This is super admin api where pagination would be required in future

Version: x.y.z

Describe the bug

Steps To Reproduce

Expected behavior

Screenshots

Desktop (please complete the following information):

• OS: [e.g. iOS]
• Browser [e.g. chrome, safari]
• Version [e.g. 22]

Additional context

Description

• For quick demo and playaround with authorizer one should be able to to signup even without configuring smtp server

Technical task

• Add env var disable email verification (var name -> VERIFY_EMAIL: true/false) -> defaults to false
• Add verifiedAt (https://github.com/authorizerdev/authorizer/blob/main/server/resolvers/signup.go) if email verification is disabled

• If the user has an expired access token and valid refresh token
  • generate a new token and set in response + cookie
• If the user has a valid access token return the same and set in cookie

Should be authorized request.
Email from token can update the password.

Feature Description

Add ability to build binary for linux, mac and windows with each release

Describe the solution you'd like

Check: https://github.com/marketplace/actions/go-release-binaries

Describe alternatives you've considered

Additional context

Feature Description

One should be able to set multiple default roles
Describe the solution you'd like

Describe alternatives you've considered

Additional context

Description

• Use Create boilerplate using https://docs.gofiber.io/
• Setup routes folder
• Setup handler folder

Use .env to read env from or system env

Feature Description

Make a generic email for verification mails that are sent to users during

1. signup mutation
2. updateProfile mutation if email is change

Describe the solution you'd like

Describe alternatives you've considered

Additional context

Descrption

Add: _meta query that lets the client know the current configuration,

{
   version: `0.1.0.beta`
   isGoogleLoginEnabled: true/false
   isFacebookLoginEnabled: true/false
   isTwitterLoginEnabled: true/false
  isBasicAuthEnabled: true/false
  isEmailVerificationEnabled: true/false
}

Note: this meta-information should also be there with token information as one can configure the frontend UI based on this.

What needs to be done?

• Add twitter oauth2 config provider
• Process Twitter oauth2 user

Fore more information Resolve TODOs in #212 and check the issue on golang oauth2 (golang/oauth2#517)

Version: x.y.z

Describe the bug

Steps To Reproduce

Expected behavior

Screenshots

Desktop (please complete the following information):

• OS: [e.g. iOS]
• Browser [e.g. chrome, safari]
• Version [e.g. 22]

Additional context

Version: x.y.z
Latest

Describe the bug
Role for a given JWT token should be verified against the roles of user. This should be done in auth middleware
Here is the util:

Steps To Reproduce

Expected behavior

Screenshots

Desktop (please complete the following information):

• OS: [e.g. iOS]
• Browser [e.g. chrome, safari]
• Version [e.g. 22]

Additional context

Feature Description

Describe the solution you'd like

Describe alternatives you've considered

Additional context

Feature Description

Currently only one active session of user is valid.
Ideally we would like to allow user to have multiple sessions and keep track of that in db

Describe the solution you'd like

Describe alternatives you've considered

Additional context

Feature Description
Allow user to write JS script and manipulate the JWT token contents.
Ref: https://hasura.io/docs/latest/graphql/core/guides/integrations/auth0-jwt.html
This enable users to use platforms like hasura with more security

Describe the solution you'd like

• Use .env called SCRIPT
• Expose the Go context and user as param. Expected return is JSON object
• Use https://github.com/rogchap/v8go to execute JS on start of server

Describe alternatives you've considered

Additional context

Feature Description

Describe the solution you'd like

Describe alternatives you've considered

Additional context

• Create Docker file
• Create image
• Create Docker compose file to run with postgres

Feature Description

Currently, we are just authorizing users using oauth2, but open id lets us authenticate users more securely on top of oauth2

Describe the solution you'd like

Check the following video on how it works
youtube.com/watch?v=996OiexHze0

Describe alternatives you've considered

Additional context

This should have super admin access only

Envs to be supported

• PORT
• DATABASE_URL
• CALLBACK_URL
• ADMIN_SECRET
• PASSWORD_ENCRYPTION_KEY
• FACEBOOK_ID
• FACEBOOK_SECRET
• GITHUB_ID
• GITHUB_SECRET
• GOOGLE_ID
• GOOGLE_SECRET
• TWITTER_ID
• TWITTER_SECRET
• EMAIL_SERVER=smtp://username:[email protected]:587
• EMAIL_FROM=NextAuth [email protected]
• DATABASE_URL=sqlite://localhost/:memory:?synchronize=true

Description

Currently, env is either loaded from '.env' or using system vars.
It would be good to have -env_file flag where user can specify env file path and variable are loaded from that file

Feature Description
Create a mutation for admins only, so that they can update roles of a user

Describe the solution you'd like

Describe alternatives you've considered

Additional context

Feature Description

Describe the solution you'd like

Describe alternatives you've considered

Additional context

Version: x.y.z

Describe the bug

Steps To Reproduce

Expected behavior

Screenshots

Desktop (please complete the following information):

• OS: [e.g. iOS]
• Browser [e.g. chrome, safari]
• Version [e.g. 22]

Additional context

• Create /app route
• Serve application built using react sdk
• Set global data with /app route request
• Global state data should be passed as query string
• Make sure global state is base64 encoded
• Make sure state data includes the redirect url
• Add Allowed origins env
• Make sure redirect url is available in allowed origins

Feature Description

Super admins should be able to invite users

Describe the solution you'd like

Describe alternatives you've considered

Additional context