Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 14 Current »

Architecture AS-IS

OTP Sign In

Braze

Proposal

Solution 1 - Add isBlocked field in User DynamoDB item

Workflow:

Support agent blocks the user

Blocked user attempts login

User is blocked while logged in WL → Add getMe query when user goes to cart page

User is blocked while logged in WL → Validate blocked user on gateway

Task breakdown

Changes in intl-whitelabel-cms

 intl-whitelabel-cms
  1. Create email template for blocked user notification

    1. Templates should use the Liquid syntax

  2. Create email template for unblocked user notification

    1. Templates should use the Liquid syntax

Changes in intl-notifications-service

 intl-users-service
  1. Create send block notification endpoint

    1. POST /api/v1/email/send-block

    2. Create block TemplateType

    3. Receive SendEmailRequestDto as payload

  2. Create send unblock notification endpoint

    1. POST /api/v1/email/send-unblock

    2. Create unblock TemplateType

    3. Receive SendEmailRequestDto as payload

Changes in intl-users-service

 intl-users-service
  1. Create block user endpoint

    1. Endpoint: POST /api/v1/users/block-user/{cognitoId}

    2. Add isBlocked field to user details base interface

      1. The field should be returned in GET user endpoint

    3. Use UpdateService to set is blocked to true

    4. user notification-service to send email

    5. remove user from braze campaings

  2. Create unblock user endpoint

    1. Endpoint: POST /api/v1/users/unblock-user/{cognitoId}

    2. Use UpdateService to set is blocked to false

    3. user notification-service to send email

    4. return user to braze campaings

  3. Prevent blocked users from signing in

    1. Create UserBlockedError apollo error

    2. Add isBlocked validation in the listed resolvers:

      • createOTP

      • createLoginOTP

      • signInJWT

      • socialLogin

    3. User not found validation for reference

Changes in intl-packages

 intl-packates/packages/user
  1. Add isBlocked to userDetails type

  2. Create method to block user

    1. Should use axios to trigger a request to user service

  3. Create method to unblock user

    1. Should use axios to trigger a request to user service

Changes in intl-whitelable-graphql

 intl-whitelable-graphql
  1. Add isBlocked to userDetails type

Changes in intl-admin-app

 intl-admin-app
  1. Create block status card on customer page

    1. Update users package

    2. Add isBlocked to user details type in graphql

    3. Add isBlocked to customer query in frontend

    4. Create card to display user status

  2. Create mutation to block the user

    1. Use blockUser exposed in the user package (instantiated insider the user provider)

    2. Create auditLog for the customer blocking

      1. Create new audit action block-user

      2. Example of audit log

    3. Create block customer permission

      1. Permission: “RBI.supportActions.customer.block”

      2. Add “RBI.supportActions.customer.*” to rolePermissionMapping in agent role for BK,PLK,TH and FHS

  3. Implement block user in front end

    1. Create confirmation modal

    2. Check if agent has permission to change customer status

      1. TBD: which permission is needed

    3. Trigger block mutation on confirmation

  4. Create mutation to unblock the user

    1. Use unblockUser exposed in the user package (instantiated insider the user provider)

    2. Create auditLog for the customer unblocking

      1. Create new audit action unblock-user

      2. Example of audit log

    3. Check if the agent has permission to unblock

      1. Permission: “RBI.supportActions.customer.block”

  5. Implement unblock user in front end

    1. Create confirmation modal

    2. Check if agent has permission to change customer status

      1. TBD: which permission is needed

    3. Trigger unblock mutation on confirmation

Changes in intl-whitelable-app

 intl-whitelable-app
  1. Create blocked account modal

  2. Handle UserBlockedError in signIn

    1. Option 1

      1. Create onError handler for signIn mutations

      2. If UserBlockedError:

        1. sign out user

        2. display blocked account modal

      3. Add onError parameter to the following signIn mutations

        1. signInWithOtp

        2. signInWithJwt

        3. signInSocialLogin

    2. Option 2

      1. Monitor error value of all the mutations listed above with useEffect

      2. If UserBlockedError:

        1. sign out user

        2. display blocked account modal

  3. Validate if user is blocked before proceeding to cart

    1. use getMe query to check user status

    2. if isBlocked

      1. sign out user

      2. display blocked account modal

Solution 2 - Disable user in cognito

  • No labels

0 Comments

You are not logged in. Any changes you make will be marked as anonymous. You may want to Log In if you already have an account.