samagra-development / user-service Goto Github PK

Description

User service does not allow to logout users and revoke their tokens.

Expected Outcome

A Logout endpoint is needed from user service to logout users.

Mockups / Wireframes

NA

Project

User Service

Organization Name:

Domain

[Area of governance]

Tech Skills Needed:

TS, JS

Mentor(s)

NA

Complexity

Medium

Category

Feature

Sub Category

API

Currently, it uses only a single tag latest it should also push the version tag based on github tags

UCI Web Channel Login

Sign Up/Login APIs for onboarding new users or logging in existing users on UCI channel.

Please Describe The Problem To Be Solved
It will help the new users to easily sign up on UCI channel and easily login through a managed user login service with enabled authentication.

(Optional): Suggest A Solution
Things to address include:

• Need to provide 2 APIs: One for initiating the send OTP process for verifying the authenticity of the user and a register/login API which would verify the OTP, if the OTP is verified and is an existing user, it would log in and return JWT tokens for the user and if it is a new user it will register the user and then return JWT token in the response.
• It is preferable to use fusion auth typescript SDK for API calls to fusion auth to maintain code integrity throughout the module. You can find the client repo here
• Response Body to be used can be found here
• Reference implementation for signing up/login user with OTP flow can be found here

If there are multiple solutions, please present each one separately. Save comparisons for the very end.)

Description

If we send incorrect application id when hitting user service, we get internal server error. This creates ambiguity. It should display a proper error message saying "Application ID Doesn't exist" or any other informative message.

Description

Add CRUD APIs for admin user on fusionauth and prod db

Changes

• Add a new module for admin
• Create APIs for admin user
• e2e tests

How to test

Attaching the postman collection for the the apis here

Please consider using the closing keyword if the pull request is proposed to
fix an issue already created in the repository
(https://help.github.com/articles/closing-issues-using-keywords/)

Description

FusionAuth is an identity provider. User service can use FusionAuth as one of the providers. Currently, it is on the user end to set up FusionAuth and then configure environment variables accordingly. It can be automated by using a kickstart file for FusionAuth.

Goals

• Setup a kickstart file for FusionAuth and configure the basic roles, application-id and API keys
• Edit env file variables to pick up the new configuration

Expected Outcome

The expected outcome is a kickstart file for FusionAuth that automates the setup process. This file should include the necessary configurations for basic roles, application ID, and API keys. Once the kickstart file is executed, FusionAuth should be fully configured and ready to use without requiring manual intervention.

Acceptance Criteria

• A kickstart file is created for FusionAuth.
• The kickstart file includes configurations for basic roles, application ID, and API keys.
• The environment file is updated to read the new configuration from the kickstart file.
• FusionAuth can be set up and configured automatically by executing the kickstart file.
• The user service successfully integrates with FusionAuth using the automated configuration.

Mentor(s)

@tushar5526

Implementation Details

The kickstart file can be written using a scripting language such as Bash or PowerShell, depending on the target platform. The file should include commands to install and configure FusionAuth, set up basic roles, and generate application ID and API keys. The environment file should be updated to read the necessary configuration values from the kickstart file.

Mockups / Wireframes

NA

Project

User Service

Organization Name:

Samagra

Tech Skills Needed:

Typescript, Javascript

Complexity

Medium

Category

Feature

Sub Category

Configuration

Description

Add more info into the README file.

Description

For querying users where some data resides at Fusion Auth DB & rest at Hasura side.

Changes

GET /admin/user/:userId
Use the existing devised generic approach; we'll add a new variable in env file JSON against the application ID with a new hasura Query, which will query & add a new fields in the response of this API. E.g.
Request body:

{
	"hasuraMutations": [
        {
            "applicationId": "f0ddb3f6-091b-45e4-8c0f-889f89d4f5da",
            "mutation": "getTeacherDetail",
            "payload": {
                "user_id": "xxxx"
            }
        }
    ]
}

Response body:

{
	...
	"hasuraMutations": [
        {
            "applicationId": "f0ddb3f6-091b-45e4-8c0f-889f89d4f5da",
            "mutation": "getTeacherDetail",
            "response": {
            	....
            	// result from Hasura query
            }
        }
    ]
}

Open Questions:

1. Does this approach makes sense?
2. The above is existing GET API. We can pass the request payload as JSON (not sure if it is fine or not). Or, shall we add a new API (like POST /admin/user/:userId/getDetails) with request/response payload/body as mentioned above?

Currently, the swagger APIs show empty request-response structure. Add types and parameters by adding DTOs to the requests. Use this auto DTO generator to generate Typescript DTOs from json-schemas for the following

• User
• Address
• Education

A docker compose file that also sets up fusionauth will help in getting started. Fusionauth can also be bootstrapped using kickstart file.

Description

Users of Saksham Samiksha in Haryana while resetting password are receiving OTP messages in the template used for Samagra Shiksha app used in Himachal Pradesh.
https://github.com/Saksham-Education/saksham-samiksha-app/issues/115

We need to allow different applications can use different providers with configurable OTP templates.

Changes

Generic config will be enhanced by adding new JSON fields to allow override OTP provider & template from the default one defined at the environment level.

Description

Check if there is any need to upgrade dependencies
https://github.com/Mission-Prerna/PrernaLakshyaBackend/issues/23

Changes

• #39
• #44
• #45
• #47
• #50
• #52
• #55
• #57
• #62

Description

APIs needed to allow user status deactivation/re-activation.

Description

Verify if user exists in Fusion Auth for the given application before sending OTP. If not exists, respond with customized/default error message pass in query param.

Related to: https://github.com/Mission-Prerna/prerna-lakshya-app/issues/103#issuecomment-1427767399

Changes

Addition of validation in the /api/sendOTP?phone=XXXX API

Description

The API is responding with wrong result set; causing wrong user profiles getting listed.

Tracked here - Samarth-HP/admin-ts#87

Instrumentation: NestJS-Otel

ConfigModule and ConfigService rather than process.env.xxx

Description

We shall use CDAC service instead of Gupshup(paid service) for sending all types of SMS.

I have a use case to validate a JWT token by hitting the endpoint /api/jwt/validate in FA. User-service should have an endpoint for this.

https://www.postman.com/collections/273dc33e3e37977a22b5

Description

Details here: https://github.com/Samarth-HP/esamwad-backend/issues/47#issuecomment-1418624646

Changes

New endpoint to be added.

How to test

--

Description

User Journey

1. If the user is not registered - register a user and log them in.
2. If the user is registered - log in a user.

Endpoing - /login/otp

{
	"loginId": <phone number>,
	"password": <OTP>,
	"applicationId": <appId>
}

Internal Implementation

Reset the pass to salt + OTP. Update the password every login.

Update the docs on the following things

• The process to follow for adding a new template to the server
  • status at which the template should be valid, in-process
  • valid template placeholders - {#var#}
  • how to define language encoding for sending messages (Unicode/English)? What are valid choices?
• Ownership of who does what and how to debug

Context: RCA

Task

Add a README to the prod deployment of user service since the current directory structure is unintuitive.

Description

We want to integrate Sentry into the app to record all app-wide exceptions.

Changes

Sentry will be integrated & all exceptions will be pushed to it.