hypersign-protocol · Vishwas1 · Dec 11, 2025 · Nov 21, 2025 · Nov 24, 2025 · Nov 24, 2025
diff --git a/.deploy/deployment.yaml b/.deploy/deployment.yaml
@@ -87,6 +87,8 @@ spec:
           value: __MAIL_QUEUE__
         - name: SERVER_NAME
           value: __SERVER_NAME__
+        - name: NODE_ENV
+          value: __NODE_ENV__
         - name: ALLOWED_ORIGIN
           value: "__ALLOWED_ORIGIN__"
         - name: JWT_REFRESH_SECRET
@@ -106,7 +108,16 @@ spec:
         - name: OTP_EXPIRY_MINUTES
           value: '__OTP_EXPIRY_MINUTES__'  
         - name: MAX_RETRY_ATTEMPT
-          value: '__MAX_RETRY_ATTEMPT__'          
+          value: '__MAX_RETRY_ATTEMPT__'  
+        - name: MFA_REDIRECT_URL
+          value: __MFA_REDIRECT_URL__
+        - name: CLIENT_APP_URL
+          value: __CLIENT_APP_URL__
+        - name: KYC_WIDGET_URL
+          value: __KYC_WIDGET_URL__
+        - name: MAX_MFA_RETRY_ATTEMPT
+          value: '__MAX_MFA_RETRY_ATTEMPT__' 
+
         volumeMounts:
         - name: mongo
           mountPath: "/data"

diff --git a/.github/workflows/pipeline.yaml b/.github/workflows/pipeline.yaml
@@ -147,5 +147,13 @@ jobs:
       run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__OTP_EXPIRY_MINUTES__#${{ secrets.OTP_EXPIRY_MINUTES }}#" {} \;
     - name: "Replace Secrets"
       run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__MAX_RETRY_ATTEMPT__#${{ secrets.MAX_RETRY_ATTEMPT }}#" {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__MAX_MFA_RETRY_ATTEMPT__#${{ secrets.MAX_MFA_RETRY_ATTEMPT }}#" {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__MFA_REDIRECT_URL__#${{ secrets.MFA_REDIRECT_URL }}#" {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__CLIENT_APP_URL__#${{ secrets.CLIENT_APP_URL }}#" {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__KYC_WIDGET_URL__#${{ secrets.KYC_WIDGET_URL }}#" {} \;
     - name: "Deploy to GKE"
       run: kubectl apply -f .deploy/deployment.yaml
diff --git a/dev.env.sample b/dev.env.sample
@@ -23,6 +23,10 @@ OTP_HOURLY_LIMIT=10
 OTP_EXPIRY_MINUTES=5
 MAX_RETRY_ATTEMPT=3
 NODE_ENV=development
+MFA_REDIRECT_URL='http://localhost:9001/#/studio/mfa'
+MAX_MFA_RETRY_ATTEMPT=3
+CLIENT_APP_URL=https://entity.dashboard.hypersign.id
+KYC_WIDGET_URL=https://verify.hypersign.id
 
 
 

diff --git a/src/app-auth/app-auth.module.ts b/src/app-auth/app-auth.module.ts
@@ -23,7 +23,6 @@ import { SupportedServiceService } from 'src/supported-service/services/supporte
 import { SupportedServiceList } from 'src/supported-service/services/service-list';
 import { JWTAuthorizeMiddleware } from 'src/utils/middleware/jwt-authorization.middleware';
 import { UserModule } from 'src/user/user.module';
-import { TwoFAAuthorizationMiddleware } from 'src/utils/middleware/2FA-jwt-authorization.middleware';
 import { CreditModule } from 'src/credits/credits.module';
 import { JWTAccessAccountMiddleware } from 'src/utils/middleware/jwt-accessAccount.middlerwere';
 import { AdminPeopleRepository } from 'src/people/repository/people.repository';
@@ -32,6 +31,10 @@ import {
   AdminPeopleSchema,
 } from 'src/people/schema/people.schema';
 import { RateLimitMiddleware } from 'src/utils/middleware/rate-limit.middleware';
+import {
+  CustomerOnboarding,
+  CustomerOnboardingSchema,
+} from 'src/customer-onboarding/schemas/customer-onboarding.schema';
 import { WebpageConfigModule } from 'src/webpage-config/webpage-config.module';
 
 @Module({
@@ -40,13 +43,17 @@ import { WebpageConfigModule } from 'src/webpage-config/webpage-config.module';
     MongooseModule.forFeature([
       { name: AdminPeople.name, schema: AdminPeopleSchema },
     ]),
+    MongooseModule.forFeature([
+      { name: CustomerOnboarding.name, schema: CustomerOnboardingSchema },
+    ]),
     HidWalletModule,
     EdvModule,
     UserModule,
     JwtModule.register({}),
     CreditModule,
     forwardRef(() => WebpageConfigModule),
   ],
+
   providers: [
     AppAuthService,
     AppRepository,
@@ -80,10 +87,6 @@ export class AppAuthModule implements NestModule {
       .apply(JWTAccessAccountMiddleware)
       .exclude({ path: '/api/v1/app/marketplace', method: RequestMethod.GET })
       .forRoutes(AppAuthController);
-    consumer
-      .apply(TwoFAAuthorizationMiddleware)
-      .exclude({ path: '/api/v1/app/marketplace', method: RequestMethod.GET })
-      .forRoutes(AppAuthController);
     consumer.apply(RateLimitMiddleware).forRoutes(AppAuthController);
   }
 }
diff --git a/src/app-auth/dtos/create-app.dto.ts b/src/app-auth/dtos/create-app.dto.ts
@@ -6,7 +6,7 @@
  IsOptional,
  IsString,
  Length,
  Matches,
  MaxLength,
  Validate,
 } from 'class-validator';
@@ -19,6 +19,7 @@
   SERVICE_TYPES,
   APP_ENVIRONMENT,
 } from 'src/supported-service/services/iServiceList';
+import { IsUrlOrBase64Image } from 'src/utils/customDecorator/IsUrlOrBase64Image.decorator';
 
 export class CreateAppDto {
   @ApiProperty({
@@ -60,7 +61,7 @@
   })
   @IsOptional()
   @IsString()
-  @IsUrlEmpty()
+  @IsUrlOrBase64Image()
   logoUrl?: string;
   @ApiProperty({
     description: 'services',