Merge pull request #403 from authorizerdev/fix/upgrade-packages

fix: upgrade packages

.env.sample

@@ -1,4 +1,5 @@
 ENV=production
 DATABASE_URL=data.db
 DATABASE_TYPE=sqlite
-CUSTOM_ACCESS_TOKEN_SCRIPT="function(user,tokenPayload){var data = tokenPayload;data.extra = {'x-extra-id': user.id};return data;}"
+CUSTOM_ACCESS_TOKEN_SCRIPT="function(user,tokenPayload){var data = tokenPayload;data.extra = {'x-extra-id': user.id};return data;}"
+DISABLE_PLAYGROUND=true

.github/workflows/release.yaml

@@ -62,12 +62,14 @@ jobs:
         run: |
           make clean && \
           make build && \
+          mkdir -p authorizer-${VERSION}-darwin-arm64/build authorizer-${VERSION}-darwin-arm64/app authorizer-${VERSION}-darwin-arm64/dashboard && cp build/darwin/arm64/server authorizer-${VERSION}-darwin-arm64/build/ && cp .env authorizer-${VERSION}-darwin-arm64/.env && cp -rf app/build authorizer-${VERSION}-darwin-arm64/app/build && cp -rf templates authorizer-${VERSION}-darwin-arm64/ && cp -rf dashboard/build authorizer-${VERSION}-darwin-arm64/dashboard/build && tar cvfz authorizer-${VERSION}-darwin-arm64.tar.gz authorizer-${VERSION}-darwin-arm64 && \
           mkdir -p authorizer-${VERSION}-darwin-amd64/build authorizer-${VERSION}-darwin-amd64/app authorizer-${VERSION}-darwin-amd64/dashboard && cp build/darwin/amd64/server authorizer-${VERSION}-darwin-amd64/build/ && cp .env authorizer-${VERSION}-darwin-amd64/.env && cp -rf app/build authorizer-${VERSION}-darwin-amd64/app/build && cp -rf templates authorizer-${VERSION}-darwin-amd64/ && cp -rf dashboard/build authorizer-${VERSION}-darwin-amd64/dashboard/build && tar cvfz authorizer-${VERSION}-darwin-amd64.tar.gz authorizer-${VERSION}-darwin-amd64 && \
           mkdir -p authorizer-${VERSION}-linux-amd64/build authorizer-${VERSION}-linux-amd64/app authorizer-${VERSION}-linux-amd64/dashboard && cp build/linux/amd64/server authorizer-${VERSION}-linux-amd64/build/ && cp .env authorizer-${VERSION}-linux-amd64/.env && cp -rf app/build authorizer-${VERSION}-linux-amd64/app/build && cp -rf templates authorizer-${VERSION}-linux-amd64/ && cp -rf dashboard/build authorizer-${VERSION}-linux-amd64/dashboard/build && tar cvfz authorizer-${VERSION}-linux-amd64.tar.gz authorizer-${VERSION}-linux-amd64 && \
           mkdir -p authorizer-${VERSION}-linux-arm64/build authorizer-${VERSION}-linux-arm64/app authorizer-${VERSION}-linux-arm64/dashboard && cp build/linux/arm64/server authorizer-${VERSION}-linux-arm64/build/ && cp .env authorizer-${VERSION}-linux-arm64/.env && cp -rf app/build authorizer-${VERSION}-linux-arm64/app/build && cp -rf templates authorizer-${VERSION}-linux-arm64/ && cp -rf dashboard/build authorizer-${VERSION}-linux-arm64/dashboard/build && tar cvfz authorizer-${VERSION}-linux-arm64.tar.gz authorizer-${VERSION}-linux-arm64 && \
           mkdir -p authorizer-${VERSION}-windows-amd64/build authorizer-${VERSION}-windows-amd64/app authorizer-${VERSION}-windows-amd64/dashboard && cp build/windows/amd64/server.exe authorizer-${VERSION}-windows-amd64/build/ && cp .env authorizer-${VERSION}-windows-amd64/.env && cp -rf app/build authorizer-${VERSION}-windows-amd64/app/build && cp -rf templates authorizer-${VERSION}-windows-amd64/ && cp -rf dashboard/build authorizer-${VERSION}-windows-amd64/dashboard/build && zip -vr authorizer-${VERSION}-windows-amd64.zip authorizer-${VERSION}-windows-amd64
       - name: Upload assets
         run: |
+          github-assets-uploader -f authorizer-${VERSION}-darwin-arm64.tar.gz -mediatype application/gzip -repo authorizerdev/authorizer -token ${{secrets.RELEASE_TOKEN}} -tag ${VERSION}
           github-assets-uploader -f authorizer-${VERSION}-darwin-amd64.tar.gz -mediatype application/gzip -repo authorizerdev/authorizer -token ${{secrets.RELEASE_TOKEN}} -tag ${VERSION}
           github-assets-uploader -f authorizer-${VERSION}-linux-amd64.tar.gz -mediatype application/gzip -repo authorizerdev/authorizer -token ${{secrets.RELEASE_TOKEN}} -tag ${VERSION}
           github-assets-uploader -f authorizer-${VERSION}-linux-arm64.tar.gz -mediatype application/gzip -repo authorizerdev/authorizer -token ${{secrets.RELEASE_TOKEN}} -tag ${VERSION}

.gitignore

@@ -17,4 +17,5 @@ test.db
 yalc.lock
 certs/
 *-shm
-*-wal
+*-wal
+.idea

Dockerfile

@@ -1,4 +1,4 @@
-FROM golang:1.19.5-alpine as go-builder
+FROM golang:1.21.3-alpine3.18 as go-builder
 WORKDIR /authorizer
 COPY server server
 COPY Makefile .
@@ -11,7 +11,7 @@ RUN apk add build-base &&\
     make clean && make && \
     chmod 777 build/server
 
-FROM node:17-alpine3.12 as node-builder
+FROM node:20-alpine3.18 as node-builder
 WORKDIR /authorizer
 COPY app app
 COPY dashboard dashboard
@@ -20,7 +20,7 @@ RUN apk add build-base &&\
     make build-app && \
     make build-dashboard
 
-FROM alpine:latest
+FROM alpine:3.18
 RUN adduser -D -h /authorizer -u 1000 -k /dev/null authorizer
 WORKDIR /authorizer
 RUN mkdir app dashboard

Makefile

@@ -5,7 +5,7 @@ cmd:
 	cd server && go build -ldflags "-w -X main.VERSION=$(VERSION)" -o '../build/server'
 build:
 	cd server && gox \
-		-osarch="linux/amd64 linux/arm64 darwin/amd64 windows/amd64" \
+		-osarch="linux/amd64 linux/arm64 darwin/arm64 darwin/amd64 windows/amd64" \
 		-ldflags "-w -X main.VERSION=$(VERSION)" \
 		-output="../build/{{.OS}}/{{.Arch}}/server" \
 		./...
@@ -30,7 +30,7 @@ test-arangodb:
 	cd server && go clean --testcache && TEST_DBS="arangodb" go test -p 1 -v ./test
 	docker rm -vf authorizer_arangodb
 test-dynamodb:
-	docker run -d --name dynamodb-local-test  -p 8000:8000 amazon/dynamodb-local:latest 
+	docker run -d --name dynamodb-local-test  -p 8000:8000 amazon/dynamodb-local:latest
 	cd server && go clean --testcache && TEST_DBS="dynamodb" go test -p 1 -v ./test
 	docker rm -vf dynamodb-local-test
 test-couchbase:
@@ -56,4 +56,4 @@ generate-graphql:
 	cd server && go run github.com/99designs/gqlgen generate && go mod tidy
 generate-db-template:
 	cp -rf server/db/providers/provider_template server/db/providers/${dbname}
-	find server/db/providers/${dbname} -type f -exec sed -i -e 's/provider_template/${dbname}/g' {} \;
+	find server/db/providers/${dbname} -type f -exec sed -i -e 's/provider_template/${dbname}/g' {} \;

README.md

@@ -68,6 +68,7 @@ Deploy production ready Authorizer instance using one click deployment options a
 |    Railway.app     |                    <a href="https://railway.app/new/template/nwXp1C?referralCode=FEF4uT"><img src="https://railway.app/button.svg" style="height: 44px" alt="Deploy on Railway"></a>                     | [docs](https://docs.authorizer.dev/deployment/railway) |
 |       Heroku       | <a href="https://heroku.com/deploy?template=https://github.com/authorizerdev/authorizer-heroku"><img src="https://www.herokucdn.com/deploy/button.svg" alt="Deploy to Heroku" style="height: 44px;"></a> | [docs](https://docs.authorizer.dev/deployment/heroku)  |
 |       Render       |                     [![Deploy to Render](https://render.com/images/deploy-to-render-button.svg)](https://render.com/deploy?repo=https://github.com/authorizerdev/authorizer-render)                      | [docs](https://docs.authorizer.dev/deployment/render)  |
+|       Koyeb       | <a target="_blank" href="https://app.koyeb.com/deploy?name=authorizer&type=docker&image=docker.io/lakhansamani/authorizer&env[PORT]=8000&env[DATABASE_TYPE]=postgres&env[DATABASE_URL]=CHANGE_ME&ports=8000;http;/"><img alt="Deploy to Koyeb" src="https://www.koyeb.com/static/images/deploy/button.svg" /></a> | [docs](https://docs.authorizer.dev/deployment/koyeb)  |
 
 ### Deploy Authorizer Using Source Code
 

app/yarn.lock

@@ -3,125 +3,125 @@
 
 
 "@authorizerdev/authorizer-js@^1.2.6":
-  "integrity" "sha512-9+9phHUMF+AeDM0y+XQvIRDoerOXnQ1vfTfYN6KxWN1apdrkAd9nzS1zUsA2uJSnX3fFZOErn83GjbYYCYF1BA=="
-  "resolved" "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-1.2.6.tgz"
-  "version" "1.2.6"
+  version "1.2.6"
+  resolved "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-1.2.6.tgz"
+  integrity sha512-9+9phHUMF+AeDM0y+XQvIRDoerOXnQ1vfTfYN6KxWN1apdrkAd9nzS1zUsA2uJSnX3fFZOErn83GjbYYCYF1BA==
   dependencies:
-    "cross-fetch" "^3.1.5"
+    cross-fetch "^3.1.5"
 
 "@authorizerdev/authorizer-react@^1.1.13":
-  "integrity" "sha512-LmpzyfR0+nEn+bjUrb/QU9b3kiVoYzMBIvcQ1nV4TNvrvVSqbLPKk+GmoIPkiBEtfy/QSM6XFLkiGNGD9BRP+g=="
-  "resolved" "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.1.13.tgz"
-  "version" "1.1.13"
+  version "1.1.13"
+  resolved "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.1.13.tgz"
+  integrity sha512-LmpzyfR0+nEn+bjUrb/QU9b3kiVoYzMBIvcQ1nV4TNvrvVSqbLPKk+GmoIPkiBEtfy/QSM6XFLkiGNGD9BRP+g==
   dependencies:
     "@authorizerdev/authorizer-js" "^1.2.6"
 
 "@babel/code-frame@^7.16.7":
-  "integrity" "sha512-iAXqUn8IIeBTNd72xsFlgaXHkMBMt6y4HJp1tIaK465CWLT/fG1aqB7ykr95gHHmlBdGbFeWWfyB4NJJ0nmeIg=="
-  "resolved" "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.16.7.tgz"
-  "version" "7.16.7"
+  version "7.16.7"
+  resolved "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.16.7.tgz"
+  integrity sha512-iAXqUn8IIeBTNd72xsFlgaXHkMBMt6y4HJp1tIaK465CWLT/fG1aqB7ykr95gHHmlBdGbFeWWfyB4NJJ0nmeIg==
   dependencies:
     "@babel/highlight" "^7.16.7"
 
 "@babel/generator@^7.16.8":
-  "integrity" "sha512-1ojZwE9+lOXzcWdWmO6TbUzDfqLD39CmEhN8+2cX9XkDo5yW1OpgfejfliysR2AWLpMamTiOiAp/mtroaymhpw=="
-  "resolved" "https://registry.npmjs.org/@babel/generator/-/generator-7.16.8.tgz"
-  "version" "7.16.8"
+  version "7.16.8"
+  resolved "https://registry.npmjs.org/@babel/generator/-/generator-7.16.8.tgz"
+  integrity sha512-1ojZwE9+lOXzcWdWmO6TbUzDfqLD39CmEhN8+2cX9XkDo5yW1OpgfejfliysR2AWLpMamTiOiAp/mtroaymhpw==
   dependencies:
     "@babel/types" "^7.16.8"
-    "jsesc" "^2.5.1"
-    "source-map" "^0.5.0"
+    jsesc "^2.5.1"
+    source-map "^0.5.0"
 
 "@babel/helper-annotate-as-pure@^7.16.0":
-  "integrity" "sha512-s6t2w/IPQVTAET1HitoowRGXooX8mCgtuP5195wD/QJPV6wYjpujCGF7JuMODVX2ZAJOf1GT6DT9MHEZvLOFSw=="
-  "resolved" "https://registry.npmjs.org/@babel/helper-annotate-as-pure/-/helper-annotate-as-pure-7.16.7.tgz"
-  "version" "7.16.7"
+  version "7.16.7"
+  resolved "https://registry.npmjs.org/@babel/helper-annotate-as-pure/-/helper-annotate-as-pure-7.16.7.tgz"
+  integrity sha512-s6t2w/IPQVTAET1HitoowRGXooX8mCgtuP5195wD/QJPV6wYjpujCGF7JuMODVX2ZAJOf1GT6DT9MHEZvLOFSw==
   dependencies:
     "@babel/types" "^7.16.7"
 
 "@babel/helper-environment-visitor@^7.16.7":
-  "integrity" "sha512-SLLb0AAn6PkUeAfKJCCOl9e1R53pQlGAfc4y4XuMRZfqeMYLE0dM1LMhqbGAlGQY0lfw5/ohoYWAe9V1yibRag=="
-  "resolved" "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.16.7.tgz"
-  "version" "7.16.7"
+  version "7.16.7"
+  resolved "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.16.7.tgz"
+  integrity sha512-SLLb0AAn6PkUeAfKJCCOl9e1R53pQlGAfc4y4XuMRZfqeMYLE0dM1LMhqbGAlGQY0lfw5/ohoYWAe9V1yibRag==
   dependencies:
     "@babel/types" "^7.16.7"
 
 "@babel/helper-function-name@^7.16.7":
-  "integrity" "sha512-QfDfEnIUyyBSR3HtrtGECuZ6DAyCkYFp7GHl75vFtTnn6pjKeK0T1DB5lLkFvBea8MdaiUABx3osbgLyInoejA=="
-  "resolved" "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.16.7.tgz"
-  "version" "7.16.7"
+  version "7.16.7"
+  resolved "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.16.7.tgz"
+  integrity sha512-QfDfEnIUyyBSR3HtrtGECuZ6DAyCkYFp7GHl75vFtTnn6pjKeK0T1DB5lLkFvBea8MdaiUABx3osbgLyInoejA==
   dependencies:
     "@babel/helper-get-function-arity" "^7.16.7"
     "@babel/template" "^7.16.7"
     "@babel/types" "^7.16.7"
 
 "@babel/helper-get-function-arity@^7.16.7":
-  "integrity" "sha512-flc+RLSOBXzNzVhcLu6ujeHUrD6tANAOU5ojrRx/as+tbzf8+stUCj7+IfRRoAbEZqj/ahXEMsjhOhgeZsrnTw=="
-  "resolved" "https://registry.npmjs.org/@babel/helper-get-function-arity/-/helper-get-function-arity-7.16.7.tgz"
-  "version" "7.16.7"
+  version "7.16.7"
+  resolved "https://registry.npmjs.org/@babel/helper-get-function-arity/-/helper-get-function-arity-7.16.7.tgz"
+  integrity sha512-flc+RLSOBXzNzVhcLu6ujeHUrD6tANAOU5ojrRx/as+tbzf8+stUCj7+IfRRoAbEZqj/ahXEMsjhOhgeZsrnTw==
   dependencies:
     "@babel/types" "^7.16.7"
 
 "@babel/helper-hoist-variables@^7.16.7":
-  "integrity" "sha512-m04d/0Op34H5v7pbZw6pSKP7weA6lsMvfiIAMeIvkY/R4xQtBSMFEigu9QTZ2qB/9l22vsxtM8a+Q8CzD255fg=="
-  "resolved" "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.16.7.tgz"
-  "version" "7.16.7"
+  version "7.16.7"
+  resolved "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.16.7.tgz"
+  integrity sha512-m04d/0Op34H5v7pbZw6pSKP7weA6lsMvfiIAMeIvkY/R4xQtBSMFEigu9QTZ2qB/9l22vsxtM8a+Q8CzD255fg==
   dependencies:
     "@babel/types" "^7.16.7"
 
 "@babel/helper-module-imports@^7.0.0", "@babel/helper-module-imports@^7.16.0":
-  "integrity" "sha512-LVtS6TqjJHFc+nYeITRo6VLXve70xmq7wPhWTqDJusJEgGmkAACWwMiTNrvfoQo6hEhFwAIixNkvB0jPXDL8Wg=="
-  "resolved" "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.16.7.tgz"
-  "version" "7.16.7"
+  version "7.16.7"
+  resolved "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.16.7.tgz"
+  integrity sha512-LVtS6TqjJHFc+nYeITRo6VLXve70xmq7wPhWTqDJusJEgGmkAACWwMiTNrvfoQo6hEhFwAIixNkvB0jPXDL8Wg==
   dependencies:
     "@babel/types" "^7.16.7"
 
 "@babel/helper-split-export-declaration@^7.16.7":
-  "integrity" "sha512-xbWoy/PFoxSWazIToT9Sif+jJTlrMcndIsaOKvTA6u7QEo7ilkRZpjew18/W3c7nm8fXdUDXh02VXTbZ0pGDNw=="
-  "resolved" "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.16.7.tgz"
-  "version" "7.16.7"
+  version "7.16.7"
+  resolved "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.16.7.tgz"
+  integrity sha512-xbWoy/PFoxSWazIToT9Sif+jJTlrMcndIsaOKvTA6u7QEo7ilkRZpjew18/W3c7nm8fXdUDXh02VXTbZ0pGDNw==
   dependencies:
     "@babel/types" "^7.16.7"
 
 "@babel/helper-validator-identifier@^7.16.7":
-  "integrity" "sha512-hsEnFemeiW4D08A5gUAZxLBTXpZ39P+a+DGDsHw1yxqyQ/jzFEnxf5uTEGp+3bzAbNOxU1paTgYS4ECU/IgfDw=="
-  "resolved" "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.16.7.tgz"
-  "version" "7.16.7"
+  version "7.16.7"
+  resolved "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.16.7.tgz"
+  integrity sha512-hsEnFemeiW4D08A5gUAZxLBTXpZ39P+a+DGDsHw1yxqyQ/jzFEnxf5uTEGp+3bzAbNOxU1paTgYS4ECU/IgfDw==
 
 "@babel/highlight@^7.16.7":
-  "integrity" "sha512-5FnTQLSLswEj6IkgVw5KusNUUFY9ZGqe/TRFnP/BKYHYgfh7tc+C7mwiy95/yNP7Dh9x580Vv8r7u7ZfTBFxdw=="
-  "resolved" "https://registry.npmjs.org/@babel/highlight/-/highlight-7.16.10.tgz"
-  "version" "7.16.10"
+  version "7.16.10"
+  resolved "https://registry.npmjs.org/@babel/highlight/-/highlight-7.16.10.tgz"
+  integrity sha512-5FnTQLSLswEj6IkgVw5KusNUUFY9ZGqe/TRFnP/BKYHYgfh7tc+C7mwiy95/yNP7Dh9x580Vv8r7u7ZfTBFxdw==
   dependencies:
     "@babel/helper-validator-identifier" "^7.16.7"
-    "chalk" "^2.0.0"
-    "js-tokens" "^4.0.0"
+    chalk "^2.0.0"
+    js-tokens "^4.0.0"
 
 "@babel/parser@^7.16.10", "@babel/parser@^7.16.7":
-  "integrity" "sha512-VfaV15po8RiZssrkPweyvbGVSe4x2y+aciFCgn0n0/SJMR22cwofRV1mtnJQYcSB1wUTaA/X1LnA3es66MCO5A=="
-  "resolved" "https://registry.npmjs.org/@babel/parser/-/parser-7.16.12.tgz"
-  "version" "7.16.12"
+  version "7.16.12"
+  resolved "https://registry.npmjs.org/@babel/parser/-/parser-7.16.12.tgz"
+  integrity sha512-VfaV15po8RiZssrkPweyvbGVSe4x2y+aciFCgn0n0/SJMR22cwofRV1mtnJQYcSB1wUTaA/X1LnA3es66MCO5A==
 
 "@babel/runtime@^7.1.2", "@babel/runtime@^7.12.1":
-  "integrity" "sha512-twj3L8Og5SaCRCErB4x4ajbvBIVV77CGeFglHpeg5WC5FF8TZzBWXtTJ4MqaD9QszLYTtr+IsaAL2rEUevb+eg=="
-  "resolved" "https://registry.npmjs.org/@babel/runtime/-/runtime-7.14.8.tgz"
-  "version" "7.14.8"
+  version "7.14.8"
+  resolved "https://registry.npmjs.org/@babel/runtime/-/runtime-7.14.8.tgz"
+  integrity sha512-twj3L8Og5SaCRCErB4x4ajbvBIVV77CGeFglHpeg5WC5FF8TZzBWXtTJ4MqaD9QszLYTtr+IsaAL2rEUevb+eg==
   dependencies:
-    "regenerator-runtime" "^0.13.4"
+    regenerator-runtime "^0.13.4"
 
 "@babel/template@^7.16.7":
-  "integrity" "sha512-I8j/x8kHUrbYRTUxXrrMbfCa7jxkE7tZre39x3kjr9hvI82cK1FfqLygotcWN5kdPGWcLdWMHpSBavse5tWw3w=="
-  "resolved" "https://registry.npmjs.org/@babel/template/-/template-7.16.7.tgz"
-  "version" "7.16.7"
+  version "7.16.7"
+  resolved "https://registry.npmjs.org/@babel/template/-/template-7.16.7.tgz"
+  integrity sha512-I8j/x8kHUrbYRTUxXrrMbfCa7jxkE7tZre39x3kjr9hvI82cK1FfqLygotcWN5kdPGWcLdWMHpSBavse5tWw3w==
   dependencies:
     "@babel/code-frame" "^7.16.7"
     "@babel/parser" "^7.16.7"
     "@babel/types" "^7.16.7"
 
 "@babel/traverse@^7.4.5":
-  "integrity" "sha512-yzuaYXoRJBGMlBhsMJoUW7G1UmSb/eXr/JHYM/MsOJgavJibLwASijW7oXBdw3NQ6T0bW7Ty5P/VarOs9cHmqw=="
-  "resolved" "https://registry.npmjs.org/@babel/traverse/-/traverse-7.16.10.tgz"
-  "version" "7.16.10"
+  version "7.16.10"
+  resolved "https://registry.npmjs.org/@babel/traverse/-/traverse-7.16.10.tgz"
+  integrity sha512-yzuaYXoRJBGMlBhsMJoUW7G1UmSb/eXr/JHYM/MsOJgavJibLwASijW7oXBdw3NQ6T0bW7Ty5P/VarOs9cHmqw==
   dependencies:
     "@babel/code-frame" "^7.16.7"
     "@babel/generator" "^7.16.8"
@@ -131,458 +131,458 @@
     "@babel/helper-split-export-declaration" "^7.16.7"
     "@babel/parser" "^7.16.10"
     "@babel/types" "^7.16.8"
-    "debug" "^4.1.0"
-    "globals" "^11.1.0"
+    debug "^4.1.0"
+    globals "^11.1.0"
 
 "@babel/types@^7.16.7", "@babel/types@^7.16.8":
-  "integrity" "sha512-smN2DQc5s4M7fntyjGtyIPbRJv6wW4rU/94fmYJ7PKQuZkC0qGMHXJbg6sNGt12JmVr4k5YaptI/XtiLJBnmIg=="
-  "resolved" "https://registry.npmjs.org/@babel/types/-/types-7.16.8.tgz"
-  "version" "7.16.8"
+  version "7.16.8"
+  resolved "https://registry.npmjs.org/@babel/types/-/types-7.16.8.tgz"
+  integrity sha512-smN2DQc5s4M7fntyjGtyIPbRJv6wW4rU/94fmYJ7PKQuZkC0qGMHXJbg6sNGt12JmVr4k5YaptI/XtiLJBnmIg==
   dependencies:
     "@babel/helper-validator-identifier" "^7.16.7"
-    "to-fast-properties" "^2.0.0"
+    to-fast-properties "^2.0.0"
 
 "@emotion/is-prop-valid@^0.8.8":
-  "integrity" "sha512-u5WtneEAr5IDG2Wv65yhunPSMLIpuKsbuOktRojfrEiEvRyC85LgPMZI63cr7NUqT8ZIGdSVg8ZKGxIug4lXcA=="
-  "resolved" "https://registry.npmjs.org/@emotion/is-prop-valid/-/is-prop-valid-0.8.8.tgz"
-  "version" "0.8.8"
+  version "0.8.8"
+  resolved "https://registry.npmjs.org/@emotion/is-prop-valid/-/is-prop-valid-0.8.8.tgz"
+  integrity sha512-u5WtneEAr5IDG2Wv65yhunPSMLIpuKsbuOktRojfrEiEvRyC85LgPMZI63cr7NUqT8ZIGdSVg8ZKGxIug4lXcA==
   dependencies:
     "@emotion/memoize" "0.7.4"
 
 "@emotion/memoize@0.7.4":
-  "integrity" "sha512-Ja/Vfqe3HpuzRsG1oBtWTHk2PGZ7GR+2Vz5iYGelAw8dx32K0y7PjVuxK6z1nMpZOqAFsRUPCkK1YjJ56qJlgw=="
-  "resolved" "https://registry.npmjs.org/@emotion/memoize/-/memoize-0.7.4.tgz"
-  "version" "0.7.4"
+  version "0.7.4"
+  resolved "https://registry.npmjs.org/@emotion/memoize/-/memoize-0.7.4.tgz"
+  integrity sha512-Ja/Vfqe3HpuzRsG1oBtWTHk2PGZ7GR+2Vz5iYGelAw8dx32K0y7PjVuxK6z1nMpZOqAFsRUPCkK1YjJ56qJlgw==
 
 "@emotion/stylis@^0.8.4":
-  "integrity" "sha512-h6KtPihKFn3T9fuIrwvXXUOwlx3rfUvfZIcP5a6rh8Y7zjE3O06hT5Ss4S/YI1AYhuZ1kjaE/5EaOOI2NqSylQ=="
-  "resolved" "https://registry.npmjs.org/@emotion/stylis/-/stylis-0.8.5.tgz"
-  "version" "0.8.5"
+  version "0.8.5"
+  resolved "https://registry.npmjs.org/@emotion/stylis/-/stylis-0.8.5.tgz"
+  integrity sha512-h6KtPihKFn3T9fuIrwvXXUOwlx3rfUvfZIcP5a6rh8Y7zjE3O06hT5Ss4S/YI1AYhuZ1kjaE/5EaOOI2NqSylQ==
 
 "@emotion/unitless@^0.7.4":
-  "integrity" "sha512-OWORNpfjMsSSUBVrRBVGECkhWcULOAJz9ZW8uK9qgxD+87M7jHRcvh/A96XXNhXTLmKcoYSQtBEX7lHMO7YRwg=="
-  "resolved" "https://registry.npmjs.org/@emotion/unitless/-/unitless-0.7.5.tgz"
-  "version" "0.7.5"
+  version "0.7.5"
+  resolved "https://registry.npmjs.org/@emotion/unitless/-/unitless-0.7.5.tgz"
+  integrity sha512-OWORNpfjMsSSUBVrRBVGECkhWcULOAJz9ZW8uK9qgxD+87M7jHRcvh/A96XXNhXTLmKcoYSQtBEX7lHMO7YRwg==
 
 "@types/history@*":
-  "integrity" "sha512-MUc6zSmU3tEVnkQ78q0peeEjKWPUADMlC/t++2bI8WnAG2tvYRPIgHG8lWkXwqc8MsUF6Z2MOf+Mh5sazOmhiQ=="
-  "resolved" "https://registry.npmjs.org/@types/history/-/history-4.7.9.tgz"
-  "version" "4.7.9"
+  version "4.7.9"
+  resolved "https://registry.npmjs.org/@types/history/-/history-4.7.9.tgz"
+  integrity sha512-MUc6zSmU3tEVnkQ78q0peeEjKWPUADMlC/t++2bI8WnAG2tvYRPIgHG8lWkXwqc8MsUF6Z2MOf+Mh5sazOmhiQ==
 
 "@types/hoist-non-react-statics@*":
-  "integrity" "sha512-iMIqiko6ooLrTh1joXodJK5X9xeEALT1kM5G3ZLhD3hszxBdIEd5C75U834D9mLcINgD4OyZf5uQXjkuYydWvA=="
-  "resolved" "https://registry.npmjs.org/@types/hoist-non-react-statics/-/hoist-non-react-statics-3.3.1.tgz"
-  "version" "3.3.1"
+  version "3.3.1"
+  resolved "https://registry.npmjs.org/@types/hoist-non-react-statics/-/hoist-non-react-statics-3.3.1.tgz"
+  integrity sha512-iMIqiko6ooLrTh1joXodJK5X9xeEALT1kM5G3ZLhD3hszxBdIEd5C75U834D9mLcINgD4OyZf5uQXjkuYydWvA==
   dependencies:
     "@types/react" "*"
-    "hoist-non-react-statics" "^3.3.0"
+    hoist-non-react-statics "^3.3.0"
 
 "@types/prop-types@*":
-  "integrity" "sha512-rZ5drC/jWjrArrS8BR6SIr4cWpW09RNTYt9AMZo3Jwwif+iacXAqgVjm0B0Bv/S1jhDXKHqRVNCbACkJ89RAnQ=="
-  "resolved" "https://registry.npmjs.org/@types/prop-types/-/prop-types-15.7.4.tgz"
-  "version" "15.7.4"
+  version "15.7.4"
+  resolved "https://registry.npmjs.org/@types/prop-types/-/prop-types-15.7.4.tgz"
+  integrity sha512-rZ5drC/jWjrArrS8BR6SIr4cWpW09RNTYt9AMZo3Jwwif+iacXAqgVjm0B0Bv/S1jhDXKHqRVNCbACkJ89RAnQ==
 
 "@types/react-dom@^17.0.9":
-  "integrity" "sha512-wIvGxLfgpVDSAMH5utdL9Ngm5Owu0VsGmldro3ORLXV8CShrL8awVj06NuEXFQ5xyaYfdca7Sgbk/50Ri1GdPg=="
-  "resolved" "https://registry.npmjs.org/@types/react-dom/-/react-dom-17.0.9.tgz"
-  "version" "17.0.9"
+  version "17.0.9"
+  resolved "https://registry.npmjs.org/@types/react-dom/-/react-dom-17.0.9.tgz"
+  integrity sha512-wIvGxLfgpVDSAMH5utdL9Ngm5Owu0VsGmldro3ORLXV8CShrL8awVj06NuEXFQ5xyaYfdca7Sgbk/50Ri1GdPg==
   dependencies:
     "@types/react" "*"
 
 "@types/react-router-dom@^5.1.8":
-  "integrity" "sha512-03xHyncBzG0PmDmf8pf3rehtjY0NpUj7TIN46FrT5n1ZWHPZvXz32gUyNboJ+xsL8cpg8bQVLcllptcQHvocrw=="
-  "resolved" "https://registry.npmjs.org/@types/react-router-dom/-/react-router-dom-5.1.8.tgz"
-  "version" "5.1.8"
+  version "5.1.8"
+  resolved "https://registry.npmjs.org/@types/react-router-dom/-/react-router-dom-5.1.8.tgz"
+  integrity sha512-03xHyncBzG0PmDmf8pf3rehtjY0NpUj7TIN46FrT5n1ZWHPZvXz32gUyNboJ+xsL8cpg8bQVLcllptcQHvocrw==
   dependencies:
     "@types/history" "*"
     "@types/react" "*"
     "@types/react-router" "*"
 
 "@types/react-router@*":
-  "integrity" "sha512-8d7nR/fNSqlTFGHti0R3F9WwIertOaaA1UEB8/jr5l5mDMOs4CidEgvvYMw4ivqrBK+vtVLxyTj2P+Pr/dtgzg=="
-  "resolved" "https://registry.npmjs.org/@types/react-router/-/react-router-5.1.16.tgz"
-  "version" "5.1.16"
+  version "5.1.16"
+  resolved "https://registry.npmjs.org/@types/react-router/-/react-router-5.1.16.tgz"
+  integrity sha512-8d7nR/fNSqlTFGHti0R3F9WwIertOaaA1UEB8/jr5l5mDMOs4CidEgvvYMw4ivqrBK+vtVLxyTj2P+Pr/dtgzg==
   dependencies:
     "@types/history" "*"
     "@types/react" "*"
 
 "@types/react@*", "@types/react@^17.0.15":
-  "integrity" "sha512-uTKHDK9STXFHLaKv6IMnwp52fm0hwU+N89w/p9grdUqcFA6WuqDyPhaWopbNyE1k/VhgzmHl8pu1L4wITtmlLw=="
-  "resolved" "https://registry.npmjs.org/@types/react/-/react-17.0.15.tgz"
-  "version" "17.0.15"
+  version "17.0.15"
+  resolved "https://registry.npmjs.org/@types/react/-/react-17.0.15.tgz"
+  integrity sha512-uTKHDK9STXFHLaKv6IMnwp52fm0hwU+N89w/p9grdUqcFA6WuqDyPhaWopbNyE1k/VhgzmHl8pu1L4wITtmlLw==
   dependencies:
     "@types/prop-types" "*"
     "@types/scheduler" "*"
-    "csstype" "^3.0.2"
+    csstype "^3.0.2"
 
 "@types/scheduler@*":
-  "integrity" "sha512-hppQEBDmlwhFAXKJX2KnWLYu5yMfi91yazPb2l+lbJiwW+wdo1gNeRA+3RgNSO39WYX2euey41KEwnqesU2Jew=="
-  "resolved" "https://registry.npmjs.org/@types/scheduler/-/scheduler-0.16.2.tgz"
-  "version" "0.16.2"
+  version "0.16.2"
+  resolved "https://registry.npmjs.org/@types/scheduler/-/scheduler-0.16.2.tgz"
+  integrity sha512-hppQEBDmlwhFAXKJX2KnWLYu5yMfi91yazPb2l+lbJiwW+wdo1gNeRA+3RgNSO39WYX2euey41KEwnqesU2Jew==
 
 "@types/styled-components@^5.1.11":
-  "integrity" "sha512-fgwl+0Pa8pdkwXRoVPP9JbqF0Ivo9llnmsm+7TCI330kbPIFd9qv1Lrhr37shf4tnxCOSu+/IgqM7uJXLWZZNQ=="
-  "resolved" "https://registry.npmjs.org/@types/styled-components/-/styled-components-5.1.25.tgz"
-  "version" "5.1.25"
+  version "5.1.25"
+  resolved "https://registry.npmjs.org/@types/styled-components/-/styled-components-5.1.25.tgz"
+  integrity sha512-fgwl+0Pa8pdkwXRoVPP9JbqF0Ivo9llnmsm+7TCI330kbPIFd9qv1Lrhr37shf4tnxCOSu+/IgqM7uJXLWZZNQ==
   dependencies:
     "@types/hoist-non-react-statics" "*"
     "@types/react" "*"
-    "csstype" "^3.0.2"
+    csstype "^3.0.2"
 
-"ansi-styles@^3.2.1":
-  "integrity" "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA=="
-  "resolved" "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz"
-  "version" "3.2.1"
+ansi-styles@^3.2.1:
+  version "3.2.1"
+  resolved "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz"
+  integrity sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==
   dependencies:
-    "color-convert" "^1.9.0"
+    color-convert "^1.9.0"
 
 "babel-plugin-styled-components@>= 1.12.0":
-  "integrity" "sha512-7eG5NE8rChnNTDxa6LQfynwgHTVOYYaHJbUYSlOhk8QBXIQiMBKq4gyfHBBKPrxUcVBXVJL61ihduCpCQbuNbw=="
-  "resolved" "https://registry.npmjs.org/babel-plugin-styled-components/-/babel-plugin-styled-components-2.0.2.tgz"
-  "version" "2.0.2"
+  version "2.0.2"
+  resolved "https://registry.npmjs.org/babel-plugin-styled-components/-/babel-plugin-styled-components-2.0.2.tgz"
+  integrity sha512-7eG5NE8rChnNTDxa6LQfynwgHTVOYYaHJbUYSlOhk8QBXIQiMBKq4gyfHBBKPrxUcVBXVJL61ihduCpCQbuNbw==
   dependencies:
     "@babel/helper-annotate-as-pure" "^7.16.0"
     "@babel/helper-module-imports" "^7.16.0"
-    "babel-plugin-syntax-jsx" "^6.18.0"
-    "lodash" "^4.17.11"
+    babel-plugin-syntax-jsx "^6.18.0"
+    lodash "^4.17.11"
 
-"babel-plugin-syntax-jsx@^6.18.0":
-  "integrity" "sha1-CvMqmm4Tyno/1QaeYtew9Y0NiUY="
-  "resolved" "https://registry.npmjs.org/babel-plugin-syntax-jsx/-/babel-plugin-syntax-jsx-6.18.0.tgz"
-  "version" "6.18.0"
+babel-plugin-syntax-jsx@^6.18.0:
+  version "6.18.0"
+  resolved "https://registry.npmjs.org/babel-plugin-syntax-jsx/-/babel-plugin-syntax-jsx-6.18.0.tgz"
+  integrity sha1-CvMqmm4Tyno/1QaeYtew9Y0NiUY=
 
-"camelize@^1.0.0":
-  "integrity" "sha1-FkpUg+Yw+kMh5a8HAg5TGDGyYJs="
-  "resolved" "https://registry.npmjs.org/camelize/-/camelize-1.0.0.tgz"
-  "version" "1.0.0"
+camelize@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.npmjs.org/camelize/-/camelize-1.0.0.tgz"
+  integrity sha1-FkpUg+Yw+kMh5a8HAg5TGDGyYJs=
 
-"chalk@^2.0.0":
-  "integrity" "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ=="
-  "resolved" "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz"
-  "version" "2.4.2"
+chalk@^2.0.0:
+  version "2.4.2"
+  resolved "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz"
+  integrity sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==
   dependencies:
-    "ansi-styles" "^3.2.1"
-    "escape-string-regexp" "^1.0.5"
-    "supports-color" "^5.3.0"
+    ansi-styles "^3.2.1"
+    escape-string-regexp "^1.0.5"
+    supports-color "^5.3.0"
 
-"color-convert@^1.9.0":
-  "integrity" "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg=="
-  "resolved" "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz"
-  "version" "1.9.3"
+color-convert@^1.9.0:
+  version "1.9.3"
+  resolved "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz"
+  integrity sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==
   dependencies:
-    "color-name" "1.1.3"
+    color-name "1.1.3"
 
-"color-name@1.1.3":
-  "integrity" "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU="
-  "resolved" "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz"
-  "version" "1.1.3"
+color-name@1.1.3:
+  version "1.1.3"
+  resolved "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz"
+  integrity sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=
 
-"cross-fetch@^3.1.5":
-  "integrity" "sha512-cvA+JwZoU0Xq+h6WkMvAUqPEYy92Obet6UdKLfW60qn99ftItKjB5T+BkyWOFWe2pUyfQ+IJHmpOTznqk1M6Kg=="
-  "resolved" "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.8.tgz"
-  "version" "3.1.8"
+cross-fetch@^3.1.5:
+  version "3.1.8"
+  resolved "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.8.tgz"
+  integrity sha512-cvA+JwZoU0Xq+h6WkMvAUqPEYy92Obet6UdKLfW60qn99ftItKjB5T+BkyWOFWe2pUyfQ+IJHmpOTznqk1M6Kg==
   dependencies:
-    "node-fetch" "^2.6.12"
+    node-fetch "^2.6.12"
 
-"css-color-keywords@^1.0.0":
-  "integrity" "sha1-/qJhbcZ2spYmhrOvjb2+GAskTgU="
-  "resolved" "https://registry.npmjs.org/css-color-keywords/-/css-color-keywords-1.0.0.tgz"
-  "version" "1.0.0"
+css-color-keywords@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.npmjs.org/css-color-keywords/-/css-color-keywords-1.0.0.tgz"
+  integrity sha1-/qJhbcZ2spYmhrOvjb2+GAskTgU=
 
-"css-to-react-native@^3.0.0":
-  "integrity" "sha512-Ro1yETZA813eoyUp2GDBhG2j+YggidUmzO1/v9eYBKR2EHVEniE2MI/NqpTQ954BMpTPZFsGNPm46qFB9dpaPQ=="
-  "resolved" "https://registry.npmjs.org/css-to-react-native/-/css-to-react-native-3.0.0.tgz"
-  "version" "3.0.0"
+css-to-react-native@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.npmjs.org/css-to-react-native/-/css-to-react-native-3.0.0.tgz"
+  integrity sha512-Ro1yETZA813eoyUp2GDBhG2j+YggidUmzO1/v9eYBKR2EHVEniE2MI/NqpTQ954BMpTPZFsGNPm46qFB9dpaPQ==
   dependencies:
-    "camelize" "^1.0.0"
-    "css-color-keywords" "^1.0.0"
-    "postcss-value-parser" "^4.0.2"
+    camelize "^1.0.0"
+    css-color-keywords "^1.0.0"
+    postcss-value-parser "^4.0.2"
 
-"csstype@^3.0.2":
-  "integrity" "sha512-jXKhWqXPmlUeoQnF/EhTtTl4C9SnrxSH/jZUih3jmO6lBKr99rP3/+FmrMj4EFpOXzMtXHAZkd3x0E6h6Fgflw=="
-  "resolved" "https://registry.npmjs.org/csstype/-/csstype-3.0.8.tgz"
-  "version" "3.0.8"
+csstype@^3.0.2:
+  version "3.0.8"
+  resolved "https://registry.npmjs.org/csstype/-/csstype-3.0.8.tgz"
+  integrity sha512-jXKhWqXPmlUeoQnF/EhTtTl4C9SnrxSH/jZUih3jmO6lBKr99rP3/+FmrMj4EFpOXzMtXHAZkd3x0E6h6Fgflw==
 
-"debug@^4.1.0":
-  "integrity" "sha512-/zxw5+vh1Tfv+4Qn7a5nsbcJKPaSvCDhojn6FEl9vupwK2VCSDtEiEtqr8DFtzYFOdz63LBkxec7DYuc2jon6Q=="
-  "resolved" "https://registry.npmjs.org/debug/-/debug-4.3.3.tgz"
-  "version" "4.3.3"
+debug@^4.1.0:
+  version "4.3.3"
+  resolved "https://registry.npmjs.org/debug/-/debug-4.3.3.tgz"
+  integrity sha512-/zxw5+vh1Tfv+4Qn7a5nsbcJKPaSvCDhojn6FEl9vupwK2VCSDtEiEtqr8DFtzYFOdz63LBkxec7DYuc2jon6Q==
   dependencies:
-    "ms" "2.1.2"
+    ms "2.1.2"
 
-"esbuild@^0.12.17":
-  "integrity" "sha512-GshKJyVYUnlSXIZj/NheC2O0Kblh42CS7P1wJyTbbIHevTG4jYMS9NNw8EOd8dDWD0dzydYHS01MpZoUcQXB4g=="
-  "resolved" "https://registry.npmjs.org/esbuild/-/esbuild-0.12.17.tgz"
-  "version" "0.12.17"
+esbuild@^0.12.17:
+  version "0.12.17"
+  resolved "https://registry.npmjs.org/esbuild/-/esbuild-0.12.17.tgz"
+  integrity sha512-GshKJyVYUnlSXIZj/NheC2O0Kblh42CS7P1wJyTbbIHevTG4jYMS9NNw8EOd8dDWD0dzydYHS01MpZoUcQXB4g==
 
-"escape-string-regexp@^1.0.5":
-  "integrity" "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ="
-  "resolved" "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz"
-  "version" "1.0.5"
+escape-string-regexp@^1.0.5:
+  version "1.0.5"
+  resolved "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz"
+  integrity sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=
 
-"globals@^11.1.0":
-  "integrity" "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA=="
-  "resolved" "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz"
-  "version" "11.12.0"
+globals@^11.1.0:
+  version "11.12.0"
+  resolved "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz"
+  integrity sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==
 
-"has-flag@^3.0.0":
-  "integrity" "sha1-tdRU3CGZriJWmfNGfloH87lVuv0="
-  "resolved" "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz"
-  "version" "3.0.0"
+has-flag@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz"
+  integrity sha1-tdRU3CGZriJWmfNGfloH87lVuv0=
 
-"history@^4.9.0":
-  "integrity" "sha512-36nwAD620w12kuzPAsyINPWJqlNbij+hpK1k9XRloDtym8mxzGYl2c17LnV6IAGB2Dmg4tEa7G7DlawS0+qjew=="
-  "resolved" "https://registry.npmjs.org/history/-/history-4.10.1.tgz"
-  "version" "4.10.1"
+history@^4.9.0:
+  version "4.10.1"
+  resolved "https://registry.npmjs.org/history/-/history-4.10.1.tgz"
+  integrity sha512-36nwAD620w12kuzPAsyINPWJqlNbij+hpK1k9XRloDtym8mxzGYl2c17LnV6IAGB2Dmg4tEa7G7DlawS0+qjew==
   dependencies:
     "@babel/runtime" "^7.1.2"
-    "loose-envify" "^1.2.0"
-    "resolve-pathname" "^3.0.0"
-    "tiny-invariant" "^1.0.2"
-    "tiny-warning" "^1.0.0"
-    "value-equal" "^1.0.1"
+    loose-envify "^1.2.0"
+    resolve-pathname "^3.0.0"
+    tiny-invariant "^1.0.2"
+    tiny-warning "^1.0.0"
+    value-equal "^1.0.1"
 
-"hoist-non-react-statics@^3.0.0", "hoist-non-react-statics@^3.1.0", "hoist-non-react-statics@^3.3.0":
-  "integrity" "sha512-/gGivxi8JPKWNm/W0jSmzcMPpfpPLc3dY/6GxhX2hQ9iGj3aDfklV4ET7NjKpSinLpJ5vafa9iiGIEZg10SfBw=="
-  "resolved" "https://registry.npmjs.org/hoist-non-react-statics/-/hoist-non-react-statics-3.3.2.tgz"
-  "version" "3.3.2"
+hoist-non-react-statics@^3.0.0, hoist-non-react-statics@^3.1.0, hoist-non-react-statics@^3.3.0:
+  version "3.3.2"
+  resolved "https://registry.npmjs.org/hoist-non-react-statics/-/hoist-non-react-statics-3.3.2.tgz"
+  integrity sha512-/gGivxi8JPKWNm/W0jSmzcMPpfpPLc3dY/6GxhX2hQ9iGj3aDfklV4ET7NjKpSinLpJ5vafa9iiGIEZg10SfBw==
   dependencies:
-    "react-is" "^16.7.0"
+    react-is "^16.7.0"
 
-"isarray@0.0.1":
-  "integrity" "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8="
-  "resolved" "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz"
-  "version" "0.0.1"
+isarray@0.0.1:
+  version "0.0.1"
+  resolved "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz"
+  integrity sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8=
 
-"js-tokens@^3.0.0 || ^4.0.0", "js-tokens@^4.0.0":
-  "integrity" "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ=="
-  "resolved" "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz"
-  "version" "4.0.0"
+"js-tokens@^3.0.0 || ^4.0.0", js-tokens@^4.0.0:
+  version "4.0.0"
+  resolved "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz"
+  integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==
 
-"jsesc@^2.5.1":
-  "integrity" "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA=="
-  "resolved" "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz"
-  "version" "2.5.2"
+jsesc@^2.5.1:
+  version "2.5.2"
+  resolved "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz"
+  integrity sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==
 
-"lodash@^4.17.11":
-  "integrity" "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg=="
-  "resolved" "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz"
-  "version" "4.17.21"
+lodash@^4.17.11:
+  version "4.17.21"
+  resolved "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz"
+  integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==
 
-"loose-envify@^1.1.0", "loose-envify@^1.2.0", "loose-envify@^1.3.1", "loose-envify@^1.4.0":
-  "integrity" "sha512-lyuxPGr/Wfhrlem2CL/UcnUc1zcqKAImBDzukY7Y5F/yQiNdko6+fRLevlw1HgMySw7f611UIY408EtxRSoK3Q=="
-  "resolved" "https://registry.npmjs.org/loose-envify/-/loose-envify-1.4.0.tgz"
-  "version" "1.4.0"
+loose-envify@^1.1.0, loose-envify@^1.2.0, loose-envify@^1.3.1, loose-envify@^1.4.0:
+  version "1.4.0"
+  resolved "https://registry.npmjs.org/loose-envify/-/loose-envify-1.4.0.tgz"
+  integrity sha512-lyuxPGr/Wfhrlem2CL/UcnUc1zcqKAImBDzukY7Y5F/yQiNdko6+fRLevlw1HgMySw7f611UIY408EtxRSoK3Q==
   dependencies:
-    "js-tokens" "^3.0.0 || ^4.0.0"
+    js-tokens "^3.0.0 || ^4.0.0"
 
-"mini-create-react-context@^0.4.0":
-  "integrity" "sha512-YWCYEmd5CQeHGSAKrYvXgmzzkrvssZcuuQDDeqkT+PziKGMgE+0MCCtcKbROzocGBG1meBLl2FotlRwf4gAzbQ=="
-  "resolved" "https://registry.npmjs.org/mini-create-react-context/-/mini-create-react-context-0.4.1.tgz"
-  "version" "0.4.1"
+mini-create-react-context@^0.4.0:
+  version "0.4.1"
+  resolved "https://registry.npmjs.org/mini-create-react-context/-/mini-create-react-context-0.4.1.tgz"
+  integrity sha512-YWCYEmd5CQeHGSAKrYvXgmzzkrvssZcuuQDDeqkT+PziKGMgE+0MCCtcKbROzocGBG1meBLl2FotlRwf4gAzbQ==
   dependencies:
     "@babel/runtime" "^7.12.1"
-    "tiny-warning" "^1.0.3"
+    tiny-warning "^1.0.3"
 
-"ms@2.1.2":
-  "integrity" "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
-  "resolved" "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz"
-  "version" "2.1.2"
+ms@2.1.2:
+  version "2.1.2"
+  resolved "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz"
+  integrity sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==
 
-"node-fetch@^2.6.12":
-  "integrity" "sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g=="
-  "resolved" "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.12.tgz"
-  "version" "2.6.12"
+node-fetch@^2.6.12:
+  version "2.6.12"
+  resolved "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.12.tgz"
+  integrity sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g==
   dependencies:
-    "whatwg-url" "^5.0.0"
+    whatwg-url "^5.0.0"
 
-"object-assign@^4.1.1":
-  "integrity" "sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM="
-  "resolved" "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz"
-  "version" "4.1.1"
+object-assign@^4.1.1:
+  version "4.1.1"
+  resolved "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz"
+  integrity sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM=
 
-"path-to-regexp@^1.7.0":
-  "integrity" "sha512-n43JRhlUKUAlibEJhPeir1ncUID16QnEjNpwzNdO3Lm4ywrBpBZ5oLD0I6br9evr1Y9JTqwRtAh7JLoOzAQdVA=="
-  "resolved" "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-1.8.0.tgz"
-  "version" "1.8.0"
+path-to-regexp@^1.7.0:
+  version "1.8.0"
+  resolved "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-1.8.0.tgz"
+  integrity sha512-n43JRhlUKUAlibEJhPeir1ncUID16QnEjNpwzNdO3Lm4ywrBpBZ5oLD0I6br9evr1Y9JTqwRtAh7JLoOzAQdVA==
   dependencies:
-    "isarray" "0.0.1"
+    isarray "0.0.1"
 
-"postcss-value-parser@^4.0.2":
-  "integrity" "sha512-1NNCs6uurfkVbeXG4S8JFT9t19m45ICnif8zWLd5oPSZ50QnwMfK+H3jv408d4jw/7Bttv5axS5IiHoLaVNHeQ=="
-  "resolved" "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-4.2.0.tgz"
-  "version" "4.2.0"
+postcss-value-parser@^4.0.2:
+  version "4.2.0"
+  resolved "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-4.2.0.tgz"
+  integrity sha512-1NNCs6uurfkVbeXG4S8JFT9t19m45ICnif8zWLd5oPSZ50QnwMfK+H3jv408d4jw/7Bttv5axS5IiHoLaVNHeQ==
 
-"prettier@2.7.1":
-  "integrity" "sha512-ujppO+MkdPqoVINuDFDRLClm7D78qbDt0/NR+wp5FqEZOoTNAjPHWj17QRhu7geIHJfcNhRk1XVQmF8Bp3ye+g=="
-  "resolved" "https://registry.npmjs.org/prettier/-/prettier-2.7.1.tgz"
-  "version" "2.7.1"
+prettier@2.7.1:
+  version "2.7.1"
+  resolved "https://registry.npmjs.org/prettier/-/prettier-2.7.1.tgz"
+  integrity sha512-ujppO+MkdPqoVINuDFDRLClm7D78qbDt0/NR+wp5FqEZOoTNAjPHWj17QRhu7geIHJfcNhRk1XVQmF8Bp3ye+g==
 
-"prop-types@^15.0.0", "prop-types@^15.6.2":
-  "integrity" "sha512-8QQikdH7//R2vurIJSutZ1smHYTcLpRWEOlHnzcWHmBYrOGUysKwSsrC89BCiFj3CbrfJ/nXFdJepOVrY1GCHQ=="
-  "resolved" "https://registry.npmjs.org/prop-types/-/prop-types-15.7.2.tgz"
-  "version" "15.7.2"
+prop-types@^15.0.0, prop-types@^15.6.2:
+  version "15.7.2"
+  resolved "https://registry.npmjs.org/prop-types/-/prop-types-15.7.2.tgz"
+  integrity sha512-8QQikdH7//R2vurIJSutZ1smHYTcLpRWEOlHnzcWHmBYrOGUysKwSsrC89BCiFj3CbrfJ/nXFdJepOVrY1GCHQ==
   dependencies:
-    "loose-envify" "^1.4.0"
-    "object-assign" "^4.1.1"
-    "react-is" "^16.8.1"
+    loose-envify "^1.4.0"
+    object-assign "^4.1.1"
+    react-is "^16.8.1"
 
-"react-dom@^17.0.2", "react-dom@>= 16.8.0":
-  "integrity" "sha512-s4h96KtLDUQlsENhMn1ar8t2bEa+q/YAtj8pPPdIjPDGBDIVNsrD9aXNWqspUe6AzKCIG0C1HZZLqLV7qpOBGA=="
-  "resolved" "https://registry.npmjs.org/react-dom/-/react-dom-17.0.2.tgz"
-  "version" "17.0.2"
+react-dom@^17.0.2, "react-dom@>= 16.8.0":
+  version "17.0.2"
+  resolved "https://registry.npmjs.org/react-dom/-/react-dom-17.0.2.tgz"
+  integrity sha512-s4h96KtLDUQlsENhMn1ar8t2bEa+q/YAtj8pPPdIjPDGBDIVNsrD9aXNWqspUe6AzKCIG0C1HZZLqLV7qpOBGA==
   dependencies:
-    "loose-envify" "^1.1.0"
-    "object-assign" "^4.1.1"
-    "scheduler" "^0.20.2"
+    loose-envify "^1.1.0"
+    object-assign "^4.1.1"
+    scheduler "^0.20.2"
 
-"react-is@^16.6.0":
-  "integrity" "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ=="
-  "resolved" "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz"
-  "version" "16.13.1"
+react-is@^16.6.0:
+  version "16.13.1"
+  resolved "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz"
+  integrity sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==
 
-"react-is@^16.7.0":
-  "integrity" "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ=="
-  "resolved" "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz"
-  "version" "16.13.1"
+react-is@^16.7.0:
+  version "16.13.1"
+  resolved "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz"
+  integrity sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==
 
-"react-is@^16.8.1":
-  "integrity" "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ=="
-  "resolved" "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz"
-  "version" "16.13.1"
+react-is@^16.8.1:
+  version "16.13.1"
+  resolved "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz"
+  integrity sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==
 
-"react-is@^17.0.2", "react-is@>= 16.8.0":
-  "integrity" "sha512-w2GsyukL62IJnlaff/nRegPQR94C/XXamvMWmSHRJ4y7Ts/4ocGRmTHvOs8PSE6pB3dWOrD/nueuU5sduBsQ4w=="
-  "resolved" "https://registry.npmjs.org/react-is/-/react-is-17.0.2.tgz"
-  "version" "17.0.2"
+react-is@^17.0.2, "react-is@>= 16.8.0":
+  version "17.0.2"
+  resolved "https://registry.npmjs.org/react-is/-/react-is-17.0.2.tgz"
+  integrity sha512-w2GsyukL62IJnlaff/nRegPQR94C/XXamvMWmSHRJ4y7Ts/4ocGRmTHvOs8PSE6pB3dWOrD/nueuU5sduBsQ4w==
 
-"react-router-dom@^5.2.0":
-  "integrity" "sha512-gxAmfylo2QUjcwxI63RhQ5G85Qqt4voZpUXSEqCwykV0baaOTQDR1f0PmY8AELqIyVc0NEZUj0Gov5lNGcXgsA=="
-  "resolved" "https://registry.npmjs.org/react-router-dom/-/react-router-dom-5.2.0.tgz"
-  "version" "5.2.0"
+react-router-dom@^5.2.0:
+  version "5.2.0"
+  resolved "https://registry.npmjs.org/react-router-dom/-/react-router-dom-5.2.0.tgz"
+  integrity sha512-gxAmfylo2QUjcwxI63RhQ5G85Qqt4voZpUXSEqCwykV0baaOTQDR1f0PmY8AELqIyVc0NEZUj0Gov5lNGcXgsA==
   dependencies:
     "@babel/runtime" "^7.1.2"
-    "history" "^4.9.0"
-    "loose-envify" "^1.3.1"
-    "prop-types" "^15.6.2"
-    "react-router" "5.2.0"
-    "tiny-invariant" "^1.0.2"
-    "tiny-warning" "^1.0.0"
+    history "^4.9.0"
+    loose-envify "^1.3.1"
+    prop-types "^15.6.2"
+    react-router "5.2.0"
+    tiny-invariant "^1.0.2"
+    tiny-warning "^1.0.0"
 
-"react-router@5.2.0":
-  "integrity" "sha512-smz1DUuFHRKdcJC0jobGo8cVbhO3x50tCL4icacOlcwDOEQPq4TMqwx3sY1TP+DvtTgz4nm3thuo7A+BK2U0Dw=="
-  "resolved" "https://registry.npmjs.org/react-router/-/react-router-5.2.0.tgz"
-  "version" "5.2.0"
+react-router@5.2.0:
+  version "5.2.0"
+  resolved "https://registry.npmjs.org/react-router/-/react-router-5.2.0.tgz"
+  integrity sha512-smz1DUuFHRKdcJC0jobGo8cVbhO3x50tCL4icacOlcwDOEQPq4TMqwx3sY1TP+DvtTgz4nm3thuo7A+BK2U0Dw==
   dependencies:
     "@babel/runtime" "^7.1.2"
-    "history" "^4.9.0"
-    "hoist-non-react-statics" "^3.1.0"
-    "loose-envify" "^1.3.1"
-    "mini-create-react-context" "^0.4.0"
-    "path-to-regexp" "^1.7.0"
-    "prop-types" "^15.6.2"
-    "react-is" "^16.6.0"
-    "tiny-invariant" "^1.0.2"
-    "tiny-warning" "^1.0.0"
+    history "^4.9.0"
+    hoist-non-react-statics "^3.1.0"
+    loose-envify "^1.3.1"
+    mini-create-react-context "^0.4.0"
+    path-to-regexp "^1.7.0"
+    prop-types "^15.6.2"
+    react-is "^16.6.0"
+    tiny-invariant "^1.0.2"
+    tiny-warning "^1.0.0"
 
-"react@^0.14.0 || ^15.0.0 || ^16.0.0 || ^17.0.0", "react@^17.0.2", "react@>= 16.8.0", "react@>=15", "react@>=16", "react@17.0.2":
-  "integrity" "sha512-gnhPt75i/dq/z3/6q/0asP78D0u592D5L1pd7M8P+dck6Fu/jJeL6iVVK23fptSUZj8Vjf++7wXA8UNclGQcbA=="
-  "resolved" "https://registry.npmjs.org/react/-/react-17.0.2.tgz"
-  "version" "17.0.2"
+"react@^0.14.0 || ^15.0.0 || ^16.0.0 || ^17.0.0", react@^17.0.2, "react@>= 16.8.0", react@>=15, react@>=16, react@17.0.2:
+  version "17.0.2"
+  resolved "https://registry.npmjs.org/react/-/react-17.0.2.tgz"
+  integrity sha512-gnhPt75i/dq/z3/6q/0asP78D0u592D5L1pd7M8P+dck6Fu/jJeL6iVVK23fptSUZj8Vjf++7wXA8UNclGQcbA==
   dependencies:
-    "loose-envify" "^1.1.0"
-    "object-assign" "^4.1.1"
+    loose-envify "^1.1.0"
+    object-assign "^4.1.1"
 
-"regenerator-runtime@^0.13.4":
-  "integrity" "sha512-p3VT+cOEgxFsRRA9X4lkI1E+k2/CtnKtU4gcxyaCUreilL/vqI6CdZ3wxVUx3UOUg+gnUOQQcRI7BmSI656MYA=="
-  "resolved" "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.13.9.tgz"
-  "version" "0.13.9"
+regenerator-runtime@^0.13.4:
+  version "0.13.9"
+  resolved "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.13.9.tgz"
+  integrity sha512-p3VT+cOEgxFsRRA9X4lkI1E+k2/CtnKtU4gcxyaCUreilL/vqI6CdZ3wxVUx3UOUg+gnUOQQcRI7BmSI656MYA==
 
-"resolve-pathname@^3.0.0":
-  "integrity" "sha512-C7rARubxI8bXFNB/hqcp/4iUeIXJhJZvFPFPiSPRnhU5UPxzMFIl+2E6yY6c4k9giDJAhtV+enfA+G89N6Csng=="
-  "resolved" "https://registry.npmjs.org/resolve-pathname/-/resolve-pathname-3.0.0.tgz"
-  "version" "3.0.0"
+resolve-pathname@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.npmjs.org/resolve-pathname/-/resolve-pathname-3.0.0.tgz"
+  integrity sha512-C7rARubxI8bXFNB/hqcp/4iUeIXJhJZvFPFPiSPRnhU5UPxzMFIl+2E6yY6c4k9giDJAhtV+enfA+G89N6Csng==
 
-"scheduler@^0.20.2":
-  "integrity" "sha512-2eWfGgAqqWFGqtdMmcL5zCMK1U8KlXv8SQFGglL3CEtd0aDVDWgeF/YoCmvln55m5zSk3J/20hTaSBeSObsQDQ=="
-  "resolved" "https://registry.npmjs.org/scheduler/-/scheduler-0.20.2.tgz"
-  "version" "0.20.2"
+scheduler@^0.20.2:
+  version "0.20.2"
+  resolved "https://registry.npmjs.org/scheduler/-/scheduler-0.20.2.tgz"
+  integrity sha512-2eWfGgAqqWFGqtdMmcL5zCMK1U8KlXv8SQFGglL3CEtd0aDVDWgeF/YoCmvln55m5zSk3J/20hTaSBeSObsQDQ==
   dependencies:
-    "loose-envify" "^1.1.0"
-    "object-assign" "^4.1.1"
+    loose-envify "^1.1.0"
+    object-assign "^4.1.1"
 
-"shallowequal@^1.1.0":
-  "integrity" "sha512-y0m1JoUZSlPAjXVtPPW70aZWfIL/dSP7AFkRnniLCrK/8MDKog3TySTBmckD+RObVxH0v4Tox67+F14PdED2oQ=="
-  "resolved" "https://registry.npmjs.org/shallowequal/-/shallowequal-1.1.0.tgz"
-  "version" "1.1.0"
+shallowequal@^1.1.0:
+  version "1.1.0"
+  resolved "https://registry.npmjs.org/shallowequal/-/shallowequal-1.1.0.tgz"
+  integrity sha512-y0m1JoUZSlPAjXVtPPW70aZWfIL/dSP7AFkRnniLCrK/8MDKog3TySTBmckD+RObVxH0v4Tox67+F14PdED2oQ==
 
-"source-map@^0.5.0":
-  "integrity" "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w="
-  "resolved" "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz"
-  "version" "0.5.7"
+source-map@^0.5.0:
+  version "0.5.7"
+  resolved "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz"
+  integrity sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=
 
-"styled-components@^5.3.0", "styled-components@>= 2":
-  "integrity" "sha512-++4iHwBM7ZN+x6DtPPWkCI4vdtwumQ+inA/DdAsqYd4SVgUKJie5vXyzotA00ttcFdQkCng7zc6grwlfIfw+lw=="
-  "resolved" "https://registry.npmjs.org/styled-components/-/styled-components-5.3.3.tgz"
-  "version" "5.3.3"
+styled-components@^5.3.0, "styled-components@>= 2":
+  version "5.3.3"
+  resolved "https://registry.npmjs.org/styled-components/-/styled-components-5.3.3.tgz"
+  integrity sha512-++4iHwBM7ZN+x6DtPPWkCI4vdtwumQ+inA/DdAsqYd4SVgUKJie5vXyzotA00ttcFdQkCng7zc6grwlfIfw+lw==
   dependencies:
     "@babel/helper-module-imports" "^7.0.0"
     "@babel/traverse" "^7.4.5"
     "@emotion/is-prop-valid" "^0.8.8"
     "@emotion/stylis" "^0.8.4"
     "@emotion/unitless" "^0.7.4"
-    "babel-plugin-styled-components" ">= 1.12.0"
-    "css-to-react-native" "^3.0.0"
-    "hoist-non-react-statics" "^3.0.0"
-    "shallowequal" "^1.1.0"
-    "supports-color" "^5.5.0"
+    babel-plugin-styled-components ">= 1.12.0"
+    css-to-react-native "^3.0.0"
+    hoist-non-react-statics "^3.0.0"
+    shallowequal "^1.1.0"
+    supports-color "^5.5.0"
 
-"supports-color@^5.3.0", "supports-color@^5.5.0":
-  "integrity" "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow=="
-  "resolved" "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz"
-  "version" "5.5.0"
+supports-color@^5.3.0, supports-color@^5.5.0:
+  version "5.5.0"
+  resolved "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz"
+  integrity sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==
   dependencies:
-    "has-flag" "^3.0.0"
+    has-flag "^3.0.0"
 
-"tiny-invariant@^1.0.2":
-  "integrity" "sha512-ytxQvrb1cPc9WBEI/HSeYYoGD0kWnGEOR8RY6KomWLBVhqz0RgTwVO9dLrGz7dC+nN9llyI7OKAgRq8Vq4ZBSw=="
-  "resolved" "https://registry.npmjs.org/tiny-invariant/-/tiny-invariant-1.1.0.tgz"
-  "version" "1.1.0"
+tiny-invariant@^1.0.2:
+  version "1.1.0"
+  resolved "https://registry.npmjs.org/tiny-invariant/-/tiny-invariant-1.1.0.tgz"
+  integrity sha512-ytxQvrb1cPc9WBEI/HSeYYoGD0kWnGEOR8RY6KomWLBVhqz0RgTwVO9dLrGz7dC+nN9llyI7OKAgRq8Vq4ZBSw==
 
-"tiny-warning@^1.0.0", "tiny-warning@^1.0.3":
-  "integrity" "sha512-lBN9zLN/oAf68o3zNXYrdCt1kP8WsiGW8Oo2ka41b2IM5JL/S1CTyX1rW0mb/zSuJun0ZUrDxx4sqvYS2FWzPA=="
-  "resolved" "https://registry.npmjs.org/tiny-warning/-/tiny-warning-1.0.3.tgz"
-  "version" "1.0.3"
+tiny-warning@^1.0.0, tiny-warning@^1.0.3:
+  version "1.0.3"
+  resolved "https://registry.npmjs.org/tiny-warning/-/tiny-warning-1.0.3.tgz"
+  integrity sha512-lBN9zLN/oAf68o3zNXYrdCt1kP8WsiGW8Oo2ka41b2IM5JL/S1CTyX1rW0mb/zSuJun0ZUrDxx4sqvYS2FWzPA==
 
-"to-fast-properties@^2.0.0":
-  "integrity" "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4="
-  "resolved" "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz"
-  "version" "2.0.0"
+to-fast-properties@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz"
+  integrity sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=
 
-"tr46@~0.0.3":
-  "integrity" "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw=="
-  "resolved" "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz"
-  "version" "0.0.3"
+tr46@~0.0.3:
+  version "0.0.3"
+  resolved "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz"
+  integrity sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==
 
-"typescript@^4.3.5":
-  "integrity" "sha512-DqQgihaQ9cUrskJo9kIyW/+g0Vxsk8cDtZ52a3NGh0YNTfpUSArXSohyUGnvbPazEPLu398C0UxmKSOrPumUzA=="
-  "resolved" "https://registry.npmjs.org/typescript/-/typescript-4.3.5.tgz"
-  "version" "4.3.5"
+typescript@^4.3.5:
+  version "4.3.5"
+  resolved "https://registry.npmjs.org/typescript/-/typescript-4.3.5.tgz"
+  integrity sha512-DqQgihaQ9cUrskJo9kIyW/+g0Vxsk8cDtZ52a3NGh0YNTfpUSArXSohyUGnvbPazEPLu398C0UxmKSOrPumUzA==
 
-"value-equal@^1.0.1":
-  "integrity" "sha512-NOJ6JZCAWr0zlxZt+xqCHNTEKOsrks2HQd4MqhP1qy4z1SkbEP467eNx6TgDKXMvUOb+OENfJCZwM+16n7fRfw=="
-  "resolved" "https://registry.npmjs.org/value-equal/-/value-equal-1.0.1.tgz"
-  "version" "1.0.1"
+value-equal@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.npmjs.org/value-equal/-/value-equal-1.0.1.tgz"
+  integrity sha512-NOJ6JZCAWr0zlxZt+xqCHNTEKOsrks2HQd4MqhP1qy4z1SkbEP467eNx6TgDKXMvUOb+OENfJCZwM+16n7fRfw==
 
-"webidl-conversions@^3.0.0":
-  "integrity" "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ=="
-  "resolved" "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz"
-  "version" "3.0.1"
+webidl-conversions@^3.0.0:
+  version "3.0.1"
+  resolved "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz"
+  integrity sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==
 
-"whatwg-url@^5.0.0":
-  "integrity" "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw=="
-  "resolved" "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz"
-  "version" "5.0.0"
+whatwg-url@^5.0.0:
+  version "5.0.0"
+  resolved "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz"
+  integrity sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==
   dependencies:
-    "tr46" "~0.0.3"
-    "webidl-conversions" "^3.0.0"
+    tr46 "~0.0.3"
+    webidl-conversions "^3.0.0"

dashboard/package-lock.json

@@ -2847,9 +2847,9 @@
 			}
 		},
 		"node_modules/semver": {
-			"version": "6.3.0",
-			"resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz",
-			"integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==",
+			"version": "6.3.1",
+			"resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz",
+			"integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==",
 			"peer": true,
 			"bin": {
 				"semver": "bin/semver.js"
@@ -5167,9 +5167,9 @@
 			}
 		},
 		"semver": {
-			"version": "6.3.0",
-			"resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz",
-			"integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==",
+			"version": "6.3.1",
+			"resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz",
+			"integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==",
 			"peer": true
 		},
 		"setimmediate": {

dashboard/src/components/EnvComponents/Features.tsx

@@ -124,6 +124,19 @@ const Features = ({ variables, setVariables }: any) => {
 						/>
 					</Flex>
 				</Flex>
+				<Flex>
+					<Flex w="100%" justifyContent="start" alignItems="center">
+						<Text fontSize="sm">Playground:</Text>
+					</Flex>
+					<Flex justifyContent="start">
+						<InputField
+							variables={variables}
+							setVariables={setVariables}
+							inputType={SwitchInputType.DISABLE_PLAYGROUND}
+							hasReversedValue
+						/>
+					</Flex>
+				</Flex>
 			</Stack>
 			<Divider paddingY={5} />
 			<Text fontSize="md" paddingTop={5} fontWeight="bold" mb={5}>

dashboard/src/constants.ts

@@ -84,6 +84,7 @@ export const SwitchInputType = {
 	DISABLE_STRONG_PASSWORD: 'DISABLE_STRONG_PASSWORD',
 	DISABLE_MULTI_FACTOR_AUTHENTICATION: 'DISABLE_MULTI_FACTOR_AUTHENTICATION',
 	ENFORCE_MULTI_FACTOR_AUTHENTICATION: 'ENFORCE_MULTI_FACTOR_AUTHENTICATION',
+	DISABLE_PLAYGROUND: 'DISABLE_PLAYGROUND',
 };
 
 export const DateInputType = {
@@ -167,6 +168,7 @@ export interface envVarTypes {
 	ENFORCE_MULTI_FACTOR_AUTHENTICATION: boolean;
 	DEFAULT_AUTHORIZE_RESPONSE_TYPE: string;
 	DEFAULT_AUTHORIZE_RESPONSE_MODE: string;
+	DISABLE_PLAYGROUND: boolean;
 }
 
 export const envSubViews = {
@@ -220,6 +222,7 @@ export const webhookEventNames = {
 	'User deleted': 'user.deleted',
 	'User access enabled': 'user.access_enabled',
 	'User access revoked': 'user.access_revoked',
+	'User deactivated': 'user.deactivated',
 };
 
 export const emailTemplateEventNames = {

dashboard/src/graphql/queries/index.ts

@@ -73,6 +73,7 @@ export const EnvVariablesQuery = `
       ENFORCE_MULTI_FACTOR_AUTHENTICATION
       DEFAULT_AUTHORIZE_RESPONSE_TYPE
       DEFAULT_AUTHORIZE_RESPONSE_MODE
+      DISABLE_PLAYGROUND
     }
   }
 `;

dashboard/src/pages/Environment.tsx

@@ -93,6 +93,7 @@ const Environment = () => {
 		ENFORCE_MULTI_FACTOR_AUTHENTICATION: false,
 		DEFAULT_AUTHORIZE_RESPONSE_TYPE: '',
 		DEFAULT_AUTHORIZE_RESPONSE_MODE: '',
+		DISABLE_PLAYGROUND: false,
 	});
 
 	const [fieldVisibility, setFieldVisibility] = React.useState<

server/constants/cookie.go

@@ -5,4 +5,6 @@ const (
 	AppCookieName = "cookie"
 	// AdminCookieName is the name of the cookie that is used to store the admin token
 	AdminCookieName = "authorizer-admin"
+	// MfaCookieName is the name of the cookie that is used to store the mfa session
+	MfaCookieName = "mfa"
 )

server/constants/env.go

@@ -163,6 +163,9 @@ const (
 	// EnvKeyDisablePhoneVerification is key for env variable DISABLE_PHONE_VERIFICATION
 	// this variable is used to disable phone verification
 	EnvKeyDisablePhoneVerification = "DISABLE_PHONE_VERIFICATION"
+	// EnvKeyDisablePlayGround is key for env variable DISABLE_PLAYGROUND
+	// this variable will disable or enable playground use in dashboard
+	EnvKeyDisablePlayGround = "DISABLE_PLAYGROUND"
 
 	// Slice variables
 	// EnvKeyRoles key for env variable ROLES

server/constants/webhook_event.go

@@ -15,4 +15,6 @@ const (
 	UserAccessEnabledWebhookEvent = `user.access_enabled`
 	// UserDeletedWebhookEvent name for user deleted event
 	UserDeletedWebhookEvent = `user.deleted`
+	// UserDeactivatedWebhookEvent name for user deactivated event
+	UserDeactivatedWebhookEvent = `user.deactivated`
 )

server/cookie/mfa_session.go

@@ -0,0 +1,89 @@
+package cookie
+
+import (
+	"net/http"
+	"net/url"
+
+	log "github.com/sirupsen/logrus"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/parsers"
+	"github.com/gin-gonic/gin"
+)
+
+// SetMfaSession sets the mfa session cookie in the response
+func SetMfaSession(gc *gin.Context, sessionID string) {
+	appCookieSecure, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyAppCookieSecure)
+	if err != nil {
+		log.Debug("Error while getting app cookie secure from env variable: %v", err)
+		appCookieSecure = true
+	}
+
+	secure := appCookieSecure
+	httpOnly := appCookieSecure
+	hostname := parsers.GetHost(gc)
+	host, _ := parsers.GetHostParts(hostname)
+	domain := parsers.GetDomainName(hostname)
+	if domain != "localhost" {
+		domain = "." + domain
+	}
+
+	// Since app cookie can come from cross site it becomes important to set this in lax mode when insecure.
+	// Example person using custom UI on their app domain and making request to authorizer domain.
+	// For more information check:
+	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
+	// https://github.com/gin-gonic/gin/blob/master/context.go#L86
+	// TODO add ability to sameSite = none / strict from dashboard
+	if !appCookieSecure {
+		gc.SetSameSite(http.SameSiteLaxMode)
+	} else {
+		gc.SetSameSite(http.SameSiteNoneMode)
+	}
+	// TODO allow configuring from dashboard
+	age := 60
+
+	gc.SetCookie(constants.MfaCookieName+"_session", sessionID, age, "/", host, secure, httpOnly)
+	gc.SetCookie(constants.MfaCookieName+"_session_domain", sessionID, age, "/", domain, secure, httpOnly)
+}
+
+// DeleteMfaSession deletes the mfa session cookies to expire
+func DeleteMfaSession(gc *gin.Context) {
+	appCookieSecure, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyAppCookieSecure)
+	if err != nil {
+		log.Debug("Error while getting app cookie secure from env variable: %v", err)
+		appCookieSecure = true
+	}
+
+	secure := appCookieSecure
+	httpOnly := appCookieSecure
+	hostname := parsers.GetHost(gc)
+	host, _ := parsers.GetHostParts(hostname)
+	domain := parsers.GetDomainName(hostname)
+	if domain != "localhost" {
+		domain = "." + domain
+	}
+
+	gc.SetSameSite(http.SameSiteNoneMode)
+	gc.SetCookie(constants.MfaCookieName+"_session", "", -1, "/", host, secure, httpOnly)
+	gc.SetCookie(constants.MfaCookieName+"_session_domain", "", -1, "/", domain, secure, httpOnly)
+}
+
+// GetMfaSession gets the mfa session cookie from context
+func GetMfaSession(gc *gin.Context) (string, error) {
+	var cookie *http.Cookie
+	var err error
+	cookie, err = gc.Request.Cookie(constants.MfaCookieName + "_session")
+	if err != nil {
+		cookie, err = gc.Request.Cookie(constants.MfaCookieName + "_session_domain")
+		if err != nil {
+			return "", err
+		}
+	}
+
+	decodedValue, err := url.PathUnescape(cookie.Value)
+	if err != nil {
+		return "", err
+	}
+	return decodedValue, nil
+}

server/db/models/user.go

@@ -33,12 +33,14 @@ type User struct {
 	IsMultiFactorAuthEnabled *bool   `json:"is_multi_factor_auth_enabled" bson:"is_multi_factor_auth_enabled" cql:"is_multi_factor_auth_enabled" dynamo:"is_multi_factor_auth_enabled"`
 	UpdatedAt                int64   `json:"updated_at" bson:"updated_at" cql:"updated_at" dynamo:"updated_at"`
 	CreatedAt                int64   `json:"created_at" bson:"created_at" cql:"created_at" dynamo:"created_at"`
+	AppData                  *string `json:"app_data" bson:"app_data" cql:"app_data" dynamo:"app_data"`
 }
 
 func (user *User) AsAPIUser() *model.User {
 	isEmailVerified := user.EmailVerifiedAt != nil
 	isPhoneVerified := user.PhoneNumberVerifiedAt != nil
-
+	appDataMap := make(map[string]interface{})
+	json.Unmarshal([]byte(refs.StringValue(user.AppData)), &appDataMap)
 	// id := user.ID
 	// if strings.Contains(id, Collections.User+"/") {
 	// 	id = strings.TrimPrefix(id, Collections.User+"/")
@@ -63,6 +65,7 @@ func (user *User) AsAPIUser() *model.User {
 		IsMultiFactorAuthEnabled: user.IsMultiFactorAuthEnabled,
 		CreatedAt:                refs.NewInt64Ref(user.CreatedAt),
 		UpdatedAt:                refs.NewInt64Ref(user.UpdatedAt),
+		AppData:                  appDataMap,
 	}
 }
 

server/db/providers/cassandradb/provider.go

@@ -261,6 +261,13 @@ func NewProvider() (*provider, error) {
 		log.Debug("Failed to alter table as column exists: ", err)
 		// continue
 	}
+	// Add app_data column to users table
+	appDataAlterQuery := fmt.Sprintf(`ALTER TABLE %s.%s ADD (app_data text);`, KeySpace, models.Collections.User)
+	err = session.Query(appDataAlterQuery).Exec()
+	if err != nil {
+		log.Debug("Failed to alter user table as app_data column exists: ", err)
+		// continue
+	}
 	// Add phone number index
 	otpIndexQueryPhoneNumber := fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_otp_phone_number ON %s.%s (phone_number)", KeySpace, models.Collections.OTP)
 	err = session.Query(otpIndexQueryPhoneNumber).Exec()

server/db/providers/cassandradb/user.go

@@ -177,13 +177,13 @@ func (p *provider) ListUsers(ctx context.Context, pagination *model.Pagination)
 	// there is no offset in cassandra
 	// so we fetch till limit + offset
 	// and return the results from offset to limit
-	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, created_at, updated_at FROM %s LIMIT %d", KeySpace+"."+models.Collections.User, pagination.Limit+pagination.Offset)
+	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, app_data, created_at, updated_at FROM %s LIMIT %d", KeySpace+"."+models.Collections.User, pagination.Limit+pagination.Offset)
 	scanner := p.db.Query(query).Iter().Scanner()
 	counter := int64(0)
 	for scanner.Next() {
 		if counter >= pagination.Offset {
 			var user models.User
-			err := scanner.Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.IsMultiFactorAuthEnabled, &user.CreatedAt, &user.UpdatedAt)
+			err := scanner.Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.IsMultiFactorAuthEnabled, &user.AppData, &user.CreatedAt, &user.UpdatedAt)
 			if err != nil {
 				return nil, err
 			}
@@ -200,8 +200,8 @@ func (p *provider) ListUsers(ctx context.Context, pagination *model.Pagination)
 // GetUserByEmail to get user information from database using email address
 func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.User, error) {
 	var user models.User
-	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, created_at, updated_at FROM %s WHERE email = '%s' LIMIT 1 ALLOW FILTERING", KeySpace+"."+models.Collections.User, email)
-	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.IsMultiFactorAuthEnabled, &user.CreatedAt, &user.UpdatedAt)
+	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, app_data, created_at, updated_at FROM %s WHERE email = '%s' LIMIT 1 ALLOW FILTERING", KeySpace+"."+models.Collections.User, email)
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.IsMultiFactorAuthEnabled, &user.AppData, &user.CreatedAt, &user.UpdatedAt)
 	if err != nil {
 		return nil, err
 	}
@@ -211,8 +211,8 @@ func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.Us
 // GetUserByID to get user information from database using user ID
 func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, error) {
 	var user models.User
-	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, created_at, updated_at FROM %s WHERE id = '%s' LIMIT 1", KeySpace+"."+models.Collections.User, id)
-	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.IsMultiFactorAuthEnabled, &user.CreatedAt, &user.UpdatedAt)
+	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, app_data, created_at, updated_at FROM %s WHERE id = '%s' LIMIT 1", KeySpace+"."+models.Collections.User, id)
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.IsMultiFactorAuthEnabled, &user.AppData, &user.CreatedAt, &user.UpdatedAt)
 	if err != nil {
 		return nil, err
 	}
@@ -306,8 +306,8 @@ func (p *provider) UpdateUsers(ctx context.Context, data map[string]interface{},
 // GetUserByPhoneNumber to get user information from database using phone number
 func (p *provider) GetUserByPhoneNumber(ctx context.Context, phoneNumber string) (*models.User, error) {
 	var user models.User
-	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, created_at, updated_at FROM %s WHERE phone_number = '%s' LIMIT 1 ALLOW FILTERING", KeySpace+"."+models.Collections.User, phoneNumber)
-	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.IsMultiFactorAuthEnabled, &user.CreatedAt, &user.UpdatedAt)
+	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, is_multi_factor_auth_enabled, app_data, created_at, updated_at FROM %s WHERE phone_number = '%s' LIMIT 1 ALLOW FILTERING", KeySpace+"."+models.Collections.User, phoneNumber)
+	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.IsMultiFactorAuthEnabled, &user.AppData, &user.CreatedAt, &user.UpdatedAt)
 	if err != nil {
 		return nil, err
 	}

server/db/providers/cassandradb/verification_requests.go

@@ -74,7 +74,6 @@ func (p *provider) ListVerificationRequests(ctx context.Context, pagination *mod
 			var verificationRequest models.VerificationRequest
 			err := scanner.Scan(&verificationRequest.ID, &verificationRequest.Token, &verificationRequest.Identifier, &verificationRequest.ExpiresAt, &verificationRequest.Email, &verificationRequest.Nonce, &verificationRequest.RedirectURI, &verificationRequest.CreatedAt, &verificationRequest.UpdatedAt)
 			if err != nil {
-				fmt.Println("=> getting error here...", err)
 				return nil, err
 			}
 			verificationRequests = append(verificationRequests, verificationRequest.AsAPIVerificationRequest())

server/email/email.go

@@ -72,7 +72,6 @@ func getEmailTemplate(event string, data map[string]interface{}) (*model.EmailTe
 		return nil, err
 	}
 	subjectString := buf.String()
-
 	return &model.EmailTemplate{
 		Template: templateString,
 		Subject:  subjectString,
@@ -92,7 +91,7 @@ func SendEmail(to []string, event string, data map[string]interface{}) error {
 
 	tmp, err := getEmailTemplate(event, data)
 	if err != nil {
-		log.Errorf("Failed to get event template: ", err)
+		log.Error("Failed to get event template: ", err)
 		return err
 	}
 

server/env/env.go

@@ -106,6 +106,8 @@ func InitAllEnv() error {
 	osDisableMultiFactorAuthentication := os.Getenv(constants.EnvKeyDisableMultiFactorAuthentication)
 	// phone verification var
 	osDisablePhoneVerification := os.Getenv(constants.EnvKeyDisablePhoneVerification)
+	osDisablePlayground := os.Getenv(constants.EnvKeyDisablePlayGround)
+
 	// twilio vars
 	osTwilioApiKey := os.Getenv(constants.EnvKeyTwilioAPIKey)
 	osTwilioApiSecret := os.Getenv(constants.EnvKeyTwilioAPISecret)
@@ -825,6 +827,19 @@ func InitAllEnv() error {
 		envData[constants.EnvKeyIsSMSServiceEnabled] = true
 	}
 
+	if _, ok := envData[constants.EnvKeyDisablePlayGround]; !ok {
+		envData[constants.EnvKeyDisablePlayGround] = osDisablePlayground == "true"
+	}
+	if osDisablePlayground != "" {
+		boolValue, err := strconv.ParseBool(osDisablePlayground)
+		if err != nil {
+			return err
+		}
+		if boolValue != envData[constants.EnvKeyDisablePlayGround].(bool) {
+			envData[constants.EnvKeyDisablePlayGround] = boolValue
+		}
+	}
+
 	err = memorystore.Provider.UpdateEnvStore(envData)
 	if err != nil {
 		log.Debug("Error while updating env store: ", err)

server/env/persist_env.go

@@ -196,7 +196,7 @@ func PersistEnv() error {
 				envValue := strings.TrimSpace(os.Getenv(key))
 				if envValue != "" {
 					switch key {
-					case constants.EnvKeyIsProd, constants.EnvKeyDisableBasicAuthentication, constants.EnvKeyDisableMobileBasicAuthentication, constants.EnvKeyDisableEmailVerification, constants.EnvKeyDisableLoginPage, constants.EnvKeyDisableMagicLinkLogin, constants.EnvKeyDisableSignUp, constants.EnvKeyDisableRedisForEnv, constants.EnvKeyDisableStrongPassword, constants.EnvKeyIsEmailServiceEnabled, constants.EnvKeyIsSMSServiceEnabled, constants.EnvKeyEnforceMultiFactorAuthentication, constants.EnvKeyDisableMultiFactorAuthentication, constants.EnvKeyAdminCookieSecure, constants.EnvKeyAppCookieSecure, constants.EnvKeyDisablePhoneVerification:
+					case constants.EnvKeyIsProd, constants.EnvKeyDisableBasicAuthentication, constants.EnvKeyDisableMobileBasicAuthentication, constants.EnvKeyDisableEmailVerification, constants.EnvKeyDisableLoginPage, constants.EnvKeyDisableMagicLinkLogin, constants.EnvKeyDisableSignUp, constants.EnvKeyDisableRedisForEnv, constants.EnvKeyDisableStrongPassword, constants.EnvKeyIsEmailServiceEnabled, constants.EnvKeyIsSMSServiceEnabled, constants.EnvKeyEnforceMultiFactorAuthentication, constants.EnvKeyDisableMultiFactorAuthentication, constants.EnvKeyAdminCookieSecure, constants.EnvKeyAppCookieSecure, constants.EnvKeyDisablePhoneVerification, constants.EnvKeyDisablePlayGround:
 						if envValueBool, err := strconv.ParseBool(envValue); err == nil {
 							if value.(bool) != envValueBool {
 								storeData[key] = envValueBool

server/go.mod

@@ -3,40 +3,51 @@ module github.com/authorizerdev/authorizer/server
 go 1.16
 
 require (
-	github.com/99designs/gqlgen v0.17.20
-	github.com/arangodb/go-driver v1.2.1
-	github.com/aws/aws-sdk-go v1.44.298
-	github.com/coreos/go-oidc/v3 v3.1.0
-	github.com/couchbase/gocb/v2 v2.6.0
-	github.com/gin-gonic/gin v1.8.1
-	github.com/glebarez/sqlite v1.5.0
-	github.com/go-playground/validator/v10 v10.11.1 // indirect
-	github.com/goccy/go-json v0.9.11 // indirect
-	github.com/gocql/gocql v1.2.0
+	github.com/99designs/gqlgen v0.17.39
+	github.com/arangodb/go-driver v1.6.0
+	github.com/aws/aws-sdk-go v1.45.25
+	github.com/bytedance/sonic v1.10.2 // indirect
+	github.com/coreos/go-oidc/v3 v3.6.0
+	github.com/couchbase/gocb/v2 v2.6.4
+	github.com/cpuguy83/go-md2man/v2 v2.0.3 // indirect
+	github.com/gabriel-vasile/mimetype v1.4.3 // indirect
+	github.com/gin-gonic/gin v1.9.1
+	github.com/glebarez/sqlite v1.9.0
+	github.com/go-playground/validator/v10 v10.15.5 // indirect
+	github.com/go-sql-driver/mysql v1.7.1 // indirect
+	github.com/gocql/gocql v1.6.0
 	github.com/golang-jwt/jwt v3.2.2+incompatible
-	github.com/golang/protobuf v1.5.2 // indirect
-	github.com/google/go-cmp v0.5.6 // indirect
-	github.com/google/uuid v1.3.0
-	github.com/guregu/dynamo v1.20.0
-	github.com/joho/godotenv v1.3.0
-	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
-	github.com/pelletier/go-toml/v2 v2.0.5 // indirect
-	github.com/redis/go-redis/v9 v9.0.3
-	github.com/robertkrimen/otto v0.0.0-20211024170158-b87d35c0b86f
-	github.com/sirupsen/logrus v1.8.1
-	github.com/stretchr/testify v1.8.0
-	github.com/twilio/twilio-go v1.7.2
-	github.com/vektah/gqlparser/v2 v2.5.1
-	go.mongodb.org/mongo-driver v1.8.1
-	golang.org/x/crypto v0.4.0
-	golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914
-	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/protobuf v1.28.1 // indirect
+	github.com/google/uuid v1.3.1
+	github.com/guregu/dynamo v1.20.2
+	github.com/hashicorp/golang-lru v1.0.2 // indirect
+	github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
+	github.com/joho/godotenv v1.5.1
+	github.com/klauspost/compress v1.17.0 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.5 // indirect
+	github.com/montanaflynn/stats v0.7.1 // indirect
+	github.com/pelletier/go-toml/v2 v2.1.0 // indirect
+	github.com/redis/go-redis/v9 v9.2.1
+	github.com/robertkrimen/otto v0.2.1
+	github.com/sirupsen/logrus v1.9.3
+	github.com/sosodev/duration v1.2.0 // indirect
+	github.com/stretchr/testify v1.8.4
+	github.com/twilio/twilio-go v1.14.1
+	github.com/urfave/cli/v2 v2.25.7 // indirect
+	github.com/vektah/gqlparser/v2 v2.5.10
+	github.com/youmark/pkcs8 v0.0.0-20201027041543-1326539a0a0a // indirect
+	go.mongodb.org/mongo-driver v1.12.1
+	golang.org/x/arch v0.5.0 // indirect
+	golang.org/x/crypto v0.14.0
+	golang.org/x/oauth2 v0.13.0
+	golang.org/x/tools v0.14.0 // indirect
+	google.golang.org/appengine v1.6.8
 	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
 	gopkg.in/mail.v2 v2.3.1
 	gopkg.in/square/go-jose.v2 v2.6.0
-	gorm.io/driver/mysql v1.4.3
-	gorm.io/driver/postgres v1.4.7
-	gorm.io/driver/sqlserver v1.4.1
-	gorm.io/gorm v1.24.2
+	gorm.io/driver/mysql v1.5.2
+	gorm.io/driver/postgres v1.5.3
+	gorm.io/driver/sqlserver v1.5.2
+	gorm.io/gorm v1.25.5
+	modernc.org/memory v1.7.2 // indirect
+	modernc.org/sqlite v1.26.0 // indirect
 )

server/graph/model/models_gen.go

@@ -6,15 +6,15 @@ type AddEmailTemplateRequest struct {
 	EventName string  `json:"event_name"`
 	Subject   string  `json:"subject"`
 	Template  string  `json:"template"`
-	Design    *string `json:"design"`
+	Design    *string `json:"design,omitempty"`
 }
 
 type AddWebhookRequest struct {
 	EventName        string                 `json:"event_name"`
-	EventDescription *string                `json:"event_description"`
+	EventDescription *string                `json:"event_description,omitempty"`
 	Endpoint         string                 `json:"endpoint"`
 	Enabled          bool                   `json:"enabled"`
-	Headers          map[string]interface{} `json:"headers"`
+	Headers          map[string]interface{} `json:"headers,omitempty"`
 }
 
 type AdminLoginInput struct {
@@ -27,13 +27,13 @@ type AdminSignupInput struct {
 
 type AuthResponse struct {
 	Message                   string  `json:"message"`
-	ShouldShowEmailOtpScreen  *bool   `json:"should_show_email_otp_screen"`
-	ShouldShowMobileOtpScreen *bool   `json:"should_show_mobile_otp_screen"`
-	AccessToken               *string `json:"access_token"`
-	IDToken                   *string `json:"id_token"`
-	RefreshToken              *string `json:"refresh_token"`
-	ExpiresIn                 *int64  `json:"expires_in"`
-	User                      *User   `json:"user"`
+	ShouldShowEmailOtpScreen  *bool   `json:"should_show_email_otp_screen,omitempty"`
+	ShouldShowMobileOtpScreen *bool   `json:"should_show_mobile_otp_screen,omitempty"`
+	AccessToken               *string `json:"access_token,omitempty"`
+	IDToken                   *string `json:"id_token,omitempty"`
+	RefreshToken              *string `json:"refresh_token,omitempty"`
+	ExpiresIn                 *int64  `json:"expires_in,omitempty"`
+	User                      *User   `json:"user,omitempty"`
 }
 
 type DeleteEmailTemplateRequest struct {
@@ -50,8 +50,8 @@ type EmailTemplate struct {
 	Template  string `json:"template"`
 	Design    string `json:"design"`
 	Subject   string `json:"subject"`
-	CreatedAt *int64 `json:"created_at"`
-	UpdatedAt *int64 `json:"updated_at"`
+	CreatedAt *int64 `json:"created_at,omitempty"`
+	UpdatedAt *int64 `json:"updated_at,omitempty"`
 }
 
 type EmailTemplates struct {
@@ -60,33 +60,33 @@ type EmailTemplates struct {
 }
 
 type Env struct {
-	AccessTokenExpiryTime            *string  `json:"ACCESS_TOKEN_EXPIRY_TIME"`
-	AdminSecret                      *string  `json:"ADMIN_SECRET"`
-	DatabaseName                     *string  `json:"DATABASE_NAME"`
-	DatabaseURL                      *string  `json:"DATABASE_URL"`
-	DatabaseType                     *string  `json:"DATABASE_TYPE"`
-	DatabaseUsername                 *string  `json:"DATABASE_USERNAME"`
-	DatabasePassword                 *string  `json:"DATABASE_PASSWORD"`
-	DatabaseHost                     *string  `json:"DATABASE_HOST"`
-	DatabasePort                     *string  `json:"DATABASE_PORT"`
+	AccessTokenExpiryTime            *string  `json:"ACCESS_TOKEN_EXPIRY_TIME,omitempty"`
+	AdminSecret                      *string  `json:"ADMIN_SECRET,omitempty"`
+	DatabaseName                     *string  `json:"DATABASE_NAME,omitempty"`
+	DatabaseURL                      *string  `json:"DATABASE_URL,omitempty"`
+	DatabaseType                     *string  `json:"DATABASE_TYPE,omitempty"`
+	DatabaseUsername                 *string  `json:"DATABASE_USERNAME,omitempty"`
+	DatabasePassword                 *string  `json:"DATABASE_PASSWORD,omitempty"`
+	DatabaseHost                     *string  `json:"DATABASE_HOST,omitempty"`
+	DatabasePort                     *string  `json:"DATABASE_PORT,omitempty"`
 	ClientID                         string   `json:"CLIENT_ID"`
 	ClientSecret                     string   `json:"CLIENT_SECRET"`
-	CustomAccessTokenScript          *string  `json:"CUSTOM_ACCESS_TOKEN_SCRIPT"`
-	SMTPHost                         *string  `json:"SMTP_HOST"`
-	SMTPPort                         *string  `json:"SMTP_PORT"`
-	SMTPUsername                     *string  `json:"SMTP_USERNAME"`
-	SMTPPassword                     *string  `json:"SMTP_PASSWORD"`
-	SMTPLocalName                    *string  `json:"SMTP_LOCAL_NAME"`
-	SenderEmail                      *string  `json:"SENDER_EMAIL"`
-	SenderName                       *string  `json:"SENDER_NAME"`
-	JwtType                          *string  `json:"JWT_TYPE"`
-	JwtSecret                        *string  `json:"JWT_SECRET"`
-	JwtPrivateKey                    *string  `json:"JWT_PRIVATE_KEY"`
-	JwtPublicKey                     *string  `json:"JWT_PUBLIC_KEY"`
-	AllowedOrigins                   []string `json:"ALLOWED_ORIGINS"`
-	AppURL                           *string  `json:"APP_URL"`
-	RedisURL                         *string  `json:"REDIS_URL"`
-	ResetPasswordURL                 *string  `json:"RESET_PASSWORD_URL"`
+	CustomAccessTokenScript          *string  `json:"CUSTOM_ACCESS_TOKEN_SCRIPT,omitempty"`
+	SMTPHost                         *string  `json:"SMTP_HOST,omitempty"`
+	SMTPPort                         *string  `json:"SMTP_PORT,omitempty"`
+	SMTPUsername                     *string  `json:"SMTP_USERNAME,omitempty"`
+	SMTPPassword                     *string  `json:"SMTP_PASSWORD,omitempty"`
+	SMTPLocalName                    *string  `json:"SMTP_LOCAL_NAME,omitempty"`
+	SenderEmail                      *string  `json:"SENDER_EMAIL,omitempty"`
+	SenderName                       *string  `json:"SENDER_NAME,omitempty"`
+	JwtType                          *string  `json:"JWT_TYPE,omitempty"`
+	JwtSecret                        *string  `json:"JWT_SECRET,omitempty"`
+	JwtPrivateKey                    *string  `json:"JWT_PRIVATE_KEY,omitempty"`
+	JwtPublicKey                     *string  `json:"JWT_PUBLIC_KEY,omitempty"`
+	AllowedOrigins                   []string `json:"ALLOWED_ORIGINS,omitempty"`
+	AppURL                           *string  `json:"APP_URL,omitempty"`
+	RedisURL                         *string  `json:"REDIS_URL,omitempty"`
+	ResetPasswordURL                 *string  `json:"RESET_PASSWORD_URL,omitempty"`
 	DisableEmailVerification         bool     `json:"DISABLE_EMAIL_VERIFICATION"`
 	DisableBasicAuthentication       bool     `json:"DISABLE_BASIC_AUTHENTICATION"`
 	DisableMagicLinkLogin            bool     `json:"DISABLE_MAGIC_LINK_LOGIN"`
@@ -96,31 +96,32 @@ type Env struct {
 	DisableStrongPassword            bool     `json:"DISABLE_STRONG_PASSWORD"`
 	DisableMultiFactorAuthentication bool     `json:"DISABLE_MULTI_FACTOR_AUTHENTICATION"`
 	EnforceMultiFactorAuthentication bool     `json:"ENFORCE_MULTI_FACTOR_AUTHENTICATION"`
-	Roles                            []string `json:"ROLES"`
-	ProtectedRoles                   []string `json:"PROTECTED_ROLES"`
-	DefaultRoles                     []string `json:"DEFAULT_ROLES"`
-	JwtRoleClaim                     *string  `json:"JWT_ROLE_CLAIM"`
-	GoogleClientID                   *string  `json:"GOOGLE_CLIENT_ID"`
-	GoogleClientSecret               *string  `json:"GOOGLE_CLIENT_SECRET"`
-	GithubClientID                   *string  `json:"GITHUB_CLIENT_ID"`
-	GithubClientSecret               *string  `json:"GITHUB_CLIENT_SECRET"`
-	FacebookClientID                 *string  `json:"FACEBOOK_CLIENT_ID"`
-	FacebookClientSecret             *string  `json:"FACEBOOK_CLIENT_SECRET"`
-	LinkedinClientID                 *string  `json:"LINKEDIN_CLIENT_ID"`
-	LinkedinClientSecret             *string  `json:"LINKEDIN_CLIENT_SECRET"`
-	AppleClientID                    *string  `json:"APPLE_CLIENT_ID"`
-	AppleClientSecret                *string  `json:"APPLE_CLIENT_SECRET"`
-	TwitterClientID                  *string  `json:"TWITTER_CLIENT_ID"`
-	TwitterClientSecret              *string  `json:"TWITTER_CLIENT_SECRET"`
-	MicrosoftClientID                *string  `json:"MICROSOFT_CLIENT_ID"`
-	MicrosoftClientSecret            *string  `json:"MICROSOFT_CLIENT_SECRET"`
-	MicrosoftActiveDirectoryTenantID *string  `json:"MICROSOFT_ACTIVE_DIRECTORY_TENANT_ID"`
-	OrganizationName                 *string  `json:"ORGANIZATION_NAME"`
-	OrganizationLogo                 *string  `json:"ORGANIZATION_LOGO"`
+	Roles                            []string `json:"ROLES,omitempty"`
+	ProtectedRoles                   []string `json:"PROTECTED_ROLES,omitempty"`
+	DefaultRoles                     []string `json:"DEFAULT_ROLES,omitempty"`
+	JwtRoleClaim                     *string  `json:"JWT_ROLE_CLAIM,omitempty"`
+	GoogleClientID                   *string  `json:"GOOGLE_CLIENT_ID,omitempty"`
+	GoogleClientSecret               *string  `json:"GOOGLE_CLIENT_SECRET,omitempty"`
+	GithubClientID                   *string  `json:"GITHUB_CLIENT_ID,omitempty"`
+	GithubClientSecret               *string  `json:"GITHUB_CLIENT_SECRET,omitempty"`
+	FacebookClientID                 *string  `json:"FACEBOOK_CLIENT_ID,omitempty"`
+	FacebookClientSecret             *string  `json:"FACEBOOK_CLIENT_SECRET,omitempty"`
+	LinkedinClientID                 *string  `json:"LINKEDIN_CLIENT_ID,omitempty"`
+	LinkedinClientSecret             *string  `json:"LINKEDIN_CLIENT_SECRET,omitempty"`
+	AppleClientID                    *string  `json:"APPLE_CLIENT_ID,omitempty"`
+	AppleClientSecret                *string  `json:"APPLE_CLIENT_SECRET,omitempty"`
+	TwitterClientID                  *string  `json:"TWITTER_CLIENT_ID,omitempty"`
+	TwitterClientSecret              *string  `json:"TWITTER_CLIENT_SECRET,omitempty"`
+	MicrosoftClientID                *string  `json:"MICROSOFT_CLIENT_ID,omitempty"`
+	MicrosoftClientSecret            *string  `json:"MICROSOFT_CLIENT_SECRET,omitempty"`
+	MicrosoftActiveDirectoryTenantID *string  `json:"MICROSOFT_ACTIVE_DIRECTORY_TENANT_ID,omitempty"`
+	OrganizationName                 *string  `json:"ORGANIZATION_NAME,omitempty"`
+	OrganizationLogo                 *string  `json:"ORGANIZATION_LOGO,omitempty"`
 	AppCookieSecure                  bool     `json:"APP_COOKIE_SECURE"`
 	AdminCookieSecure                bool     `json:"ADMIN_COOKIE_SECURE"`
-	DefaultAuthorizeResponseType     *string  `json:"DEFAULT_AUTHORIZE_RESPONSE_TYPE"`
-	DefaultAuthorizeResponseMode     *string  `json:"DEFAULT_AUTHORIZE_RESPONSE_MODE"`
+	DefaultAuthorizeResponseType     *string  `json:"DEFAULT_AUTHORIZE_RESPONSE_TYPE,omitempty"`
+	DefaultAuthorizeResponseMode     *string  `json:"DEFAULT_AUTHORIZE_RESPONSE_MODE,omitempty"`
+	DisablePlayground                bool     `json:"DISABLE_PLAYGROUND"`
 }
 
 type Error struct {
@@ -130,8 +131,8 @@ type Error struct {
 
 type ForgotPasswordInput struct {
 	Email       string  `json:"email"`
-	State       *string `json:"state"`
-	RedirectURI *string `json:"redirect_uri"`
+	State       *string `json:"state,omitempty"`
+	RedirectURI *string `json:"redirect_uri,omitempty"`
 }
 
 type GenerateJWTKeysInput struct {
@@ -139,19 +140,19 @@ type GenerateJWTKeysInput struct {
 }
 
 type GenerateJWTKeysResponse struct {
-	Secret     *string `json:"secret"`
-	PublicKey  *string `json:"public_key"`
-	PrivateKey *string `json:"private_key"`
+	Secret     *string `json:"secret,omitempty"`
+	PublicKey  *string `json:"public_key,omitempty"`
+	PrivateKey *string `json:"private_key,omitempty"`
 }
 
 type GetUserRequest struct {
-	ID    *string `json:"id"`
-	Email *string `json:"email"`
+	ID    *string `json:"id,omitempty"`
+	Email *string `json:"email,omitempty"`
 }
 
 type InviteMemberInput struct {
 	Emails      []string `json:"emails"`
-	RedirectURI *string  `json:"redirect_uri"`
+	RedirectURI *string  `json:"redirect_uri,omitempty"`
 }
 
 type InviteMembersResponse struct {
@@ -160,24 +161,24 @@ type InviteMembersResponse struct {
 }
 
 type ListWebhookLogRequest struct {
-	Pagination *PaginationInput `json:"pagination"`
-	WebhookID  *string          `json:"webhook_id"`
+	Pagination *PaginationInput `json:"pagination,omitempty"`
+	WebhookID  *string          `json:"webhook_id,omitempty"`
 }
 
 type LoginInput struct {
 	Email    string   `json:"email"`
 	Password string   `json:"password"`
-	Roles    []string `json:"roles"`
-	Scope    []string `json:"scope"`
-	State    *string  `json:"state"`
+	Roles    []string `json:"roles,omitempty"`
+	Scope    []string `json:"scope,omitempty"`
+	State    *string  `json:"state,omitempty"`
 }
 
 type MagicLinkLoginInput struct {
 	Email       string   `json:"email"`
-	Roles       []string `json:"roles"`
-	Scope       []string `json:"scope"`
-	State       *string  `json:"state"`
-	RedirectURI *string  `json:"redirect_uri"`
+	Roles       []string `json:"roles,omitempty"`
+	Scope       []string `json:"scope,omitempty"`
+	State       *string  `json:"state,omitempty"`
+	RedirectURI *string  `json:"redirect_uri,omitempty"`
 }
 
 type Meta struct {
@@ -201,28 +202,29 @@ type Meta struct {
 type MobileLoginInput struct {
 	PhoneNumber string   `json:"phone_number"`
 	Password    string   `json:"password"`
-	Roles       []string `json:"roles"`
-	Scope       []string `json:"scope"`
-	State       *string  `json:"state"`
+	Roles       []string `json:"roles,omitempty"`
+	Scope       []string `json:"scope,omitempty"`
+	State       *string  `json:"state,omitempty"`
 }
 
 type MobileSignUpInput struct {
-	Email                    *string  `json:"email"`
-	GivenName                *string  `json:"given_name"`
-	FamilyName               *string  `json:"family_name"`
-	MiddleName               *string  `json:"middle_name"`
-	Nickname                 *string  `json:"nickname"`
-	Gender                   *string  `json:"gender"`
-	Birthdate                *string  `json:"birthdate"`
-	PhoneNumber              string   `json:"phone_number"`
-	Picture                  *string  `json:"picture"`
-	Password                 string   `json:"password"`
-	ConfirmPassword          string   `json:"confirm_password"`
-	Roles                    []string `json:"roles"`
-	Scope                    []string `json:"scope"`
-	RedirectURI              *string  `json:"redirect_uri"`
-	IsMultiFactorAuthEnabled *bool    `json:"is_multi_factor_auth_enabled"`
-	State                    *string  `json:"state"`
+	Email                    *string                `json:"email,omitempty"`
+	GivenName                *string                `json:"given_name,omitempty"`
+	FamilyName               *string                `json:"family_name,omitempty"`
+	MiddleName               *string                `json:"middle_name,omitempty"`
+	Nickname                 *string                `json:"nickname,omitempty"`
+	Gender                   *string                `json:"gender,omitempty"`
+	Birthdate                *string                `json:"birthdate,omitempty"`
+	PhoneNumber              string                 `json:"phone_number"`
+	Picture                  *string                `json:"picture,omitempty"`
+	Password                 string                 `json:"password"`
+	ConfirmPassword          string                 `json:"confirm_password"`
+	Roles                    []string               `json:"roles,omitempty"`
+	Scope                    []string               `json:"scope,omitempty"`
+	RedirectURI              *string                `json:"redirect_uri,omitempty"`
+	IsMultiFactorAuthEnabled *bool                  `json:"is_multi_factor_auth_enabled,omitempty"`
+	State                    *string                `json:"state,omitempty"`
+	AppData                  map[string]interface{} `json:"app_data,omitempty"`
 }
 
 type OAuthRevokeInput struct {
@@ -230,7 +232,7 @@ type OAuthRevokeInput struct {
 }
 
 type PaginatedInput struct {
-	Pagination *PaginationInput `json:"pagination"`
+	Pagination *PaginationInput `json:"pagination,omitempty"`
 }
 
 type Pagination struct {
@@ -241,20 +243,20 @@ type Pagination struct {
 }
 
 type PaginationInput struct {
-	Limit *int64 `json:"limit"`
-	Page  *int64 `json:"page"`
+	Limit *int64 `json:"limit,omitempty"`
+	Page  *int64 `json:"page,omitempty"`
 }
 
 type ResendOTPRequest struct {
-	Email       *string `json:"email"`
-	PhoneNumber *string `json:"phone_number"`
-	State       *string `json:"state"`
+	Email       *string `json:"email,omitempty"`
+	PhoneNumber *string `json:"phone_number,omitempty"`
+	State       *string `json:"state,omitempty"`
 }
 
 type ResendVerifyEmailInput struct {
 	Email      string  `json:"email"`
 	Identifier string  `json:"identifier"`
-	State      *string `json:"state"`
+	State      *string `json:"state,omitempty"`
 }
 
 type ResetPasswordInput struct {
@@ -273,43 +275,44 @@ type SMSVerificationRequests struct {
 	CodeExpiresAt int64  `json:"code_expires_at"`
 	PhoneNumber   string `json:"phone_number"`
 	CreatedAt     int64  `json:"created_at"`
-	UpdatedAt     *int64 `json:"updated_at"`
+	UpdatedAt     *int64 `json:"updated_at,omitempty"`
 }
 
 type SessionQueryInput struct {
-	Roles []string `json:"roles"`
-	Scope []string `json:"scope"`
+	Roles []string `json:"roles,omitempty"`
+	Scope []string `json:"scope,omitempty"`
 }
 
 type SignUpInput struct {
-	Email                    string   `json:"email"`
-	GivenName                *string  `json:"given_name"`
-	FamilyName               *string  `json:"family_name"`
-	MiddleName               *string  `json:"middle_name"`
-	Nickname                 *string  `json:"nickname"`
-	Gender                   *string  `json:"gender"`
-	Birthdate                *string  `json:"birthdate"`
-	PhoneNumber              *string  `json:"phone_number"`
-	Picture                  *string  `json:"picture"`
-	Password                 string   `json:"password"`
-	ConfirmPassword          string   `json:"confirm_password"`
-	Roles                    []string `json:"roles"`
-	Scope                    []string `json:"scope"`
-	RedirectURI              *string  `json:"redirect_uri"`
-	IsMultiFactorAuthEnabled *bool    `json:"is_multi_factor_auth_enabled"`
-	State                    *string  `json:"state"`
+	Email                    string                 `json:"email"`
+	GivenName                *string                `json:"given_name,omitempty"`
+	FamilyName               *string                `json:"family_name,omitempty"`
+	MiddleName               *string                `json:"middle_name,omitempty"`
+	Nickname                 *string                `json:"nickname,omitempty"`
+	Gender                   *string                `json:"gender,omitempty"`
+	Birthdate                *string                `json:"birthdate,omitempty"`
+	PhoneNumber              *string                `json:"phone_number,omitempty"`
+	Picture                  *string                `json:"picture,omitempty"`
+	Password                 string                 `json:"password"`
+	ConfirmPassword          string                 `json:"confirm_password"`
+	Roles                    []string               `json:"roles,omitempty"`
+	Scope                    []string               `json:"scope,omitempty"`
+	RedirectURI              *string                `json:"redirect_uri,omitempty"`
+	IsMultiFactorAuthEnabled *bool                  `json:"is_multi_factor_auth_enabled,omitempty"`
+	State                    *string                `json:"state,omitempty"`
+	AppData                  map[string]interface{} `json:"app_data,omitempty"`
 }
 
 type TestEndpointRequest struct {
 	Endpoint         string                 `json:"endpoint"`
 	EventName        string                 `json:"event_name"`
-	EventDescription *string                `json:"event_description"`
-	Headers          map[string]interface{} `json:"headers"`
+	EventDescription *string                `json:"event_description,omitempty"`
+	Headers          map[string]interface{} `json:"headers,omitempty"`
 }
 
 type TestEndpointResponse struct {
-	HTTPStatus *int64  `json:"http_status"`
-	Response   *string `json:"response"`
+	HTTPStatus *int64  `json:"http_status,omitempty"`
+	Response   *string `json:"response,omitempty"`
 }
 
 type UpdateAccessInput struct {
@@ -318,128 +321,132 @@ type UpdateAccessInput struct {
 
 type UpdateEmailTemplateRequest struct {
 	ID        string  `json:"id"`
-	EventName *string `json:"event_name"`
-	Template  *string `json:"template"`
-	Subject   *string `json:"subject"`
-	Design    *string `json:"design"`
+	EventName *string `json:"event_name,omitempty"`
+	Template  *string `json:"template,omitempty"`
+	Subject   *string `json:"subject,omitempty"`
+	Design    *string `json:"design,omitempty"`
 }
 
 type UpdateEnvInput struct {
-	AccessTokenExpiryTime            *string  `json:"ACCESS_TOKEN_EXPIRY_TIME"`
-	AdminSecret                      *string  `json:"ADMIN_SECRET"`
-	CustomAccessTokenScript          *string  `json:"CUSTOM_ACCESS_TOKEN_SCRIPT"`
-	OldAdminSecret                   *string  `json:"OLD_ADMIN_SECRET"`
-	SMTPHost                         *string  `json:"SMTP_HOST"`
-	SMTPPort                         *string  `json:"SMTP_PORT"`
-	SMTPUsername                     *string  `json:"SMTP_USERNAME"`
-	SMTPPassword                     *string  `json:"SMTP_PASSWORD"`
-	SMTPLocalName                    *string  `json:"SMTP_LOCAL_NAME"`
-	SenderEmail                      *string  `json:"SENDER_EMAIL"`
-	SenderName                       *string  `json:"SENDER_NAME"`
-	JwtType                          *string  `json:"JWT_TYPE"`
-	JwtSecret                        *string  `json:"JWT_SECRET"`
-	JwtPrivateKey                    *string  `json:"JWT_PRIVATE_KEY"`
-	JwtPublicKey                     *string  `json:"JWT_PUBLIC_KEY"`
-	AllowedOrigins                   []string `json:"ALLOWED_ORIGINS"`
-	AppURL                           *string  `json:"APP_URL"`
-	ResetPasswordURL                 *string  `json:"RESET_PASSWORD_URL"`
-	AppCookieSecure                  *bool    `json:"APP_COOKIE_SECURE"`
-	AdminCookieSecure                *bool    `json:"ADMIN_COOKIE_SECURE"`
-	DisableEmailVerification         *bool    `json:"DISABLE_EMAIL_VERIFICATION"`
-	DisableBasicAuthentication       *bool    `json:"DISABLE_BASIC_AUTHENTICATION"`
-	DisableMagicLinkLogin            *bool    `json:"DISABLE_MAGIC_LINK_LOGIN"`
-	DisableLoginPage                 *bool    `json:"DISABLE_LOGIN_PAGE"`
-	DisableSignUp                    *bool    `json:"DISABLE_SIGN_UP"`
-	DisableRedisForEnv               *bool    `json:"DISABLE_REDIS_FOR_ENV"`
-	DisableStrongPassword            *bool    `json:"DISABLE_STRONG_PASSWORD"`
-	DisableMultiFactorAuthentication *bool    `json:"DISABLE_MULTI_FACTOR_AUTHENTICATION"`
-	EnforceMultiFactorAuthentication *bool    `json:"ENFORCE_MULTI_FACTOR_AUTHENTICATION"`
-	Roles                            []string `json:"ROLES"`
-	ProtectedRoles                   []string `json:"PROTECTED_ROLES"`
-	DefaultRoles                     []string `json:"DEFAULT_ROLES"`
-	JwtRoleClaim                     *string  `json:"JWT_ROLE_CLAIM"`
-	GoogleClientID                   *string  `json:"GOOGLE_CLIENT_ID"`
-	GoogleClientSecret               *string  `json:"GOOGLE_CLIENT_SECRET"`
-	GithubClientID                   *string  `json:"GITHUB_CLIENT_ID"`
-	GithubClientSecret               *string  `json:"GITHUB_CLIENT_SECRET"`
-	FacebookClientID                 *string  `json:"FACEBOOK_CLIENT_ID"`
-	FacebookClientSecret             *string  `json:"FACEBOOK_CLIENT_SECRET"`
-	LinkedinClientID                 *string  `json:"LINKEDIN_CLIENT_ID"`
-	LinkedinClientSecret             *string  `json:"LINKEDIN_CLIENT_SECRET"`
-	AppleClientID                    *string  `json:"APPLE_CLIENT_ID"`
-	AppleClientSecret                *string  `json:"APPLE_CLIENT_SECRET"`
-	TwitterClientID                  *string  `json:"TWITTER_CLIENT_ID"`
-	TwitterClientSecret              *string  `json:"TWITTER_CLIENT_SECRET"`
-	MicrosoftClientID                *string  `json:"MICROSOFT_CLIENT_ID"`
-	MicrosoftClientSecret            *string  `json:"MICROSOFT_CLIENT_SECRET"`
-	MicrosoftActiveDirectoryTenantID *string  `json:"MICROSOFT_ACTIVE_DIRECTORY_TENANT_ID"`
-	OrganizationName                 *string  `json:"ORGANIZATION_NAME"`
-	OrganizationLogo                 *string  `json:"ORGANIZATION_LOGO"`
-	DefaultAuthorizeResponseType     *string  `json:"DEFAULT_AUTHORIZE_RESPONSE_TYPE"`
-	DefaultAuthorizeResponseMode     *string  `json:"DEFAULT_AUTHORIZE_RESPONSE_MODE"`
+	AccessTokenExpiryTime            *string  `json:"ACCESS_TOKEN_EXPIRY_TIME,omitempty"`
+	AdminSecret                      *string  `json:"ADMIN_SECRET,omitempty"`
+	CustomAccessTokenScript          *string  `json:"CUSTOM_ACCESS_TOKEN_SCRIPT,omitempty"`
+	OldAdminSecret                   *string  `json:"OLD_ADMIN_SECRET,omitempty"`
+	SMTPHost                         *string  `json:"SMTP_HOST,omitempty"`
+	SMTPPort                         *string  `json:"SMTP_PORT,omitempty"`
+	SMTPUsername                     *string  `json:"SMTP_USERNAME,omitempty"`
+	SMTPPassword                     *string  `json:"SMTP_PASSWORD,omitempty"`
+	SMTPLocalName                    *string  `json:"SMTP_LOCAL_NAME,omitempty"`
+	SenderEmail                      *string  `json:"SENDER_EMAIL,omitempty"`
+	SenderName                       *string  `json:"SENDER_NAME,omitempty"`
+	JwtType                          *string  `json:"JWT_TYPE,omitempty"`
+	JwtSecret                        *string  `json:"JWT_SECRET,omitempty"`
+	JwtPrivateKey                    *string  `json:"JWT_PRIVATE_KEY,omitempty"`
+	JwtPublicKey                     *string  `json:"JWT_PUBLIC_KEY,omitempty"`
+	AllowedOrigins                   []string `json:"ALLOWED_ORIGINS,omitempty"`
+	AppURL                           *string  `json:"APP_URL,omitempty"`
+	ResetPasswordURL                 *string  `json:"RESET_PASSWORD_URL,omitempty"`
+	AppCookieSecure                  *bool    `json:"APP_COOKIE_SECURE,omitempty"`
+	AdminCookieSecure                *bool    `json:"ADMIN_COOKIE_SECURE,omitempty"`
+	DisableEmailVerification         *bool    `json:"DISABLE_EMAIL_VERIFICATION,omitempty"`
+	DisableBasicAuthentication       *bool    `json:"DISABLE_BASIC_AUTHENTICATION,omitempty"`
+	DisableMagicLinkLogin            *bool    `json:"DISABLE_MAGIC_LINK_LOGIN,omitempty"`
+	DisableLoginPage                 *bool    `json:"DISABLE_LOGIN_PAGE,omitempty"`
+	DisableSignUp                    *bool    `json:"DISABLE_SIGN_UP,omitempty"`
+	DisableRedisForEnv               *bool    `json:"DISABLE_REDIS_FOR_ENV,omitempty"`
+	DisableStrongPassword            *bool    `json:"DISABLE_STRONG_PASSWORD,omitempty"`
+	DisableMultiFactorAuthentication *bool    `json:"DISABLE_MULTI_FACTOR_AUTHENTICATION,omitempty"`
+	EnforceMultiFactorAuthentication *bool    `json:"ENFORCE_MULTI_FACTOR_AUTHENTICATION,omitempty"`
+	Roles                            []string `json:"ROLES,omitempty"`
+	ProtectedRoles                   []string `json:"PROTECTED_ROLES,omitempty"`
+	DefaultRoles                     []string `json:"DEFAULT_ROLES,omitempty"`
+	JwtRoleClaim                     *string  `json:"JWT_ROLE_CLAIM,omitempty"`
+	GoogleClientID                   *string  `json:"GOOGLE_CLIENT_ID,omitempty"`
+	GoogleClientSecret               *string  `json:"GOOGLE_CLIENT_SECRET,omitempty"`
+	GithubClientID                   *string  `json:"GITHUB_CLIENT_ID,omitempty"`
+	GithubClientSecret               *string  `json:"GITHUB_CLIENT_SECRET,omitempty"`
+	FacebookClientID                 *string  `json:"FACEBOOK_CLIENT_ID,omitempty"`
+	FacebookClientSecret             *string  `json:"FACEBOOK_CLIENT_SECRET,omitempty"`
+	LinkedinClientID                 *string  `json:"LINKEDIN_CLIENT_ID,omitempty"`
+	LinkedinClientSecret             *string  `json:"LINKEDIN_CLIENT_SECRET,omitempty"`
+	AppleClientID                    *string  `json:"APPLE_CLIENT_ID,omitempty"`
+	AppleClientSecret                *string  `json:"APPLE_CLIENT_SECRET,omitempty"`
+	TwitterClientID                  *string  `json:"TWITTER_CLIENT_ID,omitempty"`
+	TwitterClientSecret              *string  `json:"TWITTER_CLIENT_SECRET,omitempty"`
+	MicrosoftClientID                *string  `json:"MICROSOFT_CLIENT_ID,omitempty"`
+	MicrosoftClientSecret            *string  `json:"MICROSOFT_CLIENT_SECRET,omitempty"`
+	MicrosoftActiveDirectoryTenantID *string  `json:"MICROSOFT_ACTIVE_DIRECTORY_TENANT_ID,omitempty"`
+	OrganizationName                 *string  `json:"ORGANIZATION_NAME,omitempty"`
+	OrganizationLogo                 *string  `json:"ORGANIZATION_LOGO,omitempty"`
+	DefaultAuthorizeResponseType     *string  `json:"DEFAULT_AUTHORIZE_RESPONSE_TYPE,omitempty"`
+	DefaultAuthorizeResponseMode     *string  `json:"DEFAULT_AUTHORIZE_RESPONSE_MODE,omitempty"`
+	DisablePlayground                *bool    `json:"DISABLE_PLAYGROUND,omitempty"`
 }
 
 type UpdateProfileInput struct {
-	OldPassword              *string `json:"old_password"`
-	NewPassword              *string `json:"new_password"`
-	ConfirmNewPassword       *string `json:"confirm_new_password"`
-	Email                    *string `json:"email"`
-	GivenName                *string `json:"given_name"`
-	FamilyName               *string `json:"family_name"`
-	MiddleName               *string `json:"middle_name"`
-	Nickname                 *string `json:"nickname"`
-	Gender                   *string `json:"gender"`
-	Birthdate                *string `json:"birthdate"`
-	PhoneNumber              *string `json:"phone_number"`
-	Picture                  *string `json:"picture"`
-	IsMultiFactorAuthEnabled *bool   `json:"is_multi_factor_auth_enabled"`
+	OldPassword              *string                `json:"old_password,omitempty"`
+	NewPassword              *string                `json:"new_password,omitempty"`
+	ConfirmNewPassword       *string                `json:"confirm_new_password,omitempty"`
+	Email                    *string                `json:"email,omitempty"`
+	GivenName                *string                `json:"given_name,omitempty"`
+	FamilyName               *string                `json:"family_name,omitempty"`
+	MiddleName               *string                `json:"middle_name,omitempty"`
+	Nickname                 *string                `json:"nickname,omitempty"`
+	Gender                   *string                `json:"gender,omitempty"`
+	Birthdate                *string                `json:"birthdate,omitempty"`
+	PhoneNumber              *string                `json:"phone_number,omitempty"`
+	Picture                  *string                `json:"picture,omitempty"`
+	IsMultiFactorAuthEnabled *bool                  `json:"is_multi_factor_auth_enabled,omitempty"`
+	AppData                  map[string]interface{} `json:"app_data,omitempty"`
 }
 
 type UpdateUserInput struct {
-	ID                       string    `json:"id"`
-	Email                    *string   `json:"email"`
-	EmailVerified            *bool     `json:"email_verified"`
-	GivenName                *string   `json:"given_name"`
-	FamilyName               *string   `json:"family_name"`
-	MiddleName               *string   `json:"middle_name"`
-	Nickname                 *string   `json:"nickname"`
-	Gender                   *string   `json:"gender"`
-	Birthdate                *string   `json:"birthdate"`
-	PhoneNumber              *string   `json:"phone_number"`
-	Picture                  *string   `json:"picture"`
-	Roles                    []*string `json:"roles"`
-	IsMultiFactorAuthEnabled *bool     `json:"is_multi_factor_auth_enabled"`
+	ID                       string                 `json:"id"`
+	Email                    *string                `json:"email,omitempty"`
+	EmailVerified            *bool                  `json:"email_verified,omitempty"`
+	GivenName                *string                `json:"given_name,omitempty"`
+	FamilyName               *string                `json:"family_name,omitempty"`
+	MiddleName               *string                `json:"middle_name,omitempty"`
+	Nickname                 *string                `json:"nickname,omitempty"`
+	Gender                   *string                `json:"gender,omitempty"`
+	Birthdate                *string                `json:"birthdate,omitempty"`
+	PhoneNumber              *string                `json:"phone_number,omitempty"`
+	Picture                  *string                `json:"picture,omitempty"`
+	Roles                    []*string              `json:"roles,omitempty"`
+	IsMultiFactorAuthEnabled *bool                  `json:"is_multi_factor_auth_enabled,omitempty"`
+	AppData                  map[string]interface{} `json:"app_data,omitempty"`
 }
 
 type UpdateWebhookRequest struct {
 	ID               string                 `json:"id"`
-	EventName        *string                `json:"event_name"`
-	EventDescription *string                `json:"event_description"`
-	Endpoint         *string                `json:"endpoint"`
-	Enabled          *bool                  `json:"enabled"`
-	Headers          map[string]interface{} `json:"headers"`
+	EventName        *string                `json:"event_name,omitempty"`
+	EventDescription *string                `json:"event_description,omitempty"`
+	Endpoint         *string                `json:"endpoint,omitempty"`
+	Enabled          *bool                  `json:"enabled,omitempty"`
+	Headers          map[string]interface{} `json:"headers,omitempty"`
 }
 
 type User struct {
-	ID                       string   `json:"id"`
-	Email                    string   `json:"email"`
-	EmailVerified            bool     `json:"email_verified"`
-	SignupMethods            string   `json:"signup_methods"`
-	GivenName                *string  `json:"given_name"`
-	FamilyName               *string  `json:"family_name"`
-	MiddleName               *string  `json:"middle_name"`
-	Nickname                 *string  `json:"nickname"`
-	PreferredUsername        *string  `json:"preferred_username"`
-	Gender                   *string  `json:"gender"`
-	Birthdate                *string  `json:"birthdate"`
-	PhoneNumber              *string  `json:"phone_number"`
-	PhoneNumberVerified      *bool    `json:"phone_number_verified"`
-	Picture                  *string  `json:"picture"`
-	Roles                    []string `json:"roles"`
-	CreatedAt                *int64   `json:"created_at"`
-	UpdatedAt                *int64   `json:"updated_at"`
-	RevokedTimestamp         *int64   `json:"revoked_timestamp"`
-	IsMultiFactorAuthEnabled *bool    `json:"is_multi_factor_auth_enabled"`
+	ID                       string                 `json:"id"`
+	Email                    string                 `json:"email"`
+	EmailVerified            bool                   `json:"email_verified"`
+	SignupMethods            string                 `json:"signup_methods"`
+	GivenName                *string                `json:"given_name,omitempty"`
+	FamilyName               *string                `json:"family_name,omitempty"`
+	MiddleName               *string                `json:"middle_name,omitempty"`
+	Nickname                 *string                `json:"nickname,omitempty"`
+	PreferredUsername        *string                `json:"preferred_username,omitempty"`
+	Gender                   *string                `json:"gender,omitempty"`
+	Birthdate                *string                `json:"birthdate,omitempty"`
+	PhoneNumber              *string                `json:"phone_number,omitempty"`
+	PhoneNumberVerified      *bool                  `json:"phone_number_verified,omitempty"`
+	Picture                  *string                `json:"picture,omitempty"`
+	Roles                    []string               `json:"roles"`
+	CreatedAt                *int64                 `json:"created_at,omitempty"`
+	UpdatedAt                *int64                 `json:"updated_at,omitempty"`
+	RevokedTimestamp         *int64                 `json:"revoked_timestamp,omitempty"`
+	IsMultiFactorAuthEnabled *bool                  `json:"is_multi_factor_auth_enabled,omitempty"`
+	AppData                  map[string]interface{} `json:"app_data,omitempty"`
 }
 
 type Users struct {
@@ -450,33 +457,34 @@ type Users struct {
 type ValidateJWTTokenInput struct {
 	TokenType string   `json:"token_type"`
 	Token     string   `json:"token"`
-	Roles     []string `json:"roles"`
+	Roles     []string `json:"roles,omitempty"`
 }
 
 type ValidateJWTTokenResponse struct {
 	IsValid bool                   `json:"is_valid"`
-	Claims  map[string]interface{} `json:"claims"`
+	Claims  map[string]interface{} `json:"claims,omitempty"`
 }
 
 type ValidateSessionInput struct {
 	Cookie string   `json:"cookie"`
-	Roles  []string `json:"roles"`
+	Roles  []string `json:"roles,omitempty"`
 }
 
 type ValidateSessionResponse struct {
-	IsValid bool `json:"is_valid"`
+	IsValid bool  `json:"is_valid"`
+	User    *User `json:"user"`
 }
 
 type VerificationRequest struct {
 	ID          string  `json:"id"`
-	Identifier  *string `json:"identifier"`
-	Token       *string `json:"token"`
-	Email       *string `json:"email"`
-	Expires     *int64  `json:"expires"`
-	CreatedAt   *int64  `json:"created_at"`
-	UpdatedAt   *int64  `json:"updated_at"`
-	Nonce       *string `json:"nonce"`
-	RedirectURI *string `json:"redirect_uri"`
+	Identifier  *string `json:"identifier,omitempty"`
+	Token       *string `json:"token,omitempty"`
+	Email       *string `json:"email,omitempty"`
+	Expires     *int64  `json:"expires,omitempty"`
+	CreatedAt   *int64  `json:"created_at,omitempty"`
+	UpdatedAt   *int64  `json:"updated_at,omitempty"`
+	Nonce       *string `json:"nonce,omitempty"`
+	RedirectURI *string `json:"redirect_uri,omitempty"`
 }
 
 type VerificationRequests struct {
@@ -486,35 +494,35 @@ type VerificationRequests struct {
 
 type VerifyEmailInput struct {
 	Token string  `json:"token"`
-	State *string `json:"state"`
+	State *string `json:"state,omitempty"`
 }
 
 type VerifyOTPRequest struct {
-	Email       *string `json:"email"`
-	PhoneNumber *string `json:"phone_number"`
+	Email       *string `json:"email,omitempty"`
+	PhoneNumber *string `json:"phone_number,omitempty"`
 	Otp         string  `json:"otp"`
-	State       *string `json:"state"`
+	State       *string `json:"state,omitempty"`
 }
 
 type Webhook struct {
 	ID               string                 `json:"id"`
-	EventName        *string                `json:"event_name"`
-	EventDescription *string                `json:"event_description"`
-	Endpoint         *string                `json:"endpoint"`
-	Enabled          *bool                  `json:"enabled"`
-	Headers          map[string]interface{} `json:"headers"`
-	CreatedAt        *int64                 `json:"created_at"`
-	UpdatedAt        *int64                 `json:"updated_at"`
+	EventName        *string                `json:"event_name,omitempty"`
+	EventDescription *string                `json:"event_description,omitempty"`
+	Endpoint         *string                `json:"endpoint,omitempty"`
+	Enabled          *bool                  `json:"enabled,omitempty"`
+	Headers          map[string]interface{} `json:"headers,omitempty"`
+	CreatedAt        *int64                 `json:"created_at,omitempty"`
+	UpdatedAt        *int64                 `json:"updated_at,omitempty"`
 }
 
 type WebhookLog struct {
 	ID         string  `json:"id"`
-	HTTPStatus *int64  `json:"http_status"`
-	Response   *string `json:"response"`
-	Request    *string `json:"request"`
-	WebhookID  *string `json:"webhook_id"`
-	CreatedAt  *int64  `json:"created_at"`
-	UpdatedAt  *int64  `json:"updated_at"`
+	HTTPStatus *int64  `json:"http_status,omitempty"`
+	Response   *string `json:"response,omitempty"`
+	Request    *string `json:"request,omitempty"`
+	WebhookID  *string `json:"webhook_id,omitempty"`
+	CreatedAt  *int64  `json:"created_at,omitempty"`
+	UpdatedAt  *int64  `json:"updated_at,omitempty"`
 }
 
 type WebhookLogs struct {

server/graph/schema.graphqls

@@ -51,6 +51,7 @@ type User {
   updated_at: Int64
   revoked_timestamp: Int64
   is_multi_factor_auth_enabled: Boolean
+  app_data: Map
 }
 
 type Users {
@@ -171,6 +172,7 @@ type Env {
   ADMIN_COOKIE_SECURE: Boolean!
   DEFAULT_AUTHORIZE_RESPONSE_TYPE: String
   DEFAULT_AUTHORIZE_RESPONSE_MODE: String
+  DISABLE_PLAYGROUND: Boolean!
 }
 
 type ValidateJWTTokenResponse {
@@ -180,6 +182,7 @@ type ValidateJWTTokenResponse {
 
 type ValidateSessionResponse {
   is_valid: Boolean!
+  user: User!
 }
 
 type GenerateJWTKeysResponse {
@@ -292,6 +295,7 @@ input UpdateEnvInput {
   ORGANIZATION_LOGO: String
   DEFAULT_AUTHORIZE_RESPONSE_TYPE: String
   DEFAULT_AUTHORIZE_RESPONSE_MODE: String
+  DISABLE_PLAYGROUND: Boolean
 }
 
 input AdminLoginInput {
@@ -322,6 +326,7 @@ input MobileSignUpInput {
   # it is used to get code for an on-going auth process during login
   # and use that code for setting `c_hash` in id_token
   state: String
+  app_data: Map
 }
 
 input SignUpInput {
@@ -344,6 +349,7 @@ input SignUpInput {
   # it is used to get code for an on-going auth process during login
   # and use that code for setting `c_hash` in id_token
   state: String
+  app_data: Map
 }
 
 input LoginInput {
@@ -399,6 +405,7 @@ input UpdateProfileInput {
   phone_number: String
   picture: String
   is_multi_factor_auth_enabled: Boolean
+  app_data: Map
 }
 
 input UpdateUserInput {
@@ -415,6 +422,7 @@ input UpdateUserInput {
   picture: String
   roles: [String]
   is_multi_factor_auth_enabled: Boolean
+  app_data: Map
 }
 
 input ForgotPasswordInput {
@@ -579,6 +587,7 @@ type Mutation {
   revoke(params: OAuthRevokeInput!): Response!
   verify_otp(params: VerifyOTPRequest!): AuthResponse!
   resend_otp(params: ResendOTPRequest!): Response!
+  deactivate_account: Response!
   # admin only apis
   _delete_user(params: DeleteUserInput!): Response!
   _update_user(params: UpdateUserInput!): User!

server/graph/schema.resolvers.go

@@ -2,6 +2,7 @@ package graph
 
 // This file will be automatically regenerated based on the schema, any resolver implementations
 // will be copied through when generating and any unknown code will be moved to the end.
+// Code generated by github.com/99designs/gqlgen version v0.17.39
 
 import (
 	"context"
@@ -81,6 +82,11 @@ func (r *mutationResolver) ResendOtp(ctx context.Context, params model.ResendOTP
 	return resolvers.ResendOTPResolver(ctx, params)
 }
 
+// DeactivateAccount is the resolver for the deactivate_account field.
+func (r *mutationResolver) DeactivateAccount(ctx context.Context) (*model.Response, error) {
+	return resolvers.DeactivateAccountResolver(ctx)
+}
+
 // DeleteUser is the resolver for the _delete_user field.
 func (r *mutationResolver) DeleteUser(ctx context.Context, params model.DeleteUserInput) (*model.Response, error) {
 	return resolvers.DeleteUserResolver(ctx, params)

server/handlers/oauth_callback.go

@@ -32,11 +32,11 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 	return func(ctx *gin.Context) {
 		provider := ctx.Param("oauth_provider")
 		state := ctx.Request.FormValue("state")
-
 		sessionState, err := memorystore.Provider.GetState(state)
 		if sessionState == "" || err != nil {
 			log.Debug("Invalid oauth state: ", state)
 			ctx.JSON(400, gin.H{"error": "invalid oauth state"})
+			return
 		}
 		// contains random token, redirect url, role
 		sessionSplit := strings.Split(state, "___")
@@ -46,32 +46,34 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 			ctx.JSON(400, gin.H{"error": "invalid redirect url"})
 			return
 		}
-
 		// remove state from store
 		go memorystore.Provider.RemoveState(state)
-
 		stateValue := sessionSplit[0]
 		redirectURL := sessionSplit[1]
 		inputRoles := strings.Split(sessionSplit[2], ",")
 		scopes := strings.Split(sessionSplit[3], ",")
-
 		var user *models.User
 		oauthCode := ctx.Request.FormValue("code")
+		if oauthCode == "" {
+			log.Debug("Invalid oauth code: ", oauthCode)
+			ctx.JSON(400, gin.H{"error": "invalid oauth code"})
+			return
+		}
 		switch provider {
 		case constants.AuthRecipeMethodGoogle:
-			user, err = processGoogleUserInfo(oauthCode)
+			user, err = processGoogleUserInfo(ctx, oauthCode)
 		case constants.AuthRecipeMethodGithub:
-			user, err = processGithubUserInfo(oauthCode)
+			user, err = processGithubUserInfo(ctx, oauthCode)
 		case constants.AuthRecipeMethodFacebook:
-			user, err = processFacebookUserInfo(oauthCode)
+			user, err = processFacebookUserInfo(ctx, oauthCode)
 		case constants.AuthRecipeMethodLinkedIn:
-			user, err = processLinkedInUserInfo(oauthCode)
+			user, err = processLinkedInUserInfo(ctx, oauthCode)
 		case constants.AuthRecipeMethodApple:
-			user, err = processAppleUserInfo(oauthCode)
+			user, err = processAppleUserInfo(ctx, oauthCode)
 		case constants.AuthRecipeMethodTwitter:
-			user, err = processTwitterUserInfo(oauthCode, sessionState)
+			user, err = processTwitterUserInfo(ctx, oauthCode, sessionState)
 		case constants.AuthRecipeMethodMicrosoft:
-			user, err = processMicrosoftUserInfo(oauthCode)
+			user, err = processMicrosoftUserInfo(ctx, oauthCode)
 		default:
 			log.Info("Invalid oauth provider")
 			err = fmt.Errorf(`invalid oauth provider`)
@@ -260,6 +262,8 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 		go func() {
 			if isSignUp {
 				utils.RegisterEvent(ctx, constants.UserSignUpWebhookEvent, provider, user)
+				// User is also logged in with signup
+				utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, provider, user)
 			} else {
 				utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, provider, user)
 			}
@@ -279,9 +283,8 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 	}
 }
 
-func processGoogleUserInfo(code string) (*models.User, error) {
+func processGoogleUserInfo(ctx context.Context, code string) (*models.User, error) {
 	var user *models.User
-	ctx := context.Background()
 	oauth2Token, err := oauth.OAuthProviders.GoogleConfig.Exchange(ctx, code)
 	if err != nil {
 		log.Debug("Failed to exchange code for token: ", err)
@@ -311,9 +314,9 @@ func processGoogleUserInfo(code string) (*models.User, error) {
 	return user, nil
 }
 
-func processGithubUserInfo(code string) (*models.User, error) {
+func processGithubUserInfo(ctx context.Context, code string) (*models.User, error) {
 	var user *models.User
-	oauth2Token, err := oauth.OAuthProviders.GithubConfig.Exchange(context.TODO(), code)
+	oauth2Token, err := oauth.OAuthProviders.GithubConfig.Exchange(ctx, code)
 	if err != nil {
 		log.Debug("Failed to exchange code for token: ", err)
 		return user, fmt.Errorf("invalid github exchange code: %s", err.Error())
@@ -418,9 +421,9 @@ func processGithubUserInfo(code string) (*models.User, error) {
 	return user, nil
 }
 
-func processFacebookUserInfo(code string) (*models.User, error) {
+func processFacebookUserInfo(ctx context.Context, code string) (*models.User, error) {
 	var user *models.User
-	oauth2Token, err := oauth.OAuthProviders.FacebookConfig.Exchange(context.TODO(), code)
+	oauth2Token, err := oauth.OAuthProviders.FacebookConfig.Exchange(ctx, code)
 	if err != nil {
 		log.Debug("Invalid facebook exchange code: ", err)
 		return user, fmt.Errorf("invalid facebook exchange code: %s", err.Error())
@@ -469,9 +472,9 @@ func processFacebookUserInfo(code string) (*models.User, error) {
 	return user, nil
 }
 
-func processLinkedInUserInfo(code string) (*models.User, error) {
+func processLinkedInUserInfo(ctx context.Context, code string) (*models.User, error) {
 	var user *models.User
-	oauth2Token, err := oauth.OAuthProviders.LinkedInConfig.Exchange(context.TODO(), code)
+	oauth2Token, err := oauth.OAuthProviders.LinkedInConfig.Exchange(ctx, code)
 	if err != nil {
 		log.Debug("Failed to exchange code for token: ", err)
 		return user, fmt.Errorf("invalid linkedin exchange code: %s", err.Error())
@@ -551,9 +554,9 @@ func processLinkedInUserInfo(code string) (*models.User, error) {
 	return user, nil
 }
 
-func processAppleUserInfo(code string) (*models.User, error) {
+func processAppleUserInfo(ctx context.Context, code string) (*models.User, error) {
 	var user *models.User
-	oauth2Token, err := oauth.OAuthProviders.AppleConfig.Exchange(context.TODO(), code)
+	oauth2Token, err := oauth.OAuthProviders.AppleConfig.Exchange(ctx, code)
 	if err != nil {
 		log.Debug("Failed to exchange code for token: ", err)
 		return user, fmt.Errorf("invalid apple exchange code: %s", err.Error())
@@ -604,9 +607,9 @@ func processAppleUserInfo(code string) (*models.User, error) {
 	return user, err
 }
 
-func processTwitterUserInfo(code, verifier string) (*models.User, error) {
+func processTwitterUserInfo(ctx context.Context, code, verifier string) (*models.User, error) {
 	var user *models.User
-	oauth2Token, err := oauth.OAuthProviders.TwitterConfig.Exchange(context.TODO(), code, oauth2.SetAuthURLParam("code_verifier", verifier))
+	oauth2Token, err := oauth.OAuthProviders.TwitterConfig.Exchange(ctx, code, oauth2.SetAuthURLParam("code_verifier", verifier))
 	if err != nil {
 		log.Debug("Failed to exchange code for token: ", err)
 		return user, fmt.Errorf("invalid twitter exchange code: %s", err.Error())
@@ -672,24 +675,24 @@ func processTwitterUserInfo(code, verifier string) (*models.User, error) {
 }
 
 // process microsoft user information
-func processMicrosoftUserInfo(code string) (*models.User, error) {
+func processMicrosoftUserInfo(ctx context.Context, code string) (*models.User, error) {
 	var user *models.User
-	ctx := context.Background()
 	oauth2Token, err := oauth.OAuthProviders.MicrosoftConfig.Exchange(ctx, code)
 	if err != nil {
 		log.Debug("Failed to exchange code for token: ", err)
-		return user, fmt.Errorf("invalid google exchange code: %s", err.Error())
+		return user, fmt.Errorf("invalid microsoft exchange code: %s", err.Error())
 	}
-
-	verifier := oauth.OIDCProviders.MicrosoftOIDC.Verifier(&oidc.Config{ClientID: oauth.OAuthProviders.MicrosoftConfig.ClientID})
-
+	// we need to skip issuer check because for common tenant it will return internal issuer which does not match
+	verifier := oauth.OIDCProviders.MicrosoftOIDC.Verifier(&oidc.Config{
+		ClientID:        oauth.OAuthProviders.MicrosoftConfig.ClientID,
+		SkipIssuerCheck: true,
+	})
 	// Extract the ID Token from OAuth2 token.
 	rawIDToken, ok := oauth2Token.Extra("id_token").(string)
 	if !ok {
 		log.Debug("Failed to extract ID Token from OAuth2 token")
 		return user, fmt.Errorf("unable to extract id_token")
 	}
-
 	// Parse and verify ID Token payload.
 	idToken, err := verifier.Verify(ctx, rawIDToken)
 	if err != nil {

server/handlers/playground.go

@@ -1,15 +1,44 @@
 package handlers
 
 import (
+	"net/http"
+
 	"github.com/99designs/gqlgen/graphql/playground"
 	"github.com/gin-gonic/gin"
+
+	log "github.com/sirupsen/logrus"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/token"
 )
 
 // PlaygroundHandler is the handler for the /playground route
 func PlaygroundHandler() gin.HandlerFunc {
-	h := playground.Handler("GraphQL", "/graphql")
-
 	return func(c *gin.Context) {
+		var h http.HandlerFunc
+
+		disablePlayground, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisablePlayGround)
+		if err != nil {
+			log.Debug("error while getting disable playground value")
+			disablePlayground = false
+		}
+
+		// if env set to false, then check if logged in as super admin, if logged in then return graphql else 401 error
+		// if env set to true, then disabled the playground with 404 error
+		if !disablePlayground {
+			if token.IsSuperAdmin(c) {
+				h = playground.Handler("GraphQL", "/graphql")
+			} else {
+				log.Debug("not logged in as super admin")
+				c.JSON(http.StatusUnauthorized, gin.H{"error": "not logged in as super admin"})
+				return
+			}
+		} else {
+			log.Debug("playground is disabled")
+			c.JSON(http.StatusNotFound, gin.H{"error": "playground is disabled"})
+			return
+		}
 		h.ServeHTTP(c.Writer, c.Request)
 	}
 }

server/handlers/userinfo.go

@@ -21,7 +21,6 @@ func UserInfoHandler() gin.HandlerFunc {
 			})
 			return
 		}
-
 		claims, err := token.ValidateAccessToken(gc, accessToken)
 		if err != nil {
 			log.Debug("Error validating access token: ", err)
@@ -30,7 +29,6 @@ func UserInfoHandler() gin.HandlerFunc {
 			})
 			return
 		}
-
 		userID := claims["sub"].(string)
 		user, err := db.Provider.GetUserByID(gc, userID)
 		if err != nil {

server/handlers/verify_email.go

@@ -175,6 +175,8 @@ func VerifyEmailHandler() gin.HandlerFunc {
 		go func() {
 			if isSignUp {
 				utils.RegisterEvent(c, constants.UserSignUpWebhookEvent, loginMethod, user)
+				// User is also logged in with signup
+				utils.RegisterEvent(c, constants.UserLoginWebhookEvent, loginMethod, user)
 			} else {
 				utils.RegisterEvent(c, constants.UserLoginWebhookEvent, loginMethod, user)
 			}

server/memorystore/memory_store.go

@@ -38,6 +38,7 @@ func InitMemStore() error {
 		constants.EnvKeyDisableMultiFactorAuthentication: false,
 		constants.EnvKeyAppCookieSecure:                  true,
 		constants.EnvKeyAdminCookieSecure:                true,
+		constants.EnvKeyDisablePlayGround:                true,
 	}
 
 	requiredEnvs := RequiredEnvStoreObj.GetRequiredEnv()

server/memorystore/providers/inmemory/provider.go

@@ -7,18 +7,20 @@ import (
 )
 
 type provider struct {
-	mutex        sync.Mutex
-	sessionStore *stores.SessionStore
-	stateStore   *stores.StateStore
-	envStore     *stores.EnvStore
+	mutex           sync.Mutex
+	sessionStore    *stores.SessionStore
+	mfasessionStore *stores.SessionStore
+	stateStore      *stores.StateStore
+	envStore        *stores.EnvStore
 }
 
 // NewInMemoryStore returns a new in-memory store.
 func NewInMemoryProvider() (*provider, error) {
 	return &provider{
-		mutex:        sync.Mutex{},
-		envStore:     stores.NewEnvStore(),
-		sessionStore: stores.NewSessionStore(),
-		stateStore:   stores.NewStateStore(),
+		mutex:           sync.Mutex{},
+		envStore:        stores.NewEnvStore(),
+		sessionStore:    stores.NewSessionStore(),
+		mfasessionStore: stores.NewSessionStore(),
+		stateStore:      stores.NewStateStore(),
 	}, nil
 }

server/memorystore/providers/inmemory/store.go

@@ -42,6 +42,27 @@ func (c *provider) DeleteSessionForNamespace(namespace string) error {
 	return nil
 }
 
+// SetMfaSession sets the mfa session with key and value of userId
+func (c *provider) SetMfaSession(userId, key string, expiration int64) error {
+	c.mfasessionStore.Set(userId, key, userId, expiration)
+	return nil
+}
+
+// GetMfaSession returns value of given mfa session
+func (c *provider) GetMfaSession(userId, key string) (string, error) {
+	val := c.mfasessionStore.Get(userId, key)
+	if val == "" {
+		return "", fmt.Errorf("Not found")
+	}
+	return val, nil
+}
+
+// DeleteMfaSession deletes given mfa session from in-memory store.
+func (c *provider) DeleteMfaSession(userId, key string) error {
+	c.mfasessionStore.Remove(userId, key)
+	return nil
+}
+
 // SetState sets the state in the in-memory store.
 func (c *provider) SetState(key, state string) error {
 	if os.Getenv("ENV") != constants.TestEnv {

server/memorystore/providers/provider_tests.go

@@ -112,4 +112,15 @@ func ProviderTests(t *testing.T, p Provider) {
 	key, err = p.GetUserSession("auth_provider1:124", "access_token_key")
 	assert.Empty(t, key)
 	assert.Error(t, err)
+
+	err = p.SetMfaSession("auth_provider:123", "session123", time.Now().Add(60*time.Second).Unix())
+	assert.NoError(t, err)
+	key, err = p.GetMfaSession("auth_provider:123", "session123")
+	assert.NoError(t, err)
+	assert.Equal(t, "auth_provider:123", key)
+	err = p.DeleteMfaSession("auth_provider:123", "session123")
+	assert.NoError(t, err)
+	key, err = p.GetMfaSession("auth_provider:123", "session123")
+	assert.Error(t, err)
+	assert.Empty(t, key)
 }

server/memorystore/providers/providers.go

@@ -12,6 +12,12 @@ type Provider interface {
 	DeleteAllUserSessions(userId string) error
 	// DeleteSessionForNamespace deletes the session for a given namespace
 	DeleteSessionForNamespace(namespace string) error
+	// SetMfaSession sets the mfa session with key and value of userId
+	SetMfaSession(userId, key string, expiration int64) error
+	// GetMfaSession returns value of given mfa session
+	GetMfaSession(userId, key string) (string, error)
+	// DeleteMfaSession deletes given mfa session from in-memory store.
+	DeleteMfaSession(userId, key string) error
 
 	// SetState sets the login state (key, value form) in the session store
 	SetState(key, state string) error

server/memorystore/providers/redis/store.go

@@ -16,6 +16,8 @@ var (
 	envStorePrefix = "authorizer_env"
 )
 
+const mfaSessionPrefix = "mfa_sess_"
+
 // SetUserSession sets the user session for given user identifier in form recipe:user_id
 func (c *provider) SetUserSession(userId, key, token string, expiration int64) error {
 	currentTime := time.Now()
@@ -91,6 +93,37 @@ func (c *provider) DeleteSessionForNamespace(namespace string) error {
 	return nil
 }
 
+// SetMfaSession sets the mfa session with key and value of userId
+func (c *provider) SetMfaSession(userId, key string, expiration int64) error {
+	currentTime := time.Now()
+	expireTime := time.Unix(expiration, 0)
+	duration := expireTime.Sub(currentTime)
+	err := c.store.Set(c.ctx, fmt.Sprintf("%s%s:%s", mfaSessionPrefix, userId, key), userId, duration).Err()
+	if err != nil {
+		log.Debug("Error saving user session to redis: ", err)
+		return err
+	}
+	return nil
+}
+
+// GetMfaSession returns value of given mfa session
+func (c *provider) GetMfaSession(userId, key string) (string, error) {
+	data, err := c.store.Get(c.ctx, fmt.Sprintf("%s%s:%s", mfaSessionPrefix, userId, key)).Result()
+	if err != nil {
+		return "", err
+	}
+	return data, nil
+}
+
+// DeleteMfaSession deletes given mfa session from in-memory store.
+func (c *provider) DeleteMfaSession(userId, key string) error {
+	if err := c.store.Del(c.ctx, fmt.Sprintf("%s%s:%s", mfaSessionPrefix, userId, key)).Err(); err != nil {
+		log.Debug("Error deleting user session from redis: ", err)
+		// continue
+	}
+	return nil
+}
+
 // SetState sets the state in redis store.
 func (c *provider) SetState(key, value string) error {
 	err := c.store.Set(c.ctx, stateStorePrefix+key, value, 0).Err()
@@ -143,7 +176,7 @@ func (c *provider) GetEnvStore() (map[string]interface{}, error) {
 		return nil, err
 	}
 	for key, value := range data {
-		if key == constants.EnvKeyDisableBasicAuthentication || key == constants.EnvKeyDisableMobileBasicAuthentication || key == constants.EnvKeyDisableEmailVerification || key == constants.EnvKeyDisableLoginPage || key == constants.EnvKeyDisableMagicLinkLogin || key == constants.EnvKeyDisableRedisForEnv || key == constants.EnvKeyDisableSignUp || key == constants.EnvKeyDisableStrongPassword || key == constants.EnvKeyIsEmailServiceEnabled || key == constants.EnvKeyIsSMSServiceEnabled || key == constants.EnvKeyEnforceMultiFactorAuthentication || key == constants.EnvKeyDisableMultiFactorAuthentication || key == constants.EnvKeyAppCookieSecure || key == constants.EnvKeyAdminCookieSecure {
+		if key == constants.EnvKeyDisableBasicAuthentication || key == constants.EnvKeyDisableMobileBasicAuthentication || key == constants.EnvKeyDisableEmailVerification || key == constants.EnvKeyDisableLoginPage || key == constants.EnvKeyDisableMagicLinkLogin || key == constants.EnvKeyDisableRedisForEnv || key == constants.EnvKeyDisableSignUp || key == constants.EnvKeyDisableStrongPassword || key == constants.EnvKeyIsEmailServiceEnabled || key == constants.EnvKeyIsSMSServiceEnabled || key == constants.EnvKeyEnforceMultiFactorAuthentication || key == constants.EnvKeyDisableMultiFactorAuthentication || key == constants.EnvKeyAppCookieSecure || key == constants.EnvKeyAdminCookieSecure  || key == constants.EnvKeyDisablePlayGround {
 			boolValue, err := strconv.ParseBool(value)
 			if err != nil {
 				return res, err

server/oauth/oauth.go

@@ -10,11 +10,16 @@ import (
 	githubOAuth2 "golang.org/x/oauth2/github"
 	linkedInOAuth2 "golang.org/x/oauth2/linkedin"
 	microsoftOAuth2 "golang.org/x/oauth2/microsoft"
+	"google.golang.org/appengine/log"
 
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/memorystore"
 )
 
+const (
+	microsoftCommonTenant = "common"
+)
+
 // OAuthProviders is a struct that contains reference all the OAuth providers
 type OAuthProvider struct {
 	GoogleConfig    *oauth2.Config
@@ -171,12 +176,16 @@ func InitOAuth() error {
 		microsoftClientSecret = ""
 	}
 	microsoftActiveDirTenantID, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyMicrosoftActiveDirectoryTenantID)
-	if err != nil {
-		microsoftActiveDirTenantID = "common"
+	if err != nil || microsoftActiveDirTenantID == "" {
+		microsoftActiveDirTenantID = microsoftCommonTenant
 	}
-	if microsoftClientID != "" && microsoftClientSecret != "" && microsoftActiveDirTenantID != "" {
+	if microsoftClientID != "" && microsoftClientSecret != "" {
+		if microsoftActiveDirTenantID == microsoftCommonTenant {
+			ctx = oidc.InsecureIssuerURLContext(ctx, fmt.Sprintf("https://login.microsoftonline.com/%s/v2.0", microsoftActiveDirTenantID))
+		}
 		p, err := oidc.NewProvider(ctx, fmt.Sprintf("https://login.microsoftonline.com/%s/v2.0", microsoftActiveDirTenantID))
 		if err != nil {
+			log.Debugf(ctx, "Error while creating OIDC provider for Microsoft: %v", err)
 			return err
 		}
 		OIDCProviders.MicrosoftOIDC = p

server/resolvers/deactivate_account.go

@@ -0,0 +1,52 @@
+package resolvers
+
+import (
+	"context"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/token"
+	"github.com/authorizerdev/authorizer/server/utils"
+	log "github.com/sirupsen/logrus"
+)
+
+// DeactivateAccountResolver is the resolver for the deactivate_account field.
+func DeactivateAccountResolver(ctx context.Context) (*model.Response, error) {
+	var res *model.Response
+	gc, err := utils.GinContextFromContext(ctx)
+	if err != nil {
+		log.Debug("Failed to get GinContext: ", err)
+		return res, err
+	}
+	userID, err := token.GetUserIDFromSessionOrAccessToken(gc)
+	if err != nil {
+		log.Debug("Failed GetUserIDFromSessionOrAccessToken: ", err)
+		return res, err
+	}
+	log := log.WithFields(log.Fields{
+		"user_id": userID,
+	})
+	user, err := db.Provider.GetUserByID(ctx, userID)
+	if err != nil {
+		log.Debug("Failed to get user by id: ", err)
+		return res, err
+	}
+	now := time.Now().Unix()
+	user.RevokedTimestamp = &now
+	user, err = db.Provider.UpdateUser(ctx, user)
+	if err != nil {
+		log.Debug("Failed to update user: ", err)
+		return res, err
+	}
+	go func() {
+		memorystore.Provider.DeleteAllUserSessions(user.ID)
+		utils.RegisterEvent(ctx, constants.UserDeactivatedWebhookEvent, "", user)
+	}()
+	res = &model.Response{
+		Message: `user account deactivated successfully`,
+	}
+	return res, nil
+}

server/resolvers/env.go

@@ -202,6 +202,7 @@ func EnvResolver(ctx context.Context) (*model.Env, error) {
 	res.DisableMultiFactorAuthentication = store[constants.EnvKeyDisableMultiFactorAuthentication].(bool)
 	res.AdminCookieSecure = store[constants.EnvKeyAdminCookieSecure].(bool)
 	res.AppCookieSecure = store[constants.EnvKeyAppCookieSecure].(bool)
+	res.DisablePlayground = store[constants.EnvKeyDisablePlayGround].(bool)
 
 	return res, nil
 }

server/resolvers/login.go

@@ -33,13 +33,13 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
 		return res, err
 	}
 
-	isBasiAuthDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication)
+	isBasicAuthDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication)
 	if err != nil {
 		log.Debug("Error getting basic auth disabled: ", err)
-		isBasiAuthDisabled = true
+		isBasicAuthDisabled = true
 	}
 
-	if isBasiAuthDisabled {
+	if isBasicAuthDisabled {
 		log.Debug("Basic authentication is disabled.")
 		return res, fmt.Errorf(`basic authentication is disabled for this instance`)
 	}
@@ -113,16 +113,25 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
 	// If email service is not enabled continue the process in any way
 	if refs.BoolValue(user.IsMultiFactorAuthEnabled) && isEmailServiceEnabled && !isMFADisabled {
 		otp := utils.GenerateOTP()
+		expires := time.Now().Add(1 * time.Minute).Unix()
 		otpData, err := db.Provider.UpsertOTP(ctx, &models.OTP{
 			Email:     user.Email,
 			Otp:       otp,
-			ExpiresAt: time.Now().Add(1 * time.Minute).Unix(),
+			ExpiresAt: expires,
 		})
 		if err != nil {
 			log.Debug("Failed to add otp: ", err)
 			return nil, err
 		}
 
+		mfaSession := uuid.NewString()
+		err = memorystore.Provider.SetMfaSession(user.ID, mfaSession, expires)
+		if err != nil {
+			log.Debug("Failed to add mfasession: ", err)
+			return nil, err
+		}
+		cookie.SetMfaSession(gc, mfaSession)
+
 		go func() {
 			// exec it as go routine so that we can reduce the api latency
 			go email.SendEmail([]string{params.Email}, constants.VerificationTypeOTP, map[string]interface{}{
@@ -162,7 +171,6 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
 	if nonce == "" {
 		nonce = uuid.New().String()
 	}
-
 	authToken, err := token.CreateAuthToken(gc, user, roles, scope, constants.AuthRecipeMethodBasicAuth, nonce, code)
 	if err != nil {
 		log.Debug("Failed to create auth token", err)

server/resolvers/mobile_login.go

@@ -33,13 +33,13 @@ func MobileLoginResolver(ctx context.Context, params model.MobileLoginInput) (*m
 		return res, err
 	}
 
-	isBasiAuthDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableMobileBasicAuthentication)
+	isBasicAuthDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableMobileBasicAuthentication)
 	if err != nil {
 		log.Debug("Error getting mobile basic auth disabled: ", err)
-		isBasiAuthDisabled = true
+		isBasicAuthDisabled = true
 	}
 
-	if isBasiAuthDisabled {
+	if isBasicAuthDisabled {
 		log.Debug("Basic authentication is disabled.")
 		return res, fmt.Errorf(`phone number based basic authentication is disabled for this instance`)
 	}
@@ -122,15 +122,25 @@ func MobileLoginResolver(ctx context.Context, params model.MobileLoginInput) (*m
 		smsBody := strings.Builder{}
 		smsBody.WriteString("Your verification code is: ")
 		smsBody.WriteString(smsCode)
+		expires := time.Now().Add(duration).Unix()
 		_, err := db.Provider.UpsertOTP(ctx, &models.OTP{
 			PhoneNumber: params.PhoneNumber,
 			Otp:         smsCode,
-			ExpiresAt:   time.Now().Add(duration).Unix(),
+			ExpiresAt:   expires,
 		})
 		if err != nil {
 			log.Debug("error while upserting OTP: ", err.Error())
 			return nil, err
 		}
+
+		mfaSession := uuid.NewString()
+		err = memorystore.Provider.SetMfaSession(user.ID, mfaSession, expires)
+		if err != nil {
+			log.Debug("Failed to add mfasession: ", err)
+			return nil, err
+		}
+		cookie.SetMfaSession(gc, mfaSession)
+
 		go func() {
 			utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodMobileBasicAuth, user)
 			smsproviders.SendSMS(params.PhoneNumber, smsBody.String())

server/resolvers/mobile_signup.go

@@ -223,6 +223,7 @@ func MobileSignupResolver(ctx context.Context, params *model.MobileSignUpInput)
 		}
 		go func() {
 			smsproviders.SendSMS(mobile, smsBody.String())
+			utils.RegisterEvent(ctx, constants.UserCreatedWebhookEvent, constants.AuthRecipeMethodBasicAuth, user)
 		}()
 		return &model.AuthResponse{
 			Message:                   "Please check the OTP in your inbox",
@@ -298,6 +299,8 @@ func MobileSignupResolver(ctx context.Context, params *model.MobileSignUpInput)
 
 	go func() {
 		utils.RegisterEvent(ctx, constants.UserSignUpWebhookEvent, constants.AuthRecipeMethodMobileBasicAuth, user)
+		// User is also logged in with signup
+		utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodMobileBasicAuth, user)
 		db.Provider.AddSession(ctx, &models.Session{
 			UserID:    user.ID,
 			UserAgent: utils.GetUserAgent(gc.Request),

server/resolvers/profile.go

@@ -20,21 +20,11 @@ func ProfileResolver(ctx context.Context) (*model.User, error) {
 		log.Debug("Failed to get GinContext: ", err)
 		return res, err
 	}
-
-	accessToken, err := token.GetAccessToken(gc)
+	userID, err := token.GetUserIDFromSessionOrAccessToken(gc)
 	if err != nil {
-		log.Debug("Failed to get access token: ", err)
+		log.Debug("Failed GetUserIDFromSessionOrAccessToken: ", err)
 		return res, err
 	}
-
-	claims, err := token.ValidateAccessToken(gc, accessToken)
-	if err != nil {
-		log.Debug("Failed to validate access token: ", err)
-		return res, err
-	}
-
-	userID := claims["sub"].(string)
-
 	log := log.WithFields(log.Fields{
 		"user_id": userID,
 	})

server/resolvers/signup.go

@@ -2,6 +2,8 @@ package resolvers
 
 import (
 	"context"
+	"encoding/json"
+	"errors"
 	"fmt"
 	"strings"
 	"time"
@@ -171,6 +173,17 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
 		user.IsMultiFactorAuthEnabled = refs.NewBoolRef(true)
 	}
 
+	if params.AppData != nil {
+		appDataString := ""
+		appDataBytes, err := json.Marshal(params.AppData)
+		if err != nil {
+			log.Debug("failed to marshall source app_data: ", err)
+			return nil, errors.New("malformed app_data")
+		}
+		appDataString = string(appDataBytes)
+		user.AppData = &appDataString
+	}
+
 	user.SignupMethods = constants.AuthRecipeMethodBasicAuth
 	isEmailVerificationDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableEmailVerification)
 	if err != nil {
@@ -300,7 +313,10 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
 		}
 
 		go func() {
+			utils.RegisterEvent(ctx, constants.UserCreatedWebhookEvent, constants.AuthRecipeMethodBasicAuth, user)
 			utils.RegisterEvent(ctx, constants.UserSignUpWebhookEvent, constants.AuthRecipeMethodBasicAuth, user)
+			// User is also logged in with signup
+			utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodBasicAuth, user)
 			db.Provider.AddSession(ctx, &models.Session{
 				UserID:    user.ID,
 				UserAgent: utils.GetUserAgent(gc.Request),

server/resolvers/update_profile.go

@@ -2,6 +2,7 @@ package resolvers
 
 import (
 	"context"
+	"encoding/json"
 	"errors"
 	"fmt"
 	"strings"
@@ -34,29 +35,20 @@ func UpdateProfileResolver(ctx context.Context, params model.UpdateProfileInput)
 		log.Debug("Failed to get GinContext: ", err)
 		return res, err
 	}
-
-	accessToken, err := token.GetAccessToken(gc)
+	userID, err := token.GetUserIDFromSessionOrAccessToken(gc)
 	if err != nil {
-		log.Debug("Failed to get access token: ", err)
-		return res, err
-	}
-	claims, err := token.ValidateAccessToken(gc, accessToken)
-	if err != nil {
-		log.Debug("Failed to validate access token: ", err)
+		log.Debug("Failed GetUserIDFromSessionOrAccessToken: ", err)
 		return res, err
 	}
 
 	// validate if all params are not empty
-	if params.GivenName == nil && params.FamilyName == nil && params.Picture == nil && params.MiddleName == nil && params.Nickname == nil && params.OldPassword == nil && params.Email == nil && params.Birthdate == nil && params.Gender == nil && params.PhoneNumber == nil && params.NewPassword == nil && params.ConfirmNewPassword == nil && params.IsMultiFactorAuthEnabled == nil {
+	if params.GivenName == nil && params.FamilyName == nil && params.Picture == nil && params.MiddleName == nil && params.Nickname == nil && params.OldPassword == nil && params.Email == nil && params.Birthdate == nil && params.Gender == nil && params.PhoneNumber == nil && params.NewPassword == nil && params.ConfirmNewPassword == nil && params.IsMultiFactorAuthEnabled == nil && params.AppData == nil {
 		log.Debug("All params are empty")
 		return res, fmt.Errorf("please enter at least one param to update")
 	}
-
-	userID := claims["sub"].(string)
 	log := log.WithFields(log.Fields{
 		"user_id": userID,
 	})
-
 	user, err := db.Provider.GetUserByID(ctx, userID)
 	if err != nil {
 		log.Debug("Failed to get user by id: ", err)
@@ -99,7 +91,16 @@ func UpdateProfileResolver(ctx context.Context, params model.UpdateProfileInput)
 	if params.Picture != nil && refs.StringValue(user.Picture) != refs.StringValue(params.Picture) {
 		user.Picture = params.Picture
 	}
-
+	if params.AppData != nil {
+		appDataString := ""
+		appDataBytes, err := json.Marshal(params.AppData)
+		if err != nil {
+			log.Debug("failed to marshall source app_data: ", err)
+			return nil, errors.New("malformed app_data")
+		}
+		appDataString = string(appDataBytes)
+		user.AppData = &appDataString
+	}
 	if params.IsMultiFactorAuthEnabled != nil && refs.BoolValue(user.IsMultiFactorAuthEnabled) != refs.BoolValue(params.IsMultiFactorAuthEnabled) {
 		if refs.BoolValue(params.IsMultiFactorAuthEnabled) {
 			isEnvServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsEmailServiceEnabled)

server/resolvers/update_user.go

@@ -2,6 +2,7 @@ package resolvers
 
 import (
 	"context"
+	"encoding/json"
 	"errors"
 	"fmt"
 	"strings"
@@ -95,6 +96,17 @@ func UpdateUserResolver(ctx context.Context, params model.UpdateUserInput) (*mod
 		user.Picture = params.Picture
 	}
 
+	if params.AppData != nil {
+		appDataString := ""
+		appDataBytes, err := json.Marshal(params.AppData)
+		if err != nil {
+			log.Debug("failed to marshall source app_data: ", err)
+			return nil, errors.New("malformed app_data")
+		}
+		appDataString = string(appDataBytes)
+		user.AppData = &appDataString
+	}
+
 	if params.IsMultiFactorAuthEnabled != nil && refs.BoolValue(user.IsMultiFactorAuthEnabled) != refs.BoolValue(params.IsMultiFactorAuthEnabled) {
 		user.IsMultiFactorAuthEnabled = params.IsMultiFactorAuthEnabled
 		if refs.BoolValue(params.IsMultiFactorAuthEnabled) {

server/resolvers/validate_session.go

@@ -37,8 +37,9 @@ func ValidateSessionResolver(ctx context.Context, params *model.ValidateSessionI
 	log := log.WithFields(log.Fields{
 		"user_id": userID,
 	})
-	_, err = db.Provider.GetUserByID(ctx, userID)
+	user, err := db.Provider.GetUserByID(ctx, userID)
 	if err != nil {
+		log.Debug("Failed to get user: ", err)
 		return nil, err
 	}
 	// refresh token has "roles" as claim
@@ -55,5 +56,6 @@ func ValidateSessionResolver(ctx context.Context, params *model.ValidateSessionI
 	}
 	return &model.ValidateSessionResponse{
 		IsValid: true,
+		User:    user.AsAPIUser(),
 	}, nil
 }

server/resolvers/verify_email.go

@@ -125,6 +125,8 @@ func VerifyEmailResolver(ctx context.Context, params model.VerifyEmailInput) (*m
 	go func() {
 		if isSignUp {
 			utils.RegisterEvent(ctx, constants.UserSignUpWebhookEvent, loginMethod, user)
+			// User is also logged in with signup
+			utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, loginMethod, user)
 		} else {
 			utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, loginMethod, user)
 		}

server/resolvers/verify_otp.go

@@ -27,6 +27,13 @@ func VerifyOtpResolver(ctx context.Context, params model.VerifyOTPRequest) (*mod
 		log.Debug("Failed to get GinContext: ", err)
 		return res, err
 	}
+
+	mfaSession, err := cookie.GetMfaSession(gc)
+	if err != nil {
+		log.Debug("Failed to get otp request by email: ", err)
+		return res, fmt.Errorf(`invalid session: %s`, err.Error())
+	}
+
 	if refs.StringValue(params.Email) == "" && refs.StringValue(params.PhoneNumber) == "" {
 		log.Debug("Email or phone number is required")
 		return res, fmt.Errorf(`email or phone_number is required`)
@@ -62,10 +69,15 @@ func VerifyOtpResolver(ctx context.Context, params model.VerifyOTPRequest) (*mod
 		user, err = db.Provider.GetUserByPhoneNumber(ctx, refs.StringValue(params.PhoneNumber))
 	}
 	if user == nil || err != nil {
-		fmt.Println("=> failing here....", err)
 		log.Debug("Failed to get user by email or phone number: ", err)
 		return res, err
 	}
+
+	if _, err := memorystore.Provider.GetMfaSession(user.ID, mfaSession); err != nil {
+		log.Debug("Failed to get mfa session: ", err)
+		return res, fmt.Errorf(`invalid session: %s`, err.Error())
+	}
+
 	isSignUp := user.EmailVerifiedAt == nil && user.PhoneNumberVerifiedAt == nil
 	// TODO - Add Login method in DB when we introduce OTP for social media login
 	loginMethod := constants.AuthRecipeMethodBasicAuth
@@ -112,6 +124,8 @@ func VerifyOtpResolver(ctx context.Context, params model.VerifyOTPRequest) (*mod
 		db.Provider.DeleteOTP(gc, otp)
 		if isSignUp {
 			utils.RegisterEvent(ctx, constants.UserSignUpWebhookEvent, loginMethod, user)
+			// User is also logged in with signup
+			utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, loginMethod, user)
 		} else {
 			utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, loginMethod, user)
 		}

server/test/deactivate_account_test.go

@@ -0,0 +1,45 @@
+package test
+
+import (
+	"context"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func deactivateAccountTests(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should deactiavte the user account with access token only`, func(t *testing.T) {
+		req, ctx := createContext(s)
+		email := "deactiavte_account." + s.TestInfo.Email
+
+		resolvers.SignupResolver(ctx, model.SignUpInput{
+			Email:           email,
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+		})
+		_, err := resolvers.DeactivateAccountResolver(ctx)
+		assert.NotNil(t, err, "unauthorized")
+		verificationRequest, err := db.Provider.GetVerificationRequestByEmail(ctx, email, constants.VerificationTypeBasicAuthSignup)
+		assert.NoError(t, err)
+		assert.NotNil(t, verificationRequest)
+		verifyRes, err := resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{
+			Token: verificationRequest.Token,
+		})
+		assert.NoError(t, err)
+		assert.NotNil(t, verifyRes)
+		s.GinContext.Request.Header.Set("Authorization", "Bearer "+*verifyRes.AccessToken)
+		ctx = context.WithValue(req.Context(), "GinContextKey", s.GinContext)
+		_, err = resolvers.DeactivateAccountResolver(ctx)
+		assert.NoError(t, err)
+		s.GinContext.Request.Header.Set("Authorization", "")
+		assert.Nil(t, err)
+		_, err = resolvers.ProfileResolver(ctx)
+		assert.NotNil(t, err, "unauthorized")
+		cleanData(email)
+	})
+}

server/test/integration_test.go

@@ -143,6 +143,7 @@ func TestResolvers(t *testing.T) {
 			verifyOTPTest(t, s)
 			resendOTPTest(t, s)
 			validateSessionTests(t, s)
+			deactivateAccountTests(t, s)
 
 			updateAllUsersTest(t, s)
 			webhookLogsTest(t, s)   // get logs after above resolver tests are done

server/test/mobile_login_test.go

@@ -1,12 +1,18 @@
 package test
 
 import (
+	"fmt"
+	"strings"
 	"testing"
+	"time"
 
+	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/google/uuid"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -48,6 +54,17 @@ func mobileLoginTests(t *testing.T, s TestSetup) {
 		smsRequest, err := db.Provider.GetOTPByPhoneNumber(ctx, phoneNumber)
 		assert.NoError(t, err)
 		assert.NotEmpty(t, smsRequest.Otp)
+		// Get user by phone number
+		user, err := db.Provider.GetUserByPhoneNumber(ctx, phoneNumber)
+		assert.NoError(t, err)
+		assert.NotNil(t, user)
+		// Set mfa cookie session
+		mfaSession := uuid.NewString()
+		memorystore.Provider.SetMfaSession(user.ID, mfaSession, time.Now().Add(1*time.Minute).Unix())
+		cookie := fmt.Sprintf("%s=%s;", constants.MfaCookieName+"_session", mfaSession)
+		cookie = strings.TrimSuffix(cookie, ";")
+		req, ctx := createContext(s)
+		req.Header.Set("Cookie", cookie)
 		verifySMSRequest, err := resolvers.VerifyOtpResolver(ctx, model.VerifyOTPRequest{
 			PhoneNumber: &phoneNumber,
 			Otp:         smsRequest.Otp,

server/test/mobile_signup_test.go

@@ -1,7 +1,10 @@
 package test
 
 import (
+	"fmt"
+	"strings"
 	"testing"
+	"time"
 
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db"
@@ -9,6 +12,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/google/uuid"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -79,6 +83,17 @@ func mobileSingupTest(t *testing.T, s TestSetup) {
 		otp, err := db.Provider.GetOTPByPhoneNumber(ctx, phoneNumber)
 		assert.Nil(t, err)
 		assert.NotEmpty(t, otp.Otp)
+		// Get user by phone number
+		user, err := db.Provider.GetUserByPhoneNumber(ctx, phoneNumber)
+		assert.NoError(t, err)
+		assert.NotNil(t, user)
+		// Set mfa cookie session
+		mfaSession := uuid.NewString()
+		memorystore.Provider.SetMfaSession(user.ID, mfaSession, time.Now().Add(1*time.Minute).Unix())
+		cookie := fmt.Sprintf("%s=%s;", constants.MfaCookieName+"_session", mfaSession)
+		cookie = strings.TrimSuffix(cookie, ";")
+		req, ctx := createContext(s)
+		req.Header.Set("Cookie", cookie)
 		otpRes, err := resolvers.VerifyOtpResolver(ctx, model.VerifyOTPRequest{
 			PhoneNumber: &phoneNumber,
 			Otp:         otp.Otp,

server/test/resend_otp_test.go

@@ -2,13 +2,18 @@ package test
 
 import (
 	"context"
+	"fmt"
+	"strings"
 	"testing"
+	"time"
 
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/google/uuid"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -89,6 +94,16 @@ func resendOTPTest(t *testing.T, s TestSetup) {
 		})
 		assert.Error(t, err)
 		assert.Nil(t, verifyOtpRes)
+		// Get user by email
+		user, err := db.Provider.GetUserByEmail(ctx, email)
+		assert.NoError(t, err)
+		assert.NotNil(t, user)
+		// Set mfa cookie session
+		mfaSession := uuid.NewString()
+		memorystore.Provider.SetMfaSession(user.ID, mfaSession, time.Now().Add(1*time.Minute).Unix())
+		cookie := fmt.Sprintf("%s=%s;", constants.MfaCookieName+"_session", mfaSession)
+		cookie = strings.TrimSuffix(cookie, ";")
+		req.Header.Set("Cookie", cookie)
 		verifyOtpRes, err = resolvers.VerifyOtpResolver(ctx, model.VerifyOTPRequest{
 			Email: &email,
 			Otp:   newOtp.Otp,

server/test/signup_test.go

@@ -43,10 +43,14 @@ func signupTests(t *testing.T, s TestSetup) {
 			Email:           email,
 			Password:        s.TestInfo.Password,
 			ConfirmPassword: s.TestInfo.Password,
+			AppData: map[string]interface{}{
+				"test": "test",
+			},
 		})
 		assert.Nil(t, err, "signup should be successful")
 		user := *res.User
 		assert.Equal(t, email, user.Email)
+		assert.Equal(t, "test", user.AppData["test"])
 		assert.Nil(t, res.AccessToken, "access token should be nil")
 		res, err = resolvers.SignupResolver(ctx, model.SignUpInput{
 			Email:           email,

server/test/test.go

@@ -103,7 +103,7 @@ func testSetup() TestSetup {
 		Email:                       fmt.Sprintf("%d_authorizer_tester@yopmail.com", time.Now().Unix()),
 		Password:                    "Test@123",
 		WebhookEndpoint:             "https://62f93101e05644803533cf36.mockapi.io/authorizer/webhook",
-		TestWebhookEventTypes:       []string{constants.UserAccessEnabledWebhookEvent, constants.UserAccessRevokedWebhookEvent, constants.UserCreatedWebhookEvent, constants.UserDeletedWebhookEvent, constants.UserLoginWebhookEvent, constants.UserSignUpWebhookEvent},
+		TestWebhookEventTypes:       []string{constants.UserAccessEnabledWebhookEvent, constants.UserAccessRevokedWebhookEvent, constants.UserCreatedWebhookEvent, constants.UserDeletedWebhookEvent, constants.UserLoginWebhookEvent, constants.UserSignUpWebhookEvent, constants.UserDeactivatedWebhookEvent},
 		TestEmailTemplateEventTypes: []string{constants.VerificationTypeBasicAuthSignup, constants.VerificationTypeForgotPassword, constants.VerificationTypeMagicLinkLogin, constants.VerificationTypeUpdateEmail},
 	}
 

server/test/update_user_test.go

@@ -50,8 +50,19 @@ func updateUserTest(t *testing.T, s TestSetup) {
 		_, err = resolvers.UpdateUserResolver(ctx, model.UpdateUserInput{
 			ID:    user.ID,
 			Roles: newRoles,
+			AppData: map[string]interface{}{
+				"test": "test",
+			},
 		})
 		assert.Nil(t, err)
+		// Get user and check if roles are updated
+		users, err := resolvers.UsersResolver(ctx, nil)
+		assert.Nil(t, err)
+		for _, u := range users.Users {
+			if u.ID == user.ID {
+				assert.Equal(t, u.AppData["test"], "test")
+			}
+		}
 		cleanData(email)
 	})
 }

server/test/validate_session_test.go

@@ -56,6 +56,7 @@ func validateSessionTests(t *testing.T, s TestSetup) {
 		res, err = resolvers.ValidateSessionResolver(ctx, &model.ValidateSessionInput{})
 		assert.Nil(t, err)
 		assert.True(t, res.IsValid)
+		assert.Equal(t, res.User.ID, verifyRes.User.ID)
 		cleanData(email)
 	})
 }

server/test/verify_otp_test.go

@@ -2,13 +2,18 @@ package test
 
 import (
 	"context"
+	"fmt"
+	"strings"
 	"testing"
+	"time"
 
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/google/uuid"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -63,7 +68,16 @@ func verifyOTPTest(t *testing.T, s TestSetup) {
 		otp, err := db.Provider.GetOTPByEmail(ctx, email)
 		assert.NoError(t, err)
 		assert.NotEmpty(t, otp.Otp)
-
+		// Get user by email
+		user, err := db.Provider.GetUserByEmail(ctx, email)
+		assert.NoError(t, err)
+		assert.NotNil(t, user)
+		// Set mfa cookie session
+		mfaSession := uuid.NewString()
+		memorystore.Provider.SetMfaSession(user.ID, mfaSession, time.Now().Add(1*time.Minute).Unix())
+		cookie := fmt.Sprintf("%s=%s;", constants.MfaCookieName+"_session", mfaSession)
+		cookie = strings.TrimSuffix(cookie, ";")
+		req.Header.Set("Cookie", cookie)
 		verifyOtpRes, err := resolvers.VerifyOtpResolver(ctx, model.VerifyOTPRequest{
 			Email: &email,
 			Otp:   otp.Otp,

server/token/auth_token.go

@@ -15,6 +15,7 @@ import (
 	"github.com/robertkrimen/otto"
 
 	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/cookie"
 	"github.com/authorizerdev/authorizer/server/crypto"
 	"github.com/authorizerdev/authorizer/server/db/models"
 	"github.com/authorizerdev/authorizer/server/memorystore"
@@ -480,3 +481,34 @@ func GetIDToken(gc *gin.Context) (string, error) {
 	token := strings.TrimPrefix(auth, "Bearer ")
 	return token, nil
 }
+
+// GetUserIDFromSessionOrAccessToken returns the user id from the session or access token
+func GetUserIDFromSessionOrAccessToken(gc *gin.Context) (string, error) {
+	// First try to get the user id from the session
+	isSession := true
+	token, err := cookie.GetSession(gc)
+	if err != nil || token == "" {
+		log.Debug("Failed to get session token: ", err)
+		isSession = false
+		token, err = GetAccessToken(gc)
+		if err != nil || token == "" {
+			log.Debug("Failed to get access token: ", err)
+			return "", fmt.Errorf(`unauthorized`)
+		}
+	}
+	if isSession {
+		claims, err := ValidateBrowserSession(gc, token)
+		if err != nil {
+			log.Debug("Failed to validate session token: ", err)
+			return "", fmt.Errorf(`unauthorized`)
+		}
+		return claims.Subject, nil
+	}
+	// If not session, then validate the access token
+	claims, err := ValidateAccessToken(gc, token)
+	if err != nil {
+		log.Debug("Failed to validate access token: ", err)
+		return "", fmt.Errorf(`unauthorized`)
+	}
+	return claims["sub"].(string), nil
+}

server/utils/webhook.go

@@ -83,10 +83,8 @@ func RegisterEvent(ctx context.Context, eventName string, authRecipe string, use
 		}
 		req.Header.Set("Content-Type", "application/json")
 
-		if webhook.Headers != nil {
-			for key, val := range webhook.Headers {
-				req.Header.Set(key, val.(string))
-			}
+		for key, val := range webhook.Headers {
+			req.Header.Set(key, val.(string))
 		}
 
 		client := &http.Client{Timeout: time.Second * 30}

server/validators/webhook.go

@@ -4,7 +4,7 @@ import "github.com/authorizerdev/authorizer/server/constants"
 
 // IsValidWebhookEventName to validate webhook event name
 func IsValidWebhookEventName(eventName string) bool {
-	if eventName != constants.UserCreatedWebhookEvent && eventName != constants.UserLoginWebhookEvent && eventName != constants.UserSignUpWebhookEvent && eventName != constants.UserDeletedWebhookEvent && eventName != constants.UserAccessEnabledWebhookEvent && eventName != constants.UserAccessRevokedWebhookEvent {
+	if eventName != constants.UserCreatedWebhookEvent && eventName != constants.UserLoginWebhookEvent && eventName != constants.UserSignUpWebhookEvent && eventName != constants.UserDeletedWebhookEvent && eventName != constants.UserAccessEnabledWebhookEvent && eventName != constants.UserAccessRevokedWebhookEvent && eventName != constants.UserDeactivatedWebhookEvent {
 		return false
 	}