feat: implement automated KYC status expiry worker#132
Open
vicky4196 wants to merge 4 commits into
Open
Conversation
- Implement GET /sep38/prices endpoint returning supported asset pairs and indicative exchange rates - Implement GET /sep38/price endpoint for indicative rate queries with sell_amount/buy_amount - Implement POST /sep38/quote endpoint returning firm quote with signed JWT token - Quotes stored in Redis with 60-second expiry - Quote tokens validated at payment initiation in SEP-31 transactions - Add QUOTE_EXPIRED error code for expired/invalid quote handling - Add comprehensive test suite for SEP-38 endpoints
Enable strict: true in tsconfig.json and resolve all resulting TypeScript errors. Key changes: - Enable all strict mode compiler options - Fix nullable type checks across multiple service files - Fix type safety in oauth.ts and 2fa.ts for possibly null values - Add ambient declarations for untyped modules in module-ambient.d.ts - Fix export type issue in sep38.ts for isolated modules compatibility All TypeScript compilation passes with zero errors, no ts-ignore suppressions added, and runtime behavior unchanged. Closes Pidoko257#116
Add security anomaly detection for unusual account activity: - New country logins trigger immediate security email with approve/revoke links - New IP API key usage sends notification without blocking - Bulk operations during unusual hours (2-5 AM) are flagged - All anomaly events stored in security_events table for audit - Background job builds baseline from 30 days of activity per account Changes: - Add security_events and account_activity_baseline database tables - Add SecurityAnomalyService for detection logic - Integrate anomaly detection into authenticateToken middleware - Add /security routes for approval/revoke endpoints - Schedule anomaly detection job in scheduler Closes Pidoko257#117
Add daily BullMQ job to manage KYC lifecycle: - Identifies KYC records expiring within 30 days - Sends renewal reminder emails via SendGrid - Automatically expires overdue KYC records (downgrades to basic tier) - Sends expiration notification emails with re-verification instructions - Adds kyc_approved_at and kyc_expired_at columns to users table Closes Pidoko257#118
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
KYC Status Expiry Worker Implementation
Overview
This implementation adds automated KYC expiry management to ProxyPay, enabling the system to detect KYC records approaching expiry, send renewal reminders, and automatically expire overdue verifications.
Implementation Details
Database Schema
Users Table Extensions
Two new columns added to the
userstable:kyc_approved_at- TIMESTAMP of when KYC was approved (null for non-full users)kyc_expired_at- TIMESTAMP of when KYC expired (null for active/full users)Migration:
migrations/20260630_add_kyc_expiry_fields.sqlBullMQ Queue & Worker
Queue Configuration (
src/queue/kycExpiryQueue.ts)kyc-expirycheck-kyc-expiryKYC_EXPIRY_ATTEMPTSandKYC_EXPIRY_BACKOFF_MSenv varsWorker (
src/queue/kycExpiryWorker.ts)check-kyc-expiryjobsExpiry Job Logic (
src/jobs/kycExpiryJob.ts)Expiry Reminders (30 days before expiry)
kyc_level = 'full'wherekyc_approved_at + 1 yearis within 30 daysSENDGRID_KYC_EXPIRY_TEMPLATE_IDKYC Expiration (past expiry)
kyc_level = 'full'wherekyc_approved_at + 1 yearhas passedkyc_levelto'basic'kyc_expired_atto NOW()SENDGRID_KYC_EXPIRED_TEMPLATE_IDEmail Templates
Variables available in SendGrid templates:
daysUntilExpiry- Number of days until expiry (reminder emails)expiryDate- Date of expiryexpiredDate- Date of expiry (expiration emails)reverifyUrl- URL for re-verificationlocale- User localeyear- Current yearConfiguration
Required environment variables:
SENDGRID_KYC_EXPIRY_TEMPLATE_ID- SendGrid template ID for expiry remindersSENDGRID_KYC_EXPIRED_TEMPLATE_ID- SendGrid template ID for expiration noticesAPP_URL- Base URL for generating re-verification links (default: https://app.proxypay.com)Optional environment variables:
KYC_EXPIRY_ATTEMPTS- Number of retry attempts (default: 3)KYC_EXPIRY_BACKOFF_MS- Backoff delay in ms (default: 5000)Acceptance Criteria
Integration
The worker is automatically started during application initialization in
src/index.tsalongside other BullMQ workers. It's also registered insrc/queue/index.tsfor proper shutdown handling.Closes #118