From 342b30351950652fa7b1b32955ab54e98cdc96fc Mon Sep 17 00:00:00 2001
From: Amir Rajabi <amirrajabi02181@gmail.com>
Date: Mon, 6 Apr 2026 18:13:01 +0330
Subject: [PATCH] Make OTP response optional and toggle via config

---
 .../co/nilin/opex/api/core/inout/TempOtpResponse.kt   |  2 +-
 .../src/main/kotlin/co/nilin/opex/auth/model/OTP.kt   |  2 +-
 docker-compose.yml                                    |  1 +
 .../co/nilin/opex/otp/app/controller/OTPController.kt | 11 ++++++++---
 otp/otp-app/src/main/resources/application.yml        |  1 +
 .../opex/profile/core/data/otp/TempOtpResponse.kt     |  2 +-
 .../opex/wallet/app/service/WalletSnapshotService.kt  |  2 +-
 .../opex/wallet/core/inout/otp/TempOtpResponse.kt     |  2 +-
 8 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/api/api-core/src/main/kotlin/co/nilin/opex/api/core/inout/TempOtpResponse.kt b/api/api-core/src/main/kotlin/co/nilin/opex/api/core/inout/TempOtpResponse.kt
index 7c5fa2083..15ed86cf9 100644
--- a/api/api-core/src/main/kotlin/co/nilin/opex/api/core/inout/TempOtpResponse.kt
+++ b/api/api-core/src/main/kotlin/co/nilin/opex/api/core/inout/TempOtpResponse.kt
@@ -1,3 +1,3 @@
 package co.nilin.opex.api.core.inout
 
-data class TempOtpResponse(val otp: String, var receivers: List<OTPReceiver>? = null)
\ No newline at end of file
+data class TempOtpResponse(val otp: String?, var receivers: List<OTPReceiver>? = null)
\ No newline at end of file
diff --git a/auth-gateway/auth-gateway-app/src/main/kotlin/co/nilin/opex/auth/model/OTP.kt b/auth-gateway/auth-gateway-app/src/main/kotlin/co/nilin/opex/auth/model/OTP.kt
index a301b67e4..148d26993 100644
--- a/auth-gateway/auth-gateway-app/src/main/kotlin/co/nilin/opex/auth/model/OTP.kt
+++ b/auth-gateway/auth-gateway-app/src/main/kotlin/co/nilin/opex/auth/model/OTP.kt
@@ -26,7 +26,7 @@ data class OTPVerifyResponse(
 )
 
 //TODO IMPORTANT: remove in production
-data class TempOtpResponse(val otp: String, val otpReceiver: OTPReceiver?)
+data class TempOtpResponse(val otp: String?, val otpReceiver: OTPReceiver?)
 
 enum class OTPAction {
     REGISTER, FORGET, NONE
diff --git a/docker-compose.yml b/docker-compose.yml
index 20cc7a811..d1119e80b 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -545,6 +545,7 @@ services:
       - SMTP_PASS=${SMTP_PASS}
       - SMTP_FROM=${SMTP_FROM}
       - TOKEN_ISSUER_URL=${KC_ISSUER_URL}
+      - OTP_CODE_RESPONSE_ENABLED=${OTP_CODE_RESPONSE_ENABLED}
     depends_on:
       - consul
       - postgres-otp
diff --git a/otp/otp-app/src/main/kotlin/co/nilin/opex/otp/app/controller/OTPController.kt b/otp/otp-app/src/main/kotlin/co/nilin/opex/otp/app/controller/OTPController.kt
index d3bd5475b..0b44a084b 100644
--- a/otp/otp-app/src/main/kotlin/co/nilin/opex/otp/app/controller/OTPController.kt
+++ b/otp/otp-app/src/main/kotlin/co/nilin/opex/otp/app/controller/OTPController.kt
@@ -6,6 +6,7 @@ import co.nilin.opex.otp.app.data.OTPResult
 import co.nilin.opex.otp.app.data.VerifyOTPRequest
 import co.nilin.opex.otp.app.model.OTPType
 import co.nilin.opex.otp.app.service.OTPService
+import org.springframework.beans.factory.annotation.Value
 import org.springframework.http.HttpStatus
 import org.springframework.http.ResponseEntity
 import org.springframework.web.bind.annotation.PostMapping
@@ -15,10 +16,13 @@ import org.springframework.web.bind.annotation.RestController
 
 @RestController
 @RequestMapping("/v1/otp")
-class OTPController(private val otpService: OTPService) {
+class OTPController(
+    private val otpService: OTPService,
+    @Value("\${otp.response-enabled}") private val otpCodeResponseEnabled: Boolean,
+) {
 
     //TODO IMPORTANT: remove in production
-    data class TempOtpResponse(val otp: String)
+    data class TempOtpResponse(val otp: String?)
     //TODO IMPORTANT: remove in production
 
     //TODO IMPORTANT: remove in production
@@ -34,7 +38,8 @@ class OTPController(private val otpService: OTPService) {
             )
         else
             otpService.requestCompositeOTP(request.receivers.toSet(), request.userId, request.action)
-        return ResponseEntity.status(HttpStatus.CREATED).body(TempOtpResponse(code))
+        val tempOtpResponse = if (otpCodeResponseEnabled) code else null
+        return ResponseEntity.status(HttpStatus.CREATED).body(TempOtpResponse(tempOtpResponse))
     }
 
     @PostMapping("/verify")
diff --git a/otp/otp-app/src/main/resources/application.yml b/otp/otp-app/src/main/resources/application.yml
index a45b85b70..2ea077760 100644
--- a/otp/otp-app/src/main/resources/application.yml
+++ b/otp/otp-app/src/main/resources/application.yml
@@ -48,6 +48,7 @@ app:
     cert-url: http://keycloak:8080/realms/opex/protocol/openid-connect/certs
     iss-url: ${TOKEN_ISSUER_URL:http://keycloak:8080/realms/opex}
 otp:
+  response-enabled: ${OTP_CODE_RESPONSE_ENABLED:false}
   sms:
     provider:
       url: ${SMS_PROVIDER_URL}
diff --git a/profile/profile-core/src/main/kotlin/co/nilin/opex/profile/core/data/otp/TempOtpResponse.kt b/profile/profile-core/src/main/kotlin/co/nilin/opex/profile/core/data/otp/TempOtpResponse.kt
index 9ce07c850..0e5e52077 100644
--- a/profile/profile-core/src/main/kotlin/co/nilin/opex/profile/core/data/otp/TempOtpResponse.kt
+++ b/profile/profile-core/src/main/kotlin/co/nilin/opex/profile/core/data/otp/TempOtpResponse.kt
@@ -1,3 +1,3 @@
 package co.nilin.opex.profile.core.data.otp
 
-data class TempOtpResponse(val otp: String, var otpReceiver: OTPReceiver?)
\ No newline at end of file
+data class TempOtpResponse(val otp: String?, var otpReceiver: OTPReceiver?)
\ No newline at end of file
diff --git a/wallet/wallet-app/src/main/kotlin/co/nilin/opex/wallet/app/service/WalletSnapshotService.kt b/wallet/wallet-app/src/main/kotlin/co/nilin/opex/wallet/app/service/WalletSnapshotService.kt
index 3864c22e3..b6e6c7297 100644
--- a/wallet/wallet-app/src/main/kotlin/co/nilin/opex/wallet/app/service/WalletSnapshotService.kt
+++ b/wallet/wallet-app/src/main/kotlin/co/nilin/opex/wallet/app/service/WalletSnapshotService.kt
@@ -29,7 +29,7 @@ class WalletSnapshotService(
         }
     }
 
-    @Scheduled(cron = "0 40 16 * * ?", zone = "GMT" + "\${app.zone-offset}")
+    @Scheduled(cron = "0 0 0 * * ?", zone = "GMT" + "\${app.zone-offset}")
     fun createDetailAssetsSnapshot() {
         runBlocking {
             updatePrices()
diff --git a/wallet/wallet-core/src/main/kotlin/co/nilin/opex/wallet/core/inout/otp/TempOtpResponse.kt b/wallet/wallet-core/src/main/kotlin/co/nilin/opex/wallet/core/inout/otp/TempOtpResponse.kt
index 1d495f97e..df72a444f 100644
--- a/wallet/wallet-core/src/main/kotlin/co/nilin/opex/wallet/core/inout/otp/TempOtpResponse.kt
+++ b/wallet/wallet-core/src/main/kotlin/co/nilin/opex/wallet/core/inout/otp/TempOtpResponse.kt
@@ -1,3 +1,3 @@
 package co.nilin.opex.wallet.core.inout.otp
 
-data class TempOtpResponse(val otp: String, var receivers: List<OTPReceiver>? = null)
\ No newline at end of file
+data class TempOtpResponse(val otp: String?, var receivers: List<OTPReceiver>? = null)
\ No newline at end of file