opexdev · AmirRajabii · Apr 25, 2026 · Apr 25, 2026
diff --git a/auth-gateway/auth-gateway-app/src/main/kotlin/co/nilin/opex/auth/data/ActionCache.kt b/auth-gateway/auth-gateway-app/src/main/kotlin/co/nilin/opex/auth/data/ActionCache.kt
diff --git a/auth-gateway/auth-gateway-app/src/main/kotlin/co/nilin/opex/auth/model/Token.kt b/auth-gateway/auth-gateway-app/src/main/kotlin/co/nilin/opex/auth/model/Token.kt
@@ -10,7 +10,7 @@ data class PasswordFlowTokenRequest(
     val clientSecret: String?,
     val rememberMe: Boolean = true,
     val captchaType: CaptchaType? = CaptchaType.INTERNAL,
-    val captchaCode: String?,
+    val captchaCode: String,
 ):Device()
 
 data class ConfirmPasswordFlowTokenRequest(

diff --git a/auth-gateway/auth-gateway-app/src/main/kotlin/co/nilin/opex/auth/model/UserRegister.kt b/auth-gateway/auth-gateway-app/src/main/kotlin/co/nilin/opex/auth/model/UserRegister.kt
@@ -7,7 +7,7 @@ data class RegisterUserRequest(
     val firstName: String? = null,
     val lastName: String? = null,
     val captchaType: CaptchaType? = CaptchaType.INTERNAL,
-    val captchaCode: String?,
+    val captchaCode: String,
 )
 
 data class VerifyOTPRequest(
@@ -61,5 +61,5 @@ data class ConfirmForgetRequest(
 data class ForgotPasswordRequest(
     val username: String,
     val captchaType: CaptchaType? = CaptchaType.INTERNAL,
-    val captchaCode: String?,
+    val captchaCode: String,
 )
diff --git a/auth-gateway/auth-gateway-app/src/main/kotlin/co/nilin/opex/auth/service/CaptchaHandler.kt b/auth-gateway/auth-gateway-app/src/main/kotlin/co/nilin/opex/auth/service/CaptchaHandler.kt
diff --git a/...eway/auth-gateway-app/src/main/kotlin/co/nilin/opex/auth/service/ForgetPasswordService.kt b/...eway/auth-gateway-app/src/main/kotlin/co/nilin/opex/auth/service/ForgetPasswordService.kt
@@ -1,8 +1,8 @@
 package co.nilin.opex.auth.service
 
-import co.nilin.opex.auth.data.ActionType
 import co.nilin.opex.auth.kafka.AuthEventProducer
 import co.nilin.opex.auth.model.*
+import co.nilin.opex.auth.proxy.CaptchaProxy
 import co.nilin.opex.auth.proxy.DeviceManagementProxy
 import co.nilin.opex.auth.proxy.KeycloakProxy
 import co.nilin.opex.auth.proxy.OTPProxy
@@ -14,7 +14,7 @@ import org.springframework.stereotype.Service
 class ForgetPasswordService(
     private val otpProxy: OTPProxy,
     private val keycloakProxy: KeycloakProxy,
-    private val captchaHandler: CaptchaHandler,
+    private val captchaProxy: CaptchaProxy,
     private val authEventProducer: AuthEventProducer,
     private val deviceManagementProxy: DeviceManagementProxy,
     private val tempTokenService: TempTokenService
@@ -23,13 +23,10 @@ class ForgetPasswordService(
     private val logger by LoggerDelegate()
 
 
-
     suspend fun forgetPassword(request: ForgotPasswordRequest): TempOtpResponse {
-        captchaHandler.validateCaptchaWithActionCache(
-            username = request.username,
-            captchaCode = request.captchaCode,
-            captchaType = request.captchaType,
-            action = ActionType.FORGET
+        captchaProxy.validateCaptcha(
+            request.captchaCode,
+            request.captchaType ?: CaptchaType.INTERNAL
         )
         val uName = Username.create(request.username)
         val otpReceiver = OTPReceiver(uName.value, uName.type.otpType)

diff --git a/auth-gateway/auth-gateway-app/src/main/kotlin/co/nilin/opex/auth/service/LoginService.kt b/auth-gateway/auth-gateway-app/src/main/kotlin/co/nilin/opex/auth/service/LoginService.kt
@@ -1,10 +1,10 @@
 package co.nilin.opex.auth.service
 
-import co.nilin.opex.auth.data.ActionType
 import co.nilin.opex.auth.data.Device
 import co.nilin.opex.auth.data.LoginEvent
 import co.nilin.opex.auth.kafka.AuthEventProducer
 import co.nilin.opex.auth.model.*
+import co.nilin.opex.auth.proxy.CaptchaProxy
 import co.nilin.opex.auth.proxy.GoogleProxy
 import co.nilin.opex.auth.proxy.KeycloakProxy
 import co.nilin.opex.auth.proxy.OTPProxy
@@ -20,7 +20,7 @@ class LoginService(
     private val otpProxy: OTPProxy,
     private val keycloakProxy: KeycloakProxy,
     private val googleProxy: GoogleProxy,
-    private val captchaHandler: CaptchaHandler,
+    private val captchaProxy: CaptchaProxy,
     private val authEventProducer: AuthEventProducer,
     @Value("\${app.pre-auth-client-secret}")
     private val preAuthClientSecretKey: String,
@@ -30,14 +30,13 @@ class LoginService(
     private val PRE_AUTH_CLIENT_ID = "pre-auth-client"
 
     suspend fun requestGetToken(request: PasswordFlowTokenRequest): TokenResponse {
-        captchaHandler.validateCaptchaWithActionCache(
-            username = request.username,
-            captchaCode = request.captchaCode,
-            captchaType = request.captchaType,
-            action = ActionType.LOGIN
+        captchaProxy.validateCaptcha(
+            request.captchaCode,
+            request.captchaType ?: CaptchaType.INTERNAL
         )
         val username = Username.create(request.username)
-        val user = keycloakProxy.findUserByUsername(username) ?: throw OpexError.UsernameOrPasswordIsIncorrect.exception()
+        val user =
+            keycloakProxy.findUserByUsername(username) ?: throw OpexError.UsernameOrPasswordIsIncorrect.exception()
         val otpTypes = (user.attributes?.get(Attributes.OTP)?.get(0) ?: OTPType.NONE.name).split(",")
 
         if (otpTypes.contains(OTPType.NONE.name)) {

diff --git a/auth-gateway/auth-gateway-app/src/main/kotlin/co/nilin/opex/auth/service/RegisterService.kt b/auth-gateway/auth-gateway-app/src/main/kotlin/co/nilin/opex/auth/service/RegisterService.kt
@@ -1,12 +1,12 @@
 package co.nilin.opex.auth.service
 
-import co.nilin.opex.auth.data.ActionType
 import co.nilin.opex.auth.data.Device
 import co.nilin.opex.auth.data.LoginEvent
 import co.nilin.opex.auth.data.UserCreatedEvent
 import co.nilin.opex.auth.data.UserRole
 import co.nilin.opex.auth.kafka.AuthEventProducer
 import co.nilin.opex.auth.model.*
+import co.nilin.opex.auth.proxy.CaptchaProxy
 import co.nilin.opex.auth.proxy.GoogleProxy
 import co.nilin.opex.auth.proxy.KeycloakProxy
 import co.nilin.opex.auth.proxy.OTPProxy
@@ -18,19 +18,17 @@ import java.time.LocalDateTime
 class RegisterService(
     private val otpProxy: OTPProxy,
     private val keycloakProxy: KeycloakProxy,
-    private val captchaHandler: CaptchaHandler,
+    private val captchaProxy: CaptchaProxy,
     private val googleProxy: GoogleProxy,
     private val authProducer: AuthEventProducer,
-   private val tempTokenService: TempTokenService
+    private val tempTokenService: TempTokenService
 
-    ) {
+) {
     //TODO IMPORTANT: remove in production
     suspend fun registerUser(request: RegisterUserRequest): TempOtpResponse {
-        captchaHandler.validateCaptchaWithActionCache(
-            username = request.username,
-            captchaCode = request.captchaCode,
-            captchaType = request.captchaType,
-            action = ActionType.REGISTER
+        captchaProxy.validateCaptcha(
+            request.captchaCode,
+            request.captchaType ?: CaptchaType.INTERNAL
         )
         val username = Username.create(request.username)
         val userStatus = isUserDuplicate(username)