feat(router): Add new JWT authentication variants and use them #2835

ThisIsMani · 2023-11-10T11:30:57Z

Type of Change

Description

Added merchant create routes
Add dashboard routes
add user creation routes
Support user based JWT auth for routes

Additional Changes

This PR modifies the API contract
This PR modifies the database schema
This PR modifies application configuration/environment variables

Motivation and Context

To make some routes accessible with JWT authentication

How did you test it?

Postman.

Test Cases

New APIs

curl --location 'http://localhost:8080/user/v2/signin' \
--header 'Content-Type: application/json' \
--data-raw '{
    "email": "email",
    "password": "password"
}'

curl --location 'http://localhost:8080/user/v2/signup' \
--header 'Content-Type: application/json' \
--data-raw '{
    "email": "email",
    "password": "password"
}'

curl --location 'http://localhost:8080/user/signin' \
--header 'Content-Type: application/json' \
--data-raw '{
    "email": "email",
    "password": "password"
}'

curl --location 'http://localhost:8080/user/signup' \
--header 'Content-Type: application/json' \
--data-raw '{
    "email": "email",
    "password": "password"
}'

All the above APIs will give the following response

{
    "token": "JWT Token",
    "merchant_id": "merchant_id",
    "name": "user name",
    "email": "email",
    "verification_days_left": null,
    "user_role": "org_admin"
}

Old APIs
The following APIs will now work with jwt tokens in the authorization header.

Steps:
a. Get the JWT Token from the routes mentioned above
b. Put that token in the Bearer Token in Authorization tab of postman request
c. Hit the API, then it should work.
APIs:
Merchant Account - Retrieve
Merchant Account - Update
Payment Connector - Create
Payment Connector - Retrieve
Payment Connector - List
Payment Connector - Update
Payment Connector - Delete
Business Profile - Create
Business Profile - Retrieve
Business Profile - Update
Business Profile - List
Api Key - Create
Api Key - Retrieve
Api Key - Revoke
Api Key - List
Payments - Create
Payments - Retrieve
Payments - List
Refunds - Create
Refunds - Retrieve
Refunds - List

Checklist

I formatted the code cargo +nightly fmt --all
I addressed lints thrown by cargo clippy
I reviewed the submitted code
I added unit tests for my changes where possible
I added a CHANGELOG entry if applicable

lsampras

LGTM

apoorvdixit88

LGTM
(We can discuss whether we want to keep the blocked_email list or we can totally remove it from signup flow)

SanchithHegde · 2023-11-10T17:48:48Z

crates/router/src/consts.rs

@@ -1,3 +1,6 @@
+#[cfg(feature = "olap")]
+pub mod user;


If it is going to be small enough (only a few lines), you might as well have the module defined inline instead of keeping it in a separate file.

pub mod user { #[cfg(feature = "olap")] pub const MAX_NAME_LENGTH: usize = 70; #[cfg(feature = "olap")] pub const MAX_COMPANY_NAME_LENGTH: usize = 70; // USER ROLES #[cfg(any(feature = "olap", feature = "oltp"))] pub const ROLE_ID_ORGANIZATION_ADMIN: &str = "org_admin"; }

Not a necessary change however.

Once we add new APIs and new roles, this file is going to become big.

crates/router/src/utils/user/password.rs

ThisIsMani added 2 commits November 10, 2023 14:26

feat: add authentication and signup apis

5482bbf

feat: add jwt to dashboard routes

d84b953

ThisIsMani requested review from a team as code owners November 10, 2023 11:30

refactor: rename user api types and fix clippy

a400424

ThisIsMani requested review from lsampras, SanchithHegde, apoorvdixit88 and racnan November 10, 2023 11:57

ThisIsMani self-assigned this Nov 10, 2023

ThisIsMani added A-framework Area: Framework C-feature Category: Feature request or enhancement S-waiting-on-review Status: This PR has been implemented and needs to be reviewed labels Nov 10, 2023

fix: typos

a2514aa

ThisIsMani requested a review from a team as a code owner November 10, 2023 12:02

ThisIsMani and others added 3 commits November 10, 2023 17:34

Merge branch 'main' into signup

8fb9a75

fix: toml dependencies

5d8d0fa

Merge branch 'main' into signup

f11212e

lsampras previously approved these changes Nov 10, 2023

View reviewed changes

fix: hack

4cff8ea

ThisIsMani dismissed lsampras’s stale review via 4cff8ea November 10, 2023 14:08

chore: run formatter

fe12374

apoorvdixit88 reviewed Nov 10, 2023

View reviewed changes

SanchithHegde approved these changes Nov 11, 2023

View reviewed changes

apoorvdixit88 approved these changes Nov 11, 2023

View reviewed changes

lsampras approved these changes Nov 11, 2023

View reviewed changes

likhinbopanna removed the S-waiting-on-review Status: This PR has been implemented and needs to be reviewed label Nov 13, 2023

likhinbopanna added this pull request to the merge queue Nov 13, 2023

Merged via the queue into main with commit f88eee7 Nov 13, 2023
14 of 16 checks passed

likhinbopanna deleted the signup branch November 13, 2023 06:08

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(router): Add new JWT authentication variants and use them #2835

feat(router): Add new JWT authentication variants and use them #2835

ThisIsMani commented Nov 10, 2023 •

edited

Loading

lsampras left a comment

apoorvdixit88 left a comment

SanchithHegde Nov 10, 2023

ThisIsMani Nov 12, 2023

feat(router): Add new JWT authentication variants and use them #2835

feat(router): Add new JWT authentication variants and use them #2835

Conversation

ThisIsMani commented Nov 10, 2023 • edited Loading

Type of Change

Description

Additional Changes

Motivation and Context

How did you test it?

Test Cases

Checklist

lsampras left a comment

Choose a reason for hiding this comment

apoorvdixit88 left a comment

Choose a reason for hiding this comment

SanchithHegde Nov 10, 2023

Choose a reason for hiding this comment

ThisIsMani Nov 12, 2023

Choose a reason for hiding this comment

ThisIsMani commented Nov 10, 2023 •

edited

Loading