+        .rdw-image-alignment {
+          position: relative;
+        }
+        .rdw-image-imagewrapper {
+          position: relative;
+        }
+        .rdw-image-center {
+          display: flex;
+          justify-content: center;
+        }
+        .rdw-image-left {
+          display: flex;
+        }
+        .rdw-image-right {
+          display: flex;
+          justify-content: flex-end;
+        }
+        .rdw-image-alignment-options-popup-right {
+          right: 0;
+        }
+
+        .rdw-editor-main {
+          height: 100%;
+          overflow: auto;
+          box-sizing: border-box;
+        }
+        .rdw-editor-toolbar {
+          padding: 6px 5px 0;
+          border-radius: 2px;
+          border: 1px solid #F1F1F1;
+          display: flex;
+          justify-content: flex-start;
+          background: white;
+          flex-wrap: wrap;
+          font-size: 15px;
+          margin-bottom: 5px;
+          user-select: none;
+        }
+        .public-DraftStyleDefault-block {
+          margin: 1em 0;
+        }
+        .rdw-editor-wrapper:focus {
+          outline: none;
+        }
+        .rdw-editor-wrapper {
+          box-sizing: content-box;
+        }
+        .rdw-editor-main blockquote {
+          border-left: 5px solid #f1f1f1;
+          padding-left: 5px;
+        }
+        .rdw-editor-main pre {
+          background: #f1f1f1;
+          border-radius: 3px;
+          padding: 1px 10px;
+        }
+        /**
+        * Draft v0.9.1
+        *
+        * Copyright (c) 2013-present, Facebook, Inc.
+        * All rights reserved.
+        *
+        * This source code is licensed under the BSD-style license found in the
+        * LICENSE file in the root directory of this source tree. An additional grant
+        * of patent rights can be found in the PATENTS file in the same directory.
+        */
+        .DraftEditor-editorContainer,.DraftEditor-root,.public-DraftEditor-content{height:inherit;text-align:initial}.public-DraftEditor-content[contenteditable=true]{-webkit-user-modify:read-write-plaintext-only}.DraftEditor-root{position:relative}.DraftEditor-editorContainer{background-color:rgba(255,255,255,0);border-left:.1px solid transparent;position:relative;z-index:1}.public-DraftEditor-block{position:relative}.DraftEditor-alignLeft .public-DraftStyleDefault-block{text-align:left}.DraftEditor-alignLeft .public-DraftEditorPlaceholder-root{left:0;text-align:left}.DraftEditor-alignCenter .public-DraftStyleDefault-block{text-align:center}.DraftEditor-alignCenter .public-DraftEditorPlaceholder-root{margin:0 auto;text-align:center;width:100%}.DraftEditor-alignRight .public-DraftStyleDefault-block{text-align:right}.DraftEditor-alignRight .public-DraftEditorPlaceholder-root{right:0;text-align:right}.public-DraftEditorPlaceholder-root{color:#9197a3;position:absolute;z-index:0}.public-DraftEditorPlaceholder-hasFocus{color:#bdc1c9}.DraftEditorPlaceholder-hidden{display:none}.public-DraftStyleDefault-block{position:relative;white-space:pre-wrap}.public-DraftStyleDefault-ltr{direction:ltr;text-align:left}.public-DraftStyleDefault-rtl{direction:rtl;text-align:right}.public-DraftStyleDefault-listLTR{direction:ltr}.public-DraftStyleDefault-listRTL{direction:rtl}.public-DraftStyleDefault-ol,.public-DraftStyleDefault-ul{margin:16px 0;padding:0}.public-DraftStyleDefault-depth0.public-DraftStyleDefault-listLTR{margin-left:1.5em}.public-DraftStyleDefault-depth0.public-DraftStyleDefault-listRTL{margin-right:1.5em}.public-DraftStyleDefault-depth1.public-DraftStyleDefault-listLTR{margin-left:3em}.public-DraftStyleDefault-depth1.public-DraftStyleDefault-listRTL{margin-right:3em}.public-DraftStyleDefault-depth2.public-DraftStyleDefault-listLTR{margin-left:4.5em}.public-DraftStyleDefault-depth2.public-DraftStyleDefault-listRTL{margin-right:4.5em}.public-DraftStyleDefault-depth3.public-DraftStyleDefault-listLTR{margin-left:6em}.public-DraftStyleDefault-depth3.public-DraftStyleDefault-listRTL{margin-right:6em}.public-DraftStyleDefault-depth4.public-DraftStyleDefault-listLTR{margin-left:7.5em}.public-DraftStyleDefault-depth4.public-DraftStyleDefault-listRTL{margin-right:7.5em}.public-DraftStyleDefault-unorderedListItem{list-style-type:square;position:relative}.public-DraftStyleDefault-unorderedListItem.public-DraftStyleDefault-depth0{list-style-type:disc}.public-DraftStyleDefault-unorderedListItem.public-DraftStyleDefault-depth1{list-style-type:circle}.public-DraftStyleDefault-orderedListItem{list-style-type:none;position:relative}.public-DraftStyleDefault-orderedListItem.public-DraftStyleDefault-listLTR:before{left:-36px;position:absolute;text-align:right;width:30px}.public-DraftStyleDefault-orderedListItem.public-DraftStyleDefault-listRTL:before{position:absolute;right:-36px;text-align:left;width:30px}.public-DraftStyleDefault-orderedListItem:before{content:counter(ol0) ". ";counter-increment:ol0}.public-DraftStyleDefault-orderedListItem.public-DraftStyleDefault-depth1:before{content:counter(ol1) ". ";counter-increment:ol1}.public-DraftStyleDefault-orderedListItem.public-DraftStyleDefault-depth2:before{content:counter(ol2) ". ";counter-increment:ol2}.public-DraftStyleDefault-orderedListItem.public-DraftStyleDefault-depth3:before{content:counter(ol3) ". ";counter-increment:ol3}.public-DraftStyleDefault-orderedListItem.public-DraftStyleDefault-depth4:before{content:counter(ol4) ". ";counter-increment:ol4}.public-DraftStyleDefault-depth0.public-DraftStyleDefault-reset{counter-reset:ol0}.public-DraftStyleDefault-depth1.public-DraftStyleDefault-reset{counter-reset:ol1}.public-DraftStyleDefault-depth2.public-DraftStyleDefault-reset{counter-reset:ol2}.public-DraftStyleDefault-depth3.public-DraftStyleDefault-reset{counter-reset:ol3}.public-DraftStyleDefault-depth4.public-DraftStyleDefault-reset{counter-reset:ol4}
+
+
+        /*# sourceMappingURL=react-draft-wysiwyg.css.map*/
+    </style>
   </head>
   <body>
     <div id="root"></div>
     <script type="module" src="/dashboard/build/index.js"></script>
+    <script>var global = global || window;</script>
   </body>
 </html>