Architecture AS-IS
OTP Sign In
Braze
Proposal
Solution 1 - Add isBlocked field in User DynamoDB item
Workflow:
Support agent blocks the user
Blocked user attempts login
User is blocked while logged in WL → Add getMe query when user goes to cart page
User is blocked while logged in WL → Validate blocked user on gateway
Task breakdown
Changes in intl-whitelabel-cms
intl-whitelabel-cms
Create email template for blocked user notification
Templates should use the Liquid syntax
Create email template for unblocked user notification
Templates should use the Liquid syntax
Changes in intl-notifications-service
intl-users-service
Create send block notification endpoint
POST /api/v1/email/send-block
Create block TemplateType
Receive SendEmailRequestDto as payload
Create send unblock notification endpoint
POST /api/v1/email/send-unblock
Create unblock TemplateType
Receive SendEmailRequestDto as payload
Changes in intl-users-service
intl-users-service
Create block user endpoint
Endpoint: POST /api/v1/users/block-user/{cognitoId}
Add isBlocked field to user details base interface
The field should be returned in GET user endpoint
Use UpdateService to set is blocked to true
user notification-service to send email
remove user from braze campaings
Create unblock user endpoint
Endpoint: POST /api/v1/users/unblock-user/{cognitoId}
Use UpdateService to set is blocked to false
user notification-service to send email
return user to braze campaings
Prevent blocked users from signing in
Create UserBlockedError apollo error
Add isBlocked validation in the listed resolvers:
createOTP
createLoginOTP
signInJWT
socialLogin
User not found validation for reference
Changes in intl-packages
intl-packates/packages/user
Add isBlocked to userDetails type
Create method to block user
Should use axios to trigger a request to user service
Create method to unblock user
Should use axios to trigger a request to user service
Changes in intl-whitelable-graphql
Changes in intl-admin-app
intl-admin-app
Create block status card on customer page
Update users package
Add isBlocked to user details type in graphql
Add isBlocked to customer query in frontend
Create card to display user status
Create mutation to block the user
Use blockUser exposed in the user package (instantiated insider the user provider)
Create auditLog for the customer blocking
Create new audit action block-user
Example of audit log
Create block customer permission
Permission: “RBI.supportActions.customer.block”
Add “RBI.supportActions.customer.*” to rolePermissionMapping in agent role for BK,PLK,TH and FHS
Implement block user in front end
Create confirmation modal
Check if agent has permission to change customer status
TBD: which permission is needed
Trigger block mutation on confirmation
Create mutation to unblock the user
Use unblockUser exposed in the user package (instantiated insider the user provider)
Create auditLog for the customer unblocking
Create new audit action unblock-user
Example of audit log
Check if the agent has permission to unblock
Permission: “RBI.supportActions.customer.block”
Implement unblock user in front end
Create confirmation modal
Check if agent has permission to change customer status
TBD: which permission is needed
Trigger unblock mutation on confirmation
Changes in intl-whitelable-app
intl-whitelable-app
Create blocked account modal
Handle UserBlockedError in signIn
Option 1
Create onError handler for signIn mutations
If UserBlockedError:
sign out user
display blocked account modal
Add onError parameter to the following signIn mutations
signInWithOtp
signInWithJwt
signInSocialLogin
Option 2
Monitor error value of all the mutations listed above with useEffect
If UserBlockedError:
sign out user
display blocked account modal
Validate if user is blocked before proceeding to cart
use getMe query to check user status
if isBlocked
sign out user
display blocked account modal
Solution 2 - Disable user in cognito
0 Comments