move to production

k8s/auth-service/values-prod.yaml

@@ -6,7 +6,7 @@ app:
 replicaCount: 3
 image:
   repository: eu.gcr.io/airqo-250220/airqo-auth-api
-  tag: prod-d10552fa-1737954367
+  tag: prod-f6cb2484-1737977761
 nameOverride: ''
 fullnameOverride: ''
 podAnnotations: {}

k8s/calibrate/values-prod.yaml

@@ -6,11 +6,11 @@ app:
 initContainer:
   image:
     repository: eu.gcr.io/airqo-250220/airqo-calibrate-pickle-file
-    tag: prod-d10552fa-1737954367
+    tag: prod-f6cb2484-1737977761
 replicaCount: 3
 image:
   repository: eu.gcr.io/airqo-250220/airqo-calibrate-api
-  tag: prod-d10552fa-1737954367
+  tag: prod-f6cb2484-1737977761
 nameOverride: ''
 fullnameOverride: ''
 podAnnotations: {}

k8s/device-registry/values-prod.yaml

@@ -6,7 +6,7 @@ app:
 replicaCount: 3
 image:
   repository: eu.gcr.io/airqo-250220/airqo-device-registry-api
-  tag: prod-d10552fa-1737954367
+  tag: prod-f6cb2484-1737977761
 nameOverride: ''
 fullnameOverride: ''
 podAnnotations: {}

k8s/exceedance/values-prod-airqo.yaml

@@ -4,6 +4,6 @@ app:
   configmap: env-exceedance-production
 image:
   repository: eu.gcr.io/airqo-250220/airqo-exceedance-job
-  tag: prod-d10552fa-1737954367
+  tag: prod-f6cb2484-1737977761
 nameOverride: ''
 fullnameOverride: ''

k8s/exceedance/values-prod-kcca.yaml

@@ -4,6 +4,6 @@ app:
   configmap: env-exceedance-production
 image:
   repository: eu.gcr.io/airqo-250220/kcca-exceedance-job
-  tag: prod-d10552fa-1737954367
+  tag: prod-f6cb2484-1737977761
 nameOverride: ''
 fullnameOverride: ''

k8s/predict/values-prod.yaml

@@ -7,7 +7,7 @@ images:
     predictJob: eu.gcr.io/airqo-250220/airqo-predict-job
     trainJob: eu.gcr.io/airqo-250220/airqo-train-job
     predictPlaces: eu.gcr.io/airqo-250220/airqo-predict-places-air-quality
-  tag: prod-d10552fa-1737954367
+  tag: prod-f6cb2484-1737977761
 api:
   name: airqo-prediction-api
   label: prediction-api

k8s/workflows/values-prod.yaml

@@ -10,7 +10,7 @@ images:
     initContainer: eu.gcr.io/airqo-250220/airqo-workflows-xcom
     redisContainer: eu.gcr.io/airqo-250220/airqo-redis
     containers: eu.gcr.io/airqo-250220/airqo-workflows
-  tag: prod-d10552fa-1737954367
+  tag: prod-f6cb2484-1737977761
 nameOverride: ''
 fullnameOverride: ''
 podAnnotations: {}

k8s/workflows/values-stage.yaml

@@ -10,7 +10,7 @@ images:
     initContainer: eu.gcr.io/airqo-250220/airqo-stage-workflows-xcom
     redisContainer: eu.gcr.io/airqo-250220/airqo-stage-redis
     containers: eu.gcr.io/airqo-250220/airqo-stage-workflows
-  tag: stage-49d537ea-1737733317
+  tag: stage-8ea5bb09-1737977725
 nameOverride: ''
 fullnameOverride: ''
 podAnnotations: {}

src/auth-service/controllers/user.controller.js

@@ -1664,6 +1664,169 @@ const createUser = {
       return;
     }
   },
+  resetPasswordRequest: async (req, res, next) => {
+    try {
+      const errors = extractErrorsFromRequest(req);
+      if (errors) {
+        next(
+          new HttpError("bad request errors", httpStatus.BAD_REQUEST, errors)
+        );
+        return;
+      }
+      const { email } = req.body;
+      const tenant = req.query.tenant;
+      const token = userUtil.generateNumericToken(5);
+      const result = await userUtil.initiatePasswordReset(
+        {
+          email,
+          token,
+          tenant,
+        },
+        next
+      );
+
+      res
+        .status(httpStatus.OK)
+        .json({ success: true, message: result.message });
+    } catch (error) {
+      logger.error(`🐛🐛 Internal Server Error ${error.message}`);
+      next(
+        new HttpError(
+          "Internal Server Error",
+          httpStatus.INTERNAL_SERVER_ERROR,
+          { message: error.message }
+        )
+      );
+      return;
+    }
+  },
+  resetPassword: async (req, res, next) => {
+    try {
+      const errors = extractErrorsFromRequest(req);
+      if (errors) {
+        next(
+          new HttpError("bad request errors", httpStatus.BAD_REQUEST, errors)
+        );
+        return;
+      }
+      const { token } = req.params;
+      const { password } = req.body;
+
+      const defaultTenant = constants.DEFAULT_TENANT || "airqo";
+      const tenant = isEmpty(req.query.tenant)
+        ? defaultTenant
+        : req.query.tenant;
+
+      const result = await userUtil.resetPassword(
+        {
+          token,
+          password,
+          tenant,
+        },
+        next
+      );
+
+      res
+        .status(httpStatus.OK)
+        .json({ success: true, message: result.message });
+    } catch (error) {
+      logObject("error in controller", error);
+      logger.error(`🐛🐛 Internal Server Error ${error.message}`);
+      next(
+        new HttpError(
+          "Internal Server Error",
+          httpStatus.INTERNAL_SERVER_ERROR,
+          { message: error.message }
+        )
+      );
+      return;
+    }
+  },
+
+  registerMobileUser: async (req, res, next) => {
+    try {
+      const errors = extractErrorsFromRequest(req);
+      if (errors) {
+        next(
+          new HttpError("bad request errors", httpStatus.BAD_REQUEST, errors)
+        );
+        return;
+      }
+
+      const request = req;
+      const defaultTenant = constants.DEFAULT_TENANT || "airqo";
+      request.query.tenant = isEmpty(req.query.tenant)
+        ? defaultTenant
+        : req.query.tenant;
+
+      request.body.analyticsVersion = 4;
+
+      const result = await userUtil.registerMobileUser(request, next);
+
+      if (isEmpty(result) || res.headersSent) {
+        return;
+      }
+
+      if (result.success === true) {
+        res
+          .status(httpStatus.CREATED)
+          .json({ success: true, message: result.message, data: result.user });
+      } else {
+        next(new HttpError(result.message, httpStatus.BAD_REQUEST));
+      }
+    } catch (error) {
+      logger.error(`🐛🐛 Internal Server Error ${error.message}`);
+      next(
+        new HttpError(
+          "Internal Server Error",
+          httpStatus.INTERNAL_SERVER_ERROR,
+          { message: error.message }
+        )
+      );
+      return;
+    }
+  },
+
+  verifyMobileEmail: async (req, res, next) => {
+    try {
+      const errors = extractErrorsFromRequest(req);
+      if (errors) {
+        next(
+          new HttpError("bad request errors", httpStatus.BAD_REQUEST, errors)
+        );
+        return;
+      }
+      const request = req;
+      const defaultTenant = constants.DEFAULT_TENANT || "airqo";
+      request.query.tenant = isEmpty(req.query.tenant)
+        ? defaultTenant
+        : req.query.tenant;
+
+      const result = await userUtil.verifyMobileEmail(request, next);
+
+      if (isEmpty(result) || res.headersSent) {
+        return;
+      }
+      if (result.success) {
+        res
+          .status(httpStatus.OK)
+          .json({ success: true, message: result.message, data: result.user });
+      } else {
+        next(new HttpError(result.message, httpStatus.BAD_REQUEST));
+      }
+    } catch (error) {
+      logger.error(`🐛🐛 Internal Server Error ${error.message}`);
+      next(
+        new HttpError(
+          "Internal Server Error",
+          httpStatus.INTERNAL_SERVER_ERROR,
+          { message: error.message }
+        )
+      );
+      return;
+    }
+  },
+
   subscribeToNewsLetter: async (req, res, next) => {
     try {
       const errors = extractErrorsFromRequest(req);

src/auth-service/middleware/passport.js

@@ -172,6 +172,44 @@ const useEmailWithLocalStrategy = (tenant, req, res, next) =>
             )
           );
           return;
+        } else if (user.analyticsVersion === 4 && !user.verified) {
+          await createUserUtil
+            .mobileVerificationReminder({ tenant, email: user.email }, next)
+            .then((verificationResponse) => {
+              if (
+                !verificationResponse ||
+                verificationResponse.success === false
+              ) {
+                logger.error(
+                  `Verification reminder failed: ${
+                    verificationResponse
+                      ? verificationResponse.message
+                      : "No response"
+                  }`
+                );
+              }
+            })
+            .catch((err) => {
+              logger.error(
+                `Error sending verification reminder: ${err.message}`
+              );
+            });
+
+          req.auth.success = false;
+          req.auth.message =
+            "account not verified, verification email has been sent to your email";
+          req.auth.status = httpStatus.FORBIDDEN;
+          next(
+            new HttpError(
+              "account not verified, verification email has been sent to your email",
+              httpStatus.FORBIDDEN,
+              {
+                message:
+                  "account not verified, verification email has been sent to your email",
+              }
+            )
+          );
+          return;
         }
         req.auth.success = true;
         req.auth.message = "successful login";
@@ -294,6 +332,44 @@ const useUsernameWithLocalStrategy = (tenant, req, res, next) =>
             )
           );
           return;
+        } else if (user.analyticsVersion === 4 && !user.verified) {
+          createUserUtil
+            .mobileVerificationReminder({ tenant, email: user.email }, next)
+            .then((verificationResponse) => {
+              if (
+                !verificationResponse ||
+                verificationResponse.success === false
+              ) {
+                logger.error(
+                  `Verification reminder failed: ${
+                    verificationResponse
+                      ? verificationResponse.message
+                      : "No response"
+                  }`
+                );
+              }
+            })
+            .catch((err) => {
+              logger.error(
+                `Error sending verification reminder: ${err.message}`
+              );
+            });
+
+          req.auth.success = false;
+          req.auth.message =
+            "account not verified, verification email has been sent to your email";
+          req.auth.status = httpStatus.FORBIDDEN;
+          next(
+            new HttpError(
+              "account not verified, verification email has been sent to your email",
+              httpStatus.FORBIDDEN,
+              {
+                message:
+                  "account not verified, verification email has been sent to your email",
+              }
+            )
+          );
+          return;
         }
         req.auth.success = true;
         req.auth.message = "successful login";

src/auth-service/models/User.js

@@ -93,7 +93,6 @@ const UserSchema = new Schema(
     },
     userName: {
       type: String,
-      required: [true, "UserName is required!"],
       trim: true,
       unique: true,
     },
@@ -404,6 +403,14 @@ UserSchema.pre(
           return next(new Error("Phone number or email is required!"));
         }
 
+        if (!this.userName && this.email) {
+          this.userName = this.email;
+        }
+
+        if (!this.userName) {
+          return next(new Error("userName is required!"));
+        }
+
         // Profile picture validation - only for new documents
         if (
           this.profilePicture &&
@@ -470,10 +477,6 @@ UserSchema.pre(
           ];
         }
 
-        // Ensure default values for new documents
-        this.verified = this.verified ?? false;
-        this.analyticsVersion = this.analyticsVersion ?? 2;
-
         // Permissions handling for new documents
         if (this.permissions && this.permissions.length > 0) {
           this.permissions = [...new Set(this.permissions)];
@@ -581,15 +584,6 @@ UserSchema.pre(
             updates.permissions = uniquePermissions;
           }
         }
-
-        // Conditional default values for updates
-        if (updates && updates.$set) {
-          updates.$set.verified = updates.$set.verified ?? false;
-          updates.$set.analyticsVersion = updates.$set.analyticsVersion ?? 2;
-        } else {
-          updates.verified = updates.verified ?? false;
-          updates.analyticsVersion = updates.analyticsVersion ?? 2;
-        }
       }
 
       // Additional checks for new documents