Enhancements for expired and expiring tokens

[Baalmart]

WHAT DOES THIS PR DO?

• [x] Change from monthly to weekly email alerts for tokens about to expire
• [x] send an email for every expired token on verification check

HOW DO I TEST OUT THIS PR?

• [ ] Analytics: Link to Analytics README
• [x] Auth Service: Link to Auth Service README
• [ ] Calibrate: Link to Calibrate README
• [ ] Data Proxy: Link to Data Proxy README
• [ ] Device Monitoring: Link to Device Monitoring README
• [ ] Device Registry: Link to Device Registry README
• [ ] Device Status: Link to Device Status README
• [ ] Device Uptime: Link to Device Uptime README
• [ ] Exceedances: Link to Exceedances README
• [ ] Firebase: Link to Firebase README
• [ ] GP Model: Link to GP Model README
• [ ] Incentives: Link to Incentives README
• [ ] Kafka Connectors: Link to Kafka Connectors
• [ ] Locate: Link to Locate README
• [ ] Metadata: Link to Metadata README
• [ ] Predict: Link to Predict README
• [ ] Spatial: Link to Spatial
• [ ] View: Link to View README
• [ ] Workflows: Link to Workflows README

WHICH ENDPOINTS SHOULD BE READY FOR TESTING?:

• [x] verify token

Summary by CodeRabbit

• New Features

  • Implemented email notifications for expired API tokens to keep users informed.

• Improvements

  • Enhanced token management to include error logging and user detail retrieval for better handling of expired tokens.

• Maintenance

  • Updated job scheduler to run every Sunday at midnight for more predictable token expiration management.

[coderabbitai[bot]]

Walkthrough

## Walkthrough A weekly cron schedule for the token expiration job has been introduced, expired token handling has been added to control-access, and new email functionalities have been implemented, including generating and sending notifications for expired tokens. ## Changes | Files | Change Summary | |------------------------------------------------|------------------------------------------------------------------------------------------------------| | src/auth-service/bin/token-expiration-job.js | Replaced fixed cron schedule with a constant for a weekly job every Sunday at midnight. | | src/auth-service/utils/control-access.js | Added handling for expired tokens, retrieving user details, logging errors, and sending email notifications. | | src/auth-service/utils/email.msgs.js | Added `tokenExpired` function to generate email content for expired API token notifications. | | src/auth-service/utils/mailer.js | Introduced `expiredToken` function for handling expired tokens and email notifications, with some changes to `expiringToken`. | ## Sequence Diagram(s) ```mermaid sequenceDiagram participant Cron as Cron Scheduler participant Job as TokenExpirationJob participant DB as Database participant User as User participant Mailer as Email Service Cron->>Job: Weekly at Sunday Midnight Job->>DB: Retrieve expired tokens Job->>User: Find users with expired tokens User-->>Job: Return user details Job->>Mailer: Send expired token notification Mailer-->>User: Notify about expired token Job->>DB: Log token expiration event ``` ```mermaid sequenceDiagram participant User as User participant ControlAccess as ControlAccess participant DB as Database participant Logger as Logger participant Mailer as Email Service User->>ControlAccess: isIPBlacklistedHelper ControlAccess->>DB: Check token alt Token Expired ControlAccess->>DB: Retrieve user details ControlAccess->>Logger: Log token expiration ControlAccess->>Mailer: Send expired token email Mailer-->>User: Notify about expired token end DB->>ControlAccess: Return result ControlAccess-->>User: Return access info ``` ## Poem > Tokens that expire, at Sunday’s night, > Bring new email warnings, in the moonlight. > With code to track and send with care, > No expired token goes unaware. > A job aligns with Sunday’s dawn, > To safeguard access, when old tokens are gone.

---

[!TIP]

Early access features: enabled

We are currently testing the following features in early access: - **OpenAI `gpt-4o` model for code reviews and chat**: OpenAI claims that this model is better at understanding and generating code than the previous models. We seek your feedback over the next few weeks before making it generally available. Note: - You can enable or disable early access features from the CodeRabbit UI or by updating the CodeRabbit configuration file. - Please join our [Discord Community](https://discord.com/invite/GsXnASn26c) to provide feedback and report issues. - OSS projects are always opted into early access features.

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

- [X](https://twitter.com/intent/tweet?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A&url=https%3A//coderabbit.ai) - [Mastodon](https://mastodon.social/share?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A%20https%3A%2F%2Fcoderabbit.ai) - [Reddit](https://www.reddit.com/submit?title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&text=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code.%20Check%20it%20out%3A%20https%3A//coderabbit.ai) - [LinkedIn](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fcoderabbit.ai&mini=true&title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&summary=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code)

Tips

### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): - Review comments: Directly reply to a review comment made by CodeRabbit. Example: - `I pushed a fix in commit .` - `Generate unit testing code for this file.` - `Open a follow-up GitHub issue for this discussion.` - Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples: - `@coderabbitai generate unit testing code for this file.` - `@coderabbitai modularize this function.` - PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples: - `@coderabbitai generate interesting stats about this repository and render them as a table.` - `@coderabbitai show all the console.log statements in this repository.` - `@coderabbitai read src/utils.ts and generate unit testing code.` - `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.` - `@coderabbitai help me debug CodeRabbit configuration file.` Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. ### CodeRabbit Commands (invoked as PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger an incremental review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai full review` to do a full review from scratch and review all the files again. - `@coderabbitai summary` to regenerate the summary of the PR. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai configuration` to show the current CodeRabbit configuration for the repository. - `@coderabbitai help` to get help. Additionally, you can add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. ### CodeRabbit Configration File (`.coderabbit.yaml`) - You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository. - Please see the [configuration documentation](https://docs.coderabbit.ai/guides/configure-coderabbit) for more information. - If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json` ### Documentation and Community - Visit our [Documentation](https://coderabbit.ai/docs) for detailed information on how to use CodeRabbit. - Join our [Discord Community](https://discord.com/invite/GsXnASn26c) to get help, request features, and share feedback. - Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements.

[codecov[bot]]

Codecov Report

Attention: Patch coverage is 0% with 29 lines in your changes missing coverage. Please review.

Project coverage is 30.23%. Comparing base (4bf97f0) to head (d2c38f1). Report is 85 commits behind head on staging.

Additional details and impacted files

[](https://app.codecov.io/gh/airqo-platform/AirQo-api/pull/3244?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=airqo-platform) ```diff @@ Coverage Diff @@ ## staging #3244 +/- ## =========================================== - Coverage 30.30% 30.23% -0.08% =========================================== Files 184 184 Lines 24487 24547 +60 Branches 3205 3211 +6 =========================================== + Hits 7421 7422 +1 - Misses 16952 17011 +59 Partials 114 114 ``` | [Files](https://app.codecov.io/gh/airqo-platform/AirQo-api/pull/3244?dropdown=coverage&src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=airqo-platform) | Coverage Δ | | |---|---|---| | [src/auth-service/utils/email.msgs.js](https://app.codecov.io/gh/airqo-platform/AirQo-api/pull/3244?src=pr&el=tree&filepath=src%2Fauth-service%2Futils%2Femail.msgs.js&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=airqo-platform#diff-c3JjL2F1dGgtc2VydmljZS91dGlscy9lbWFpbC5tc2dzLmpz) | `3.57% <0.00%> (-0.14%)` | :arrow_down: | | [src/auth-service/utils/mailer.js](https://app.codecov.io/gh/airqo-platform/AirQo-api/pull/3244?src=pr&el=tree&filepath=src%2Fauth-service%2Futils%2Fmailer.js&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=airqo-platform#diff-c3JjL2F1dGgtc2VydmljZS91dGlscy9tYWlsZXIuanM=) | `2.47% <0.00%> (-0.10%)` | :arrow_down: | ... and [1 file with indirect coverage changes](https://app.codecov.io/gh/airqo-platform/AirQo-api/pull/3244/indirect-changes?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=airqo-platform)

[github-actions[bot]]

Auth-service changes in this PR available for preview here