feat: add otp functions

.firebaserc

@@ -0,0 +1,5 @@
+{
+  "projects": {
+    "default": "pagoda-oboarding-dev"
+  }
+}

.github/workflows/deploy-cloud-functions-testnet.yml

@@ -0,0 +1,68 @@
+name: Deploy Cloud Functions
+on:
+  push:
+    branches: [ main, add-otp-cloud-functions ]
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Set up Node.js
+      uses: actions/setup-node@v3
+      with:
+        node-version: '18'
+
+    - id: 'auth'
+      uses: 'google-github-actions/auth@v1'
+      with:
+        credentials_json: '${{ secrets.CLOUD_FUNCTIONS_DEPLOYER_TESTNET_SERVICE_ACCOUNT }}'
+
+    - name: 'Set up Cloud SDK'
+      uses: 'google-github-actions/setup-gcloud@v1'
+      with:
+        version: 'latest'
+
+    - name: 'Update gcloud SDK to the latest version'
+      run: |
+        gcloud components update  
+
+    - name: 'Install dependencies and build'
+      run: |
+        cd packages/functions
+        npm install
+        npm run build
+        echo "Directory structure after build:"
+        find . -type f
+
+    - name: 'Deploy Cloud Functions'
+      run: |
+        cd packages/functions
+        echo "Current directory contents:"
+        ls -R
+        gcloud config set project pagoda-oboarding-dev
+        gcloud functions deploy verifyOTP \
+          --no-gen2 \
+          --runtime nodejs18 \
+          --trigger-http \
+          --allow-unauthenticated \
+          --service-account=firebase-adminsdk-bygsj@pagoda-oboarding-dev.iam.gserviceaccount.com \
+          --entry-point=verifyOTP \
+          --source=lib \
+          --set-env-vars GMAIL_SENDER="${{ secrets.GMAIL_OTP_SENDER }}",GMAIL_PASSWORD="${{ secrets.GMAIL_OTP_SENDER_PASSWORD }}" \
+          --verbosity=debug \
+          --project pagoda-oboarding-dev \
+          --build-service-account=projects/pagoda-oboarding-dev/serviceAccounts/firebase-adminsdk-bygsj@pagoda-oboarding-dev.iam.gserviceaccount.com        
+
+        gcloud functions deploy sendOTP \
+          --no-gen2 \
+          --runtime nodejs18 \
+          --trigger-http \
+          --allow-unauthenticated \
+          --service-account=firebase-adminsdk-bygsj@pagoda-oboarding-dev.iam.gserviceaccount.com \
+          --entry-point=sendOTP \
+          --source=lib \
+          --set-env-vars GMAIL_SENDER="${{ secrets.GMAIL_OTP_SENDER }}",GMAIL_PASSWORD="${{ secrets.GMAIL_OTP_SENDER_PASSWORD }}" \
+          --verbosity=debug \
+          --project pagoda-oboarding-dev \
+          --build-service-account=projects/pagoda-oboarding-dev/serviceAccounts/firebase-adminsdk-bygsj@pagoda-oboarding-dev.iam.gserviceaccount.com

firebase.json

@@ -0,0 +1,19 @@
+{
+  "functions": [
+    {
+      "source": "packages/functions",
+      "codebase": "default",
+      "ignore": [
+        "node_modules",
+        ".git",
+        "firebase-debug.log",
+        "firebase-debug.*.log",
+        "*.local"
+      ],
+      "predeploy": [
+        "npm --prefix \"$RESOURCE_DIR\" run lint",
+        "npm --prefix \"$RESOURCE_DIR\" run build"
+      ]
+    }
+  ]
+}

packages/functions/.gitignore

@@ -0,0 +1,10 @@
+# Compiled JavaScript files
+lib/**/*.js
+lib/**/*.js.map
+
+# TypeScript v1 declaration files
+typings/
+
+# Node.js dependency directory
+node_modules/
+*.local

packages/functions/eslint.config.js

@@ -0,0 +1,126 @@
+const eslint = require('@eslint/js');
+const tseslintPlugin = require('@typescript-eslint/eslint-plugin');
+const tseslintParser = require('@typescript-eslint/parser');
+const importPlugin = require('eslint-plugin-import');
+const airbnbBase = require('eslint-config-airbnb-base');
+
+module.exports = [
+  eslint.configs.recommended,
+  {
+    files: ['**/*.ts', '**/*.tsx'],
+    languageOptions: {
+      parser: tseslintParser,
+      parserOptions: {
+        project: './tsconfig.json',
+      },
+      globals: {
+        process: 'readonly',
+        console: 'readonly',
+        Buffer: 'readonly',
+      },
+    },
+    plugins: {
+      '@typescript-eslint': tseslintPlugin,
+      import: importPlugin,
+    },
+    rules: {
+      ...airbnbBase.rules,
+      ...tseslintPlugin.configs.recommended.rules,
+      // Your existing rules here...
+      'linebreak-style': 0,
+      'import/no-extraneous-dependencies': 'off',
+      'import/prefer-default-export': 'off',
+      'prefer-destructuring': [
+        'error',
+        {
+          VariableDeclarator: {
+            array: false,
+            object: true,
+          },
+          AssignmentExpression: {
+            array: false,
+            object: false,
+          },
+        },
+        {
+          enforceForRenamedProperties: false,
+        },
+      ],
+      'max-classes-per-file': 'off',
+      indent: [
+        'error',
+        2,
+        {
+          SwitchCase: 1,
+          VariableDeclarator: { var: 2, let: 2, const: 3 },
+          ObjectExpression: 'first',
+        },
+      ],
+      semi: ['error', 'always'],
+      'comma-dangle': ['error', 'only-multiline'],
+      'max-len': [
+        'error',
+        120,
+        {
+          ignoreComments: true,
+          ignoreStrings: true,
+          ignoreTemplateLiterals: true,
+        },
+      ],
+      'no-multi-spaces': [
+        'error',
+        {
+          exceptions: {
+            ExportNamedDeclaration: true,
+            VariableDeclarator: true,
+            AssignmentExpression: true,
+            AssignmentPattern: true,
+          },
+        },
+      ],
+      'global-require': 'warn',
+      'one-var': ['error', 'never'],
+      strict: 'off',
+      camelcase: 'off',
+      'no-console': 'off',
+      'func-names': 'off',
+      'no-param-reassign': 'off',
+      'arrow-body-style': [
+        'error',
+        'as-needed',
+        { requireReturnForObjectLiteral: true },
+      ],
+      'no-underscore-dangle': 'off',
+      'import/extensions': ['error', { json: 'always' }],
+      'import/order': [
+        'error',
+        {
+          alphabetize: {
+            order: 'asc',
+            caseInsensitive: true,
+          },
+          'newlines-between': 'always',
+          groups: [
+            'builtin',
+            ['external', 'internal'],
+            ['sibling', 'parent', 'index'],
+            'object',
+          ],
+        },
+      ],
+      'arrow-parens': ['error', 'always'],
+      'key-spacing': ['warn', { align: 'value', mode: 'minimum' }],
+      'one-var-declaration-per-line': ['error', 'initializations'],
+      'no-shadow': 'off',
+      '@typescript-eslint/no-shadow': 'error',
+      'no-unused-vars': 'off',
+      '@typescript-eslint/no-unused-vars': [
+        'error',
+        { argsIgnorePattern: '^_', varsIgnorePattern: '^_' },
+      ],
+    },
+  },
+  {
+    ignores: ['node_modules/**', 'dist/**', 'lib/**', 'eslint.config.js'],
+  },
+];

packages/functions/package.json

@@ -0,0 +1,38 @@
+{
+  "name": "functions",
+  "version": "1.0.0",
+  "scripts": {
+    "lint": "eslint .",
+    "build": "tsc",
+    "postbuild": "cp package.json lib/ && cd lib && npm install --only=production",
+    "build:watch": "tsc --watch",
+    "serve": "yarn run build && firebase emulators:start --only functions",
+    "shell": "yarn run build && firebase functions:shell",
+    "start": "yarn run shell",
+    "deploy": "firebase deploy --only functions",
+    "logs": "firebase functions:log"
+  },
+  "engines": {
+    "node": "18"
+  },
+  "main": "index.js",
+  "dependencies": {
+    "firebase-admin": "^12.1.0",
+    "firebase-functions": "^5.0.0",
+    "nodemailer": "^6.9.14",
+    "crypto": "^1.0.1"
+  },
+  "devDependencies": {
+    "@eslint/js": "^9.7.0",
+    "@types/nodemailer": "^6.4.15",
+    "@typescript-eslint/eslint-plugin": "^6.15.0",
+    "@typescript-eslint/parser": "^6.15.0",
+    "eslint": "^8.56.0",
+    "eslint-config-airbnb-base": "^15.0.0",
+    "eslint-config-google": "^0.14.0",
+    "eslint-plugin-import": "^2.29.1",
+    "firebase-functions-test": "^3.1.0",
+    "typescript": "^4.9.0"
+  },
+  "private": true
+}

packages/functions/src/index.ts

@@ -0,0 +1,107 @@
+import * as crypto from 'crypto';
+
+import * as admin from 'firebase-admin';
+import * as functions from 'firebase-functions';
+import * as nodemailer from 'nodemailer';
+
+admin.initializeApp();
+
+const SENDER_EMAIL = process.env.GMAIL_SENDER;
+const GMAIL_PASSWORD = process.env.GMAIL_PASSWORD;
+
+if (!SENDER_EMAIL || !GMAIL_PASSWORD) {
+  throw new Error('Sender email and password must be set as environment variables.');
+}
+
+const transporter = nodemailer.createTransport({
+  host:   'smtp.gmail.com',
+  port:   465,
+  secure: true,
+  auth:   {
+    user: SENDER_EMAIL,
+    pass: GMAIL_PASSWORD,
+  },
+});
+
+export const sendOTP = functions.https.onCall(
+  async (data: { email: string }, _context) => {
+    const { email } = data;
+
+    const otp = crypto.randomInt(100000, 999999).toString();
+    const now = new Date();
+    const formattedDate = now.toISOString().replace(/T/, ' ').replace(/\..+/, ' Z');
+    const emailContent = `Hello,<br><br>We received a request to sign in to NEAR Onboarding using this email address, at ${formattedDate}. If you want to sign in with your ${email} account, use this code:<br><br>${otp}<br><br>If you did not request this link, you can safely ignore this email.<br><br>Thanks,<br><br>Your NEAR Onboarding team`;
+
+    try {
+      await transporter.sendMail({
+        from:    SENDER_EMAIL,
+        to:      email,
+        subject: `Sign in to NEAR Onboarding requested at ${formattedDate}`,
+        html:    emailContent
+      });
+
+      const otpDoc = admin.firestore().collection('otps').doc(email);
+      await otpDoc.set({
+        otp,
+        createdAt: admin.firestore.FieldValue.serverTimestamp(),
+        expiresAt: admin.firestore.Timestamp.fromDate(
+          new Date(Date.now() + 10 * 60 * 1000)
+        ), // 10 minutes expiration
+      });
+
+      return { success: true, message: 'OTP sent successfully' };
+    } catch (error) {
+      console.error('Error sending OTP:', error);
+      throw new functions.https.HttpsError('internal', 'Failed to send OTP');
+    }
+  }
+);
+
+export const verifyOTP = functions
+  .runWith({ timeoutSeconds: 60 })
+  .https.onCall(async (data: { email: string; otp: string }, _context) => {
+    const { email, otp } = data;
+
+    const otpDoc = await admin.firestore().collection('otps').doc(email).get();
+
+    if (!otpDoc.exists) {
+      throw new functions.https.HttpsError(
+        'not-found',
+        'No OTP request found for this email'
+      );
+    }
+
+    const otpData = otpDoc.data();
+
+    if (!otpData || otpData.otp !== otp) {
+      throw new functions.https.HttpsError('invalid-argument', 'Invalid OTP');
+    }
+
+    if (otpData.expiresAt.toDate() < new Date()) {
+      throw new functions.https.HttpsError(
+        'deadline-exceeded',
+        'OTP has expired'
+      );
+    }
+
+    let uid: string;
+    try {
+      const userRecord = await admin.auth().getUserByEmail(email);
+      uid = userRecord.uid;
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    } catch (error: any) {
+      if (error.code === 'auth/user-not-found') {
+        const newUser = await admin.auth().createUser({ email });
+        uid = newUser.uid;
+      } else {
+        console.error('Error getting user:', error);
+        throw new functions.https.HttpsError('internal', 'Error verifying user');
+      }
+    }
+
+    const customToken = await admin.auth().createCustomToken(uid);
+
+    await otpDoc.ref.delete();
+
+    return { success: true, customToken };
+  });

packages/functions/tsconfig.dev.json

@@ -0,0 +1,5 @@
+{
+  "include": [
+    ".eslintrc.js"
+  ]
+}

packages/functions/tsconfig.eslint.json

@@ -0,0 +1,4 @@
+{
+  "extends": "./tsconfig.json",
+  "include": ["src/**/*.ts", "src/**/*.js", ".eslintrc.js"]
+}