feat: add the ability for creating/deleting PATs from the UI

feat: adding support for hopp-cli in self-host Hoppscotch (#4079 )
* feat: created a new table to store user PATs * chore: renamed UserTokens table name to PersonalAccessToken * chore: added unique property to token column * chore: made expiresOn field optional * chore: created access-token module * feat: created access-token rest routes * chore: created a new auth guard for PATs * chore: scaffolded routes in team collection and environments modules for CLI * chore: created method to update lastUsedOn property for accessTokens * chore: created interceptor to update lastUsedOn property of PAT * feat: interceptor to update lastUpdatedOn property complete * chore: removed unused imports in access-token interceptor * chore: moved routes to fetch collection and environment into access-token module * feat: added routes to fetch collections and environments for CLI * chore: modified access-token interceptor * chore: removed log statement from interceptor * chore: added team member checking logic to ForCLI methods in team collection and environments module * chore: changed return error messages to those defined in spec * chore: added comments to all service methods * chore: removed unused imports * chore: updated testcases for team-environments module service file * chore: added and updated testcases * chore: removed unneseccary SQL from auto-generated migration sql for PAT * chore: remobed JWTAuthGuard from relevant routes in PAT controllers file * chore: modified token for auth in PATAuthGuard * chore: changed error codes in some certain service methods in access-token module * feat: worked on feedback for PR review * chore: renamed service method in access-token module * chore: removed console log statements * chore: modified cli error type * test: fix broken test case * chore: changed target of hopp-old-backend to prod --------- Co-authored-by: mirarifhasan <arif.ishan05@gmail.com>
2024-05-30 15:20:12 +05:30 · 2024-05-28 16:39:50 +05:30 · 2024-05-27 21:49:42 +05:30 · 2024-05-10 16:35:42 +05:30 · 2024-05-10 16:13:51 +05:30 · 2024-05-10 15:04:16 +05:30
688 changed files with 47588 additions and 32026 deletions
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -17,22 +17,21 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4

      - name: Setup environment
        run: mv .env.example .env

+      - name: Setup node
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node-version }}
+
      - name: Setup pnpm
-        uses: pnpm/action-setup@v2.2.4
+        uses: pnpm/action-setup@v3
        with:
          version: 8
          run_install: true

-      - name: Setup node
-        uses: actions/setup-node@v3
-        with:
-          node-version: ${{ matrix.node }}
-          cache: pnpm
-
      - name: Run tests
        run: pnpm test
--- a/.gitignore
+++ b/.gitignore
@@ -81,10 +81,7 @@ web_modules/

 # dotenv environment variable files
 .env
-.env.development.local
-.env.test.local
-.env.production.local
-.env.local
+.env.*

 # parcel-bundler cache (https://parceljs.org/)
 .cache
--- a/.npmrc
+++ b/.npmrc
@@ -1 +1,2 @@
 shamefully-hoist=false
+save-prefix=''
--- a/README.md
+++ b/README.md
@@ -239,7 +239,7 @@ Help us to translate Hoppscotch. Please read [`TRANSLATIONS`](TRANSLATIONS.md) f

 📦 **Add-ons:** Official add-ons for hoppscotch.

- **[Hoppscotch CLI](https://github.com/hoppscotch/hopp-cli)** - Command-line interface for Hoppscotch.
+- **[Hoppscotch CLI](https://github.com/hoppscotch/hoppscotch/tree/main/packages/hoppscotch-cli)** - Command-line interface for Hoppscotch.
 - **[Proxy](https://github.com/hoppscotch/proxyscotch)** - A simple proxy server created for Hoppscotch.
 - **[Browser Extensions](https://github.com/hoppscotch/hoppscotch-extension)** - Browser extensions that enhance your Hoppscotch experience.

--- a/docker-compose.deploy.yml
+++ b/docker-compose.deploy.yml
@@ -0,0 +1,48 @@
+# THIS IS NOT TO BE USED FOR PERSONAL DEPLOYMENTS!
+# Internal Docker Compose Image used for internal testing deployments
+
+version: "3.7"
+
+services:
+  hoppscotch-db:
+    image: postgres:15
+    user: postgres
+    environment:
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: testpass
+      POSTGRES_DB: hoppscotch
+    healthcheck:
+      test:
+        [
+          "CMD-SHELL",
+          "sh -c 'pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}'"
+        ]
+      interval: 5s
+      timeout: 5s
+      retries: 10
+
+  hoppscotch-aio:
+    container_name: hoppscotch-aio
+    build:
+      dockerfile: prod.Dockerfile
+      context: .
+      target: aio
+    environment:
+      - DATABASE_URL=postgresql://postgres:testpass@hoppscotch-db:5432/hoppscotch
+      - ENABLE_SUBPATH_BASED_ACCESS=true
+    env_file:
+      - ./.env
+    depends_on:
+      hoppscotch-db:
+        condition: service_healthy
+    command: ["sh", "-c", "pnpm exec prisma migrate deploy && node /usr/src/app/aio_run.mjs"]
+    healthcheck:
+      test:
+        - CMD
+        - curl
+        - '-f'
+        - 'http://localhost:80'
+      interval: 2s
+      timeout: 10s
+      retries: 30
+
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -66,6 +66,7 @@ services:
  # The service that spins up all 3 services at once in one container
  hoppscotch-aio:
    container_name: hoppscotch-aio
+    restart: unless-stopped
    build:
      dockerfile: prod.Dockerfile
      context: .
@@ -117,11 +118,11 @@ services:
    restart: always
    environment:
      # Edit the below line to match your PostgresDB URL if you have an outside DB (make sure to update the .env file as well)
-      - DATABASE_URL=postgresql://postgres:testpass@hoppscotch-db:5432/hoppscotch?connect_timeout=300
+      # - DATABASE_URL=postgresql://postgres:testpass@hoppscotch-db:5432/hoppscotch?connect_timeout=300
      - PORT=3000
    volumes:
      # Uncomment the line below when modifying code. Only applicable when using the "dev" target.
-      # - ./packages/hoppscotch-backend/:/usr/src/app
+      - ./packages/hoppscotch-backend/:/usr/src/app
      - /usr/src/app/node_modules/
    depends_on:
      hoppscotch-db:
--- a/healthcheck.sh
+++ b/healthcheck.sh
@@ -9,6 +9,10 @@ curlCheck() {
  fi
 }

-curlCheck "http://localhost:3000"
-curlCheck "http://localhost:3100"
-curlCheck "http://localhost:3170/ping"
+if [ "$ENABLE_SUBPATH_BASED_ACCESS" = "true" ]; then
+  curlCheck "http://localhost:80/backend/ping"
+else
+  curlCheck "http://localhost:3000"
+  curlCheck "http://localhost:3100"
+  curlCheck "http://localhost:3170/ping"
+fi
--- a/package.json
+++ b/package.json
@@ -23,12 +23,13 @@
    "./packages/*"
  ],
  "devDependencies": {
-    "@commitlint/cli": "^16.2.3",
-    "@commitlint/config-conventional": "^16.2.1",
+    "@commitlint/cli": "16.3.0",
+    "@commitlint/config-conventional": "16.2.4",
+    "@hoppscotch/ui": "0.1.0",
    "@types/node": "17.0.27",
-    "cross-env": "^7.0.3",
-    "http-server": "^14.1.1",
-    "husky": "^7.0.4",
+    "cross-env": "7.0.3",
+    "http-server": "14.1.1",
+    "husky": "7.0.4",
    "lint-staged": "12.4.0"
  },
  "pnpm": {
@@ -36,8 +37,8 @@
      "vue": "3.3.9"
    },
    "packageExtensions": {
-      "httpsnippet@^3.0.1": {
-        "peerDependencies": {
+      "httpsnippet@3.0.1": {
+        "dependencies": {
          "ajv": "6.12.3"
        }
      }
--- a/packages/codemirror-lang-graphql/package.json
+++ b/packages/codemirror-lang-graphql/package.json
@@ -17,16 +17,16 @@
  "types": "dist/index.d.ts",
  "sideEffects": false,
  "dependencies": {
-    "@codemirror/language": "6.9.0",
-    "@lezer/highlight": "1.1.4",
-    "@lezer/lr": "^1.3.13"
+    "@codemirror/language": "6.10.1",
+    "@lezer/highlight": "1.2.0",
+    "@lezer/lr": "1.3.14"
  },
  "devDependencies": {
-    "@lezer/generator": "^1.5.1",
-    "mocha": "^9.2.2",
-    "rollup": "^3.29.3",
-    "rollup-plugin-dts": "^6.0.2",
-    "rollup-plugin-ts": "^3.4.5",
-    "typescript": "^5.2.2"
+    "@lezer/generator": "1.5.1",
+    "mocha": "9.2.2",
+    "rollup": "3.29.4",
+    "rollup-plugin-dts": "6.0.2",
+    "rollup-plugin-ts": "3.4.5",
+    "typescript": "5.2.2"
  }
-}
+}
--- a/packages/hoppscotch-backend/Dockerfile
+++ b/packages/hoppscotch-backend/Dockerfile
@@ -1,4 +1,4 @@
-FROM node:18.8.0 AS builder
+FROM node:20.12.2 AS builder

 WORKDIR /usr/src/app

--- a/packages/hoppscotch-backend/nest-cli.json
+++ b/packages/hoppscotch-backend/nest-cli.json
@@ -3,9 +3,7 @@
  "collection": "@nestjs/schematics",
  "sourceRoot": "src",
  "compilerOptions": {
-    "assets": [
-      "**/*.hbs"
-    ],
+    "assets": [{ "include": "mailer/templates/**/*", "outDir": "dist" }],
    "watchAssets": true
  }
 }
--- a/packages/hoppscotch-backend/package.json
+++ b/packages/hoppscotch-backend/package.json
@@ -1,6 +1,6 @@
 {
  "name": "hoppscotch-backend",
-  "version": "2023.8.4-1",
+  "version": "2024.3.3",
  "description": "",
  "author": "",
  "private": true,
@@ -24,79 +24,84 @@
    "do-test": "pnpm run test"
  },
  "dependencies": {
-    "@apollo/server": "^4.9.4",
-    "@nestjs-modules/mailer": "^1.9.1",
-    "@nestjs/apollo": "^12.0.9",
-    "@nestjs/common": "^10.2.6",
-    "@nestjs/core": "^10.2.6",
-    "@nestjs/graphql": "^12.0.9",
-    "@nestjs/jwt": "^10.1.1",
-    "@nestjs/passport": "^10.0.2",
-    "@nestjs/platform-express": "^10.2.6",
-    "@nestjs/throttler": "^5.0.0",
-    "@prisma/client": "^4.16.2",
-    "argon2": "^0.30.3",
-    "bcrypt": "^5.1.0",
-    "cookie": "^0.5.0",
-    "cookie-parser": "^1.4.6",
-    "express": "^4.17.1",
-    "express-session": "^1.17.3",
-    "fp-ts": "^2.13.1",
-    "graphql": "^16.8.1",
-    "graphql-query-complexity": "^0.12.0",
-    "graphql-redis-subscriptions": "^2.6.0",
-    "graphql-subscriptions": "^2.0.0",
-    "handlebars": "^4.7.7",
-    "io-ts": "^2.2.16",
-    "luxon": "^3.2.1",
-    "nodemailer": "^6.9.1",
-    "passport": "^0.6.0",
-    "passport-github2": "^0.1.12",
-    "passport-google-oauth20": "^2.0.0",
-    "passport-jwt": "^4.0.1",
-    "passport-local": "^1.0.0",
-    "passport-microsoft": "^1.0.0",
-    "prisma": "^4.16.2",
-    "reflect-metadata": "^0.1.13",
-    "rimraf": "^3.0.2",
-    "rxjs": "^7.6.0"
+    "@apollo/server": "4.9.5",
+    "@nestjs-modules/mailer": "1.9.1",
+    "@nestjs/apollo": "12.0.9",
+    "@nestjs/common": "10.2.7",
+    "@nestjs/config": "3.1.1",
+    "@nestjs/core": "10.2.7",
+    "@nestjs/graphql": "12.0.9",
+    "@nestjs/jwt": "10.1.1",
+    "@nestjs/passport": "10.0.2",
+    "@nestjs/platform-express": "10.2.7",
+    "@nestjs/schedule": "4.0.1",
+    "@nestjs/terminus": "10.2.3",
+    "@nestjs/throttler": "5.0.1",
+    "@prisma/client": "5.8.1",
+    "argon2": "0.30.3",
+    "bcrypt": "5.1.0",
+    "cookie": "0.5.0",
+    "cookie-parser": "1.4.6",
+    "cron": "3.1.6",
+    "express": "4.18.2",
+    "express-session": "1.17.3",
+    "fp-ts": "2.13.1",
+    "graphql": "16.8.1",
+    "graphql-query-complexity": "0.12.0",
+    "graphql-redis-subscriptions": "2.6.0",
+    "graphql-subscriptions": "2.0.0",
+    "handlebars": "4.7.7",
+    "io-ts": "2.2.16",
+    "luxon": "3.2.1",
+    "nodemailer": "6.9.1",
+    "passport": "0.6.0",
+    "passport-github2": "0.1.12",
+    "passport-google-oauth20": "2.0.0",
+    "passport-jwt": "4.0.1",
+    "passport-local": "1.0.0",
+    "passport-microsoft": "1.0.0",
+    "posthog-node": "3.6.3",
+    "prisma": "5.8.1",
+    "reflect-metadata": "0.1.13",
+    "rimraf": "3.0.2",
+    "rxjs": "7.6.0"
  },
  "devDependencies": {
-    "@nestjs/cli": "^10.1.18",
-    "@nestjs/schematics": "^10.0.2",
-    "@nestjs/testing": "^10.2.6",
-    "@relmify/jest-fp-ts": "^2.0.2",
-    "@types/argon2": "^0.15.0",
-    "@types/bcrypt": "^5.0.0",
-    "@types/cookie": "^0.5.1",
-    "@types/cookie-parser": "^1.4.3",
-    "@types/express": "^4.17.14",
-    "@types/jest": "^29.4.0",
-    "@types/luxon": "^3.2.0",
-    "@types/node": "^18.11.10",
-    "@types/nodemailer": "^6.4.7",
-    "@types/passport-github2": "^1.2.5",
-    "@types/passport-google-oauth20": "^2.0.11",
-    "@types/passport-jwt": "^3.0.8",
-    "@types/passport-microsoft": "^0.0.0",
-    "@types/supertest": "^2.0.12",
-    "@typescript-eslint/eslint-plugin": "^5.45.0",
-    "@typescript-eslint/parser": "^5.45.0",
-    "cross-env": "^7.0.3",
-    "eslint": "^8.29.0",
-    "eslint-config-prettier": "^8.5.0",
-    "eslint-plugin-prettier": "^4.2.1",
-    "jest": "^29.4.1",
-    "jest-mock-extended": "^3.0.1",
+    "@nestjs/cli": "10.2.1",
+    "@nestjs/schematics": "10.0.3",
+    "@nestjs/testing": "10.2.7",
+    "@relmify/jest-fp-ts": "2.0.2",
+    "@types/argon2": "0.15.0",
+    "@types/bcrypt": "5.0.0",
+    "@types/cookie": "0.5.1",
+    "@types/cookie-parser": "1.4.3",
+    "@types/express": "4.17.14",
+    "@types/jest": "29.4.0",
+    "@types/luxon": "3.2.0",
+    "@types/node": "18.11.10",
+    "@types/nodemailer": "6.4.7",
+    "@types/passport-github2": "1.2.5",
+    "@types/passport-google-oauth20": "2.0.11",
+    "@types/passport-jwt": "3.0.8",
+    "@types/passport-microsoft": "0.0.0",
+    "@types/supertest": "2.0.12",
+    "@typescript-eslint/eslint-plugin": "5.45.0",
+    "@typescript-eslint/parser": "5.45.0",
+    "cross-env": "7.0.3",
+    "eslint": "8.29.0",
+    "eslint-config-prettier": "8.5.0",
+    "eslint-plugin-prettier": "4.2.1",
+    "jest": "29.4.1",
+    "jest-mock-extended": "3.0.1",
    "jwt": "link:@types/nestjs/jwt",
-    "prettier": "^2.8.4",
-    "source-map-support": "^0.5.21",
-    "supertest": "^6.3.2",
+    "prettier": "2.8.4",
+    "source-map-support": "0.5.21",
+    "supertest": "6.3.2",
    "ts-jest": "29.0.5",
-    "ts-loader": "^9.4.2",
-    "ts-node": "^10.9.1",
+    "ts-loader": "9.4.2",
+    "ts-node": "10.9.1",
    "tsconfig-paths": "4.1.1",
-    "typescript": "^4.9.3"
+    "typescript": "4.9.3"
  },
  "jest": {
    "moduleFileExtensions": [
--- a/packages/hoppscotch-backend/prisma/migrations/20231124104640_infra_config/migration.sql
+++ b/packages/hoppscotch-backend/prisma/migrations/20231124104640_infra_config/migration.sql
@@ -0,0 +1,14 @@
+-- CreateTable
+CREATE TABLE "InfraConfig" (
+    "id" TEXT NOT NULL,
+    "name" TEXT NOT NULL,
+    "value" TEXT,
+    "active" BOOLEAN NOT NULL DEFAULT true,
+    "createdOn" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedOn" TIMESTAMP(3) NOT NULL,
+
+    CONSTRAINT "InfraConfig_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "InfraConfig_name_key" ON "InfraConfig"("name");
--- a/packages/hoppscotch-backend/prisma/migrations/20240226053141_full_text_search_additions/migration.sql
+++ b/packages/hoppscotch-backend/prisma/migrations/20240226053141_full_text_search_additions/migration.sql
@@ -0,0 +1,22 @@
+-- This is a custom migration file which is not generated by Prisma.
+-- The aim of this migration is to add text search indices to the TeamCollection and TeamRequest tables.
+
+-- Create Extension
+CREATE EXTENSION IF NOT EXISTS pg_trgm;
+
+-- Create GIN Trigram Index for Team Collection title
+CREATE INDEX
+  "TeamCollection_title_trgm_idx"
+ON
+  "TeamCollection"
+USING
+  GIN (title gin_trgm_ops);
+
+-- Create GIN Trigram Index for Team Collection title
+CREATE INDEX
+  "TeamRequest_title_trgm_idx"
+ON
+  "TeamRequest"
+USING
+  GIN (title gin_trgm_ops);
+
--- a/packages/hoppscotch-backend/prisma/migrations/20240519093155_add_last_logged_on_to_user/migration.sql
+++ b/packages/hoppscotch-backend/prisma/migrations/20240519093155_add_last_logged_on_to_user/migration.sql
@@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "User" ADD COLUMN     "lastLoggedOn" TIMESTAMP(3);
--- a/packages/hoppscotch-backend/prisma/migrations/20240520091033_personal_access_tokens/migration.sql
+++ b/packages/hoppscotch-backend/prisma/migrations/20240520091033_personal_access_tokens/migration.sql
@@ -0,0 +1,19 @@
+
+-- CreateTable
+CREATE TABLE "PersonalAccessToken" (
+    "id" TEXT NOT NULL,
+    "userUid" TEXT NOT NULL,
+    "label" TEXT NOT NULL,
+    "token" TEXT NOT NULL,
+    "expiresOn" TIMESTAMP(3),
+    "createdOn" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedOn" TIMESTAMP(3) NOT NULL,
+
+    CONSTRAINT "PersonalAccessToken_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "PersonalAccessToken_token_key" ON "PersonalAccessToken"("token");
+
+-- AddForeignKey
+ALTER TABLE "PersonalAccessToken" ADD CONSTRAINT "PersonalAccessToken_userUid_fkey" FOREIGN KEY ("userUid") REFERENCES "User"("uid") ON DELETE CASCADE ON UPDATE CASCADE;
--- a/packages/hoppscotch-backend/prisma/schema.prisma
+++ b/packages/hoppscotch-backend/prisma/schema.prisma
@@ -89,24 +89,26 @@ model TeamEnvironment {
 }

 model User {
-  uid                String              @id @default(cuid())
-  displayName        String?
-  email              String?             @unique
-  photoURL           String?
-  isAdmin            Boolean             @default(false)
-  refreshToken       String?
-  providerAccounts   Account[]
-  VerificationToken  VerificationToken[]
-  settings           UserSettings?
-  UserHistory        UserHistory[]
-  UserEnvironments   UserEnvironment[]
-  userCollections    UserCollection[]
-  userRequests       UserRequest[]
-  currentRESTSession Json?
-  currentGQLSession  Json?
-  createdOn          DateTime            @default(now()) @db.Timestamp(3)
-  invitedUsers       InvitedUsers[]
-  shortcodes         Shortcode[]
+  uid                  String                @id @default(cuid())
+  displayName          String?
+  email                String?               @unique
+  photoURL             String?
+  isAdmin              Boolean               @default(false)
+  refreshToken         String?
+  providerAccounts     Account[]
+  VerificationToken    VerificationToken[]
+  settings             UserSettings?
+  UserHistory          UserHistory[]
+  UserEnvironments     UserEnvironment[]
+  userCollections      UserCollection[]
+  userRequests         UserRequest[]
+  currentRESTSession   Json?
+  currentGQLSession    Json?
+  lastLoggedOn         DateTime?
+  createdOn            DateTime              @default(now()) @db.Timestamp(3)
+  invitedUsers         InvitedUsers[]
+  shortcodes           Shortcode[]
+  personalAccessTokens PersonalAccessToken[]
 }

 model Account {
@@ -209,3 +211,23 @@ enum TeamMemberRole {
  VIEWER
  EDITOR
 }
+
+model InfraConfig {
+  id        String   @id @default(cuid())
+  name      String   @unique
+  value     String?
+  active    Boolean  @default(true) // Use case: Let's say, Admin wants to disable Google SSO, but doesn't want to delete the config
+  createdOn DateTime @default(now()) @db.Timestamp(3)
+  updatedOn DateTime @updatedAt @db.Timestamp(3)
+}
+
+model PersonalAccessToken {
+  id        String    @id @default(cuid())
+  userUid   String
+  user      User      @relation(fields: [userUid], references: [uid], onDelete: Cascade)
+  label     String
+  token     String    @unique @default(uuid())
+  expiresOn DateTime? @db.Timestamp(3)
+  createdOn DateTime  @default(now()) @db.Timestamp(3)
+  updatedOn DateTime  @updatedAt @db.Timestamp(3)
+}
--- a/packages/hoppscotch-backend/src/access-token/access-token.controller.ts
+++ b/packages/hoppscotch-backend/src/access-token/access-token.controller.ts
@@ -0,0 +1,107 @@
+import {
+  BadRequestException,
+  Body,
+  Controller,
+  Delete,
+  Get,
+  HttpStatus,
+  Param,
+  ParseIntPipe,
+  Post,
+  Query,
+  UseGuards,
+  UseInterceptors,
+} from '@nestjs/common';
+import { AccessTokenService } from './access-token.service';
+import { CreateAccessTokenDto } from './dto/create-access-token.dto';
+import { JwtAuthGuard } from 'src/auth/guards/jwt-auth.guard';
+import * as E from 'fp-ts/Either';
+import { throwHTTPErr } from 'src/utils';
+import { GqlUser } from 'src/decorators/gql-user.decorator';
+import { AuthUser } from 'src/types/AuthUser';
+import { ThrottlerBehindProxyGuard } from 'src/guards/throttler-behind-proxy.guard';
+import { PATAuthGuard } from 'src/guards/rest-pat-auth.guard';
+import { AccessTokenInterceptor } from 'src/interceptors/access-token.interceptor';
+import { TeamEnvironmentsService } from 'src/team-environments/team-environments.service';
+import { TeamCollectionService } from 'src/team-collection/team-collection.service';
+import { ACCESS_TOKENS_INVALID_DATA_ID } from 'src/errors';
+import { createCLIErrorResponse } from './helper';
+
+@UseGuards(ThrottlerBehindProxyGuard)
+@Controller({ path: 'access-tokens', version: '1' })
+export class AccessTokenController {
+  constructor(
+    private readonly accessTokenService: AccessTokenService,
+    private readonly teamCollectionService: TeamCollectionService,
+    private readonly teamEnvironmentsService: TeamEnvironmentsService,
+  ) {}
+
+  @Post('create')
+  @UseGuards(JwtAuthGuard)
+  async createPAT(
+    @GqlUser() user: AuthUser,
+    @Body() createAccessTokenDto: CreateAccessTokenDto,
+  ) {
+    const result = await this.accessTokenService.createPAT(
+      createAccessTokenDto,
+      user,
+    );
+    if (E.isLeft(result)) throwHTTPErr(result.left);
+    return result.right;
+  }
+
+  @Delete('revoke')
+  @UseGuards(JwtAuthGuard)
+  async deletePAT(@Query('id') id: string) {
+    const result = await this.accessTokenService.deletePAT(id);
+
+    if (E.isLeft(result)) throwHTTPErr(result.left);
+    return result.right;
+  }
+
+  @Get('list')
+  @UseGuards(JwtAuthGuard)
+  async listAllUserPAT(
+    @GqlUser() user: AuthUser,
+    @Query('offset', ParseIntPipe) offset: number,
+    @Query('limit', ParseIntPipe) limit: number,
+  ) {
+    return await this.accessTokenService.listAllUserPAT(
+      user.uid,
+      offset,
+      limit,
+    );
+  }
+
+  @Get('collection/:id')
+  @UseGuards(PATAuthGuard)
+  @UseInterceptors(AccessTokenInterceptor)
+  async fetchCollection(@GqlUser() user: AuthUser, @Param('id') id: string) {
+    const res = await this.teamCollectionService.getCollectionForCLI(
+      id,
+      user.uid,
+    );
+
+    if (E.isLeft(res))
+      throw new BadRequestException(
+        createCLIErrorResponse(ACCESS_TOKENS_INVALID_DATA_ID),
+      );
+    return res.right;
+  }
+
+  @Get('environment/:id')
+  @UseGuards(PATAuthGuard)
+  @UseInterceptors(AccessTokenInterceptor)
+  async fetchEnvironment(@GqlUser() user: AuthUser, @Param('id') id: string) {
+    const res = await this.teamEnvironmentsService.getTeamEnvironmentForCLI(
+      id,
+      user.uid,
+    );
+
+    if (E.isLeft(res))
+      throw new BadRequestException(
+        createCLIErrorResponse(ACCESS_TOKENS_INVALID_DATA_ID),
+      );
+    return res.right;
+  }
+}
--- a/packages/hoppscotch-backend/src/access-token/access-token.module.ts
+++ b/packages/hoppscotch-backend/src/access-token/access-token.module.ts
@@ -0,0 +1,20 @@
+import { Module } from '@nestjs/common';
+import { AccessTokenController } from './access-token.controller';
+import { PrismaModule } from 'src/prisma/prisma.module';
+import { AccessTokenService } from './access-token.service';
+import { TeamCollectionModule } from 'src/team-collection/team-collection.module';
+import { TeamEnvironmentsModule } from 'src/team-environments/team-environments.module';
+import { TeamModule } from 'src/team/team.module';
+
+@Module({
+  imports: [
+    PrismaModule,
+    TeamCollectionModule,
+    TeamEnvironmentsModule,
+    TeamModule,
+  ],
+  controllers: [AccessTokenController],
+  providers: [AccessTokenService],
+  exports: [AccessTokenService],
+})
+export class AccessTokenModule {}
--- a/packages/hoppscotch-backend/src/access-token/access-token.service.spec.ts
+++ b/packages/hoppscotch-backend/src/access-token/access-token.service.spec.ts
@@ -0,0 +1,195 @@
+import { AccessTokenService } from './access-token.service';
+import { mockDeep, mockReset } from 'jest-mock-extended';
+import { PrismaService } from 'src/prisma/prisma.service';
+import {
+  ACCESS_TOKEN_EXPIRY_INVALID,
+  ACCESS_TOKEN_LABEL_SHORT,
+  ACCESS_TOKEN_NOT_FOUND,
+} from 'src/errors';
+import { AuthUser } from 'src/types/AuthUser';
+import { PersonalAccessToken } from '@prisma/client';
+import { AccessToken } from 'src/types/AccessToken';
+import { HttpStatus } from '@nestjs/common';
+
+const mockPrisma = mockDeep<PrismaService>();
+
+// eslint-disable-next-line @typescript-eslint/ban-ts-comment
+// @ts-ignore
+const accessTokenService = new AccessTokenService(mockPrisma);
+
+const currentTime = new Date();
+
+const user: AuthUser = {
+  uid: '123344',
+  email: 'dwight@dundermifflin.com',
+  displayName: 'Dwight Schrute',
+  photoURL: 'https://en.wikipedia.org/wiki/Dwight_Schrute',
+  isAdmin: false,
+  refreshToken: 'hbfvdkhjbvkdvdfjvbnkhjb',
+  createdOn: currentTime,
+  currentGQLSession: {},
+  currentRESTSession: {},
+  lastLoggedOn: currentTime,
+};
+
+const PATCreatedOn = new Date();
+const expiryInDays = 7;
+const PATExpiresOn = new Date(
+  PATCreatedOn.getTime() + expiryInDays * 24 * 60 * 60 * 1000,
+);
+
+const userAccessToken: PersonalAccessToken = {
+  id: 'skfvhj8uvdfivb',
+  userUid: user.uid,
+  label: 'test',
+  token: '0140e328-b187-4823-ae4b-ed4bec832ac2',
+  expiresOn: PATExpiresOn,
+  createdOn: PATCreatedOn,
+  updatedOn: new Date(),
+};
+
+const userAccessTokenCasted: AccessToken = {
+  id: userAccessToken.id,
+  label: userAccessToken.label,
+  createdOn: userAccessToken.createdOn,
+  lastUsedOn: userAccessToken.updatedOn,
+  expiresOn: userAccessToken.expiresOn,
+};
+
+beforeEach(() => {
+  mockReset(mockPrisma);
+});
+
+describe('AccessTokenService', () => {
+  describe('createPAT', () => {
+    test('should throw ACCESS_TOKEN_LABEL_SHORT if label is too short', async () => {
+      const result = await accessTokenService.createPAT(
+        {
+          label: 'a',
+          expiryInDays: 7,
+        },
+        user,
+      );
+      expect(result).toEqualLeft({
+        message: ACCESS_TOKEN_LABEL_SHORT,
+        statusCode: HttpStatus.BAD_REQUEST,
+      });
+    });
+
+    test('should throw ACCESS_TOKEN_EXPIRY_INVALID if expiry date is invalid', async () => {
+      const result = await accessTokenService.createPAT(
+        {
+          label: 'test',
+          expiryInDays: 9,
+        },
+        user,
+      );
+      expect(result).toEqualLeft({
+        message: ACCESS_TOKEN_EXPIRY_INVALID,
+        statusCode: HttpStatus.BAD_REQUEST,
+      });
+    });
+
+    test('should successfully create a new Access Token', async () => {
+      mockPrisma.personalAccessToken.create.mockResolvedValueOnce(
+        userAccessToken,
+      );
+
+      const result = await accessTokenService.createPAT(
+        {
+          label: userAccessToken.label,
+          expiryInDays,
+        },
+        user,
+      );
+      expect(result).toEqualRight({
+        token: `pat-${userAccessToken.token}`,
+        info: userAccessTokenCasted,
+      });
+    });
+  });
+
+  describe('deletePAT', () => {
+    test('should throw ACCESS_TOKEN_NOT_FOUND if Access Token is not found', async () => {
+      mockPrisma.personalAccessToken.delete.mockRejectedValueOnce(
+        'RecordNotFound',
+      );
+
+      const result = await accessTokenService.deletePAT(userAccessToken.id);
+      expect(result).toEqualLeft({
+        message: ACCESS_TOKEN_NOT_FOUND,
+        statusCode: HttpStatus.NOT_FOUND,
+      });
+    });
+
+    test('should successfully delete a new Access Token', async () => {
+      mockPrisma.personalAccessToken.delete.mockResolvedValueOnce(
+        userAccessToken,
+      );
+
+      const result = await accessTokenService.deletePAT(userAccessToken.id);
+      expect(result).toEqualRight(true);
+    });
+  });
+
+  describe('listAllUserPAT', () => {
+    test('should successfully return a list of user Access Tokens', async () => {
+      mockPrisma.personalAccessToken.findMany.mockResolvedValueOnce([
+        userAccessToken,
+      ]);
+
+      const result = await accessTokenService.listAllUserPAT(user.uid, 0, 10);
+      expect(result).toEqual([userAccessTokenCasted]);
+    });
+  });
+
+  describe('getUserPAT', () => {
+    test('should throw ACCESS_TOKEN_NOT_FOUND if Access Token is not found', async () => {
+      mockPrisma.personalAccessToken.findUniqueOrThrow.mockRejectedValueOnce(
+        'NotFoundError',
+      );
+
+      const result = await accessTokenService.getUserPAT(userAccessToken.token);
+      expect(result).toEqualLeft(ACCESS_TOKEN_NOT_FOUND);
+    });
+
+    test('should successfully return a user Access Tokens', async () => {
+      mockPrisma.personalAccessToken.findUniqueOrThrow.mockResolvedValueOnce({
+        ...userAccessToken,
+        user,
+      } as any);
+
+      const result = await accessTokenService.getUserPAT(
+        `pat-${userAccessToken.token}`,
+      );
+      expect(result).toEqualRight({
+        user,
+        ...userAccessToken,
+      } as any);
+    });
+  });
+
+  describe('updateLastUsedforPAT', () => {
+    test('should throw ACCESS_TOKEN_NOT_FOUND if Access Token is not found', async () => {
+      mockPrisma.personalAccessToken.update.mockRejectedValueOnce(
+        'RecordNotFound',
+      );
+
+      const result = await accessTokenService.updateLastUsedForPAT(
+        userAccessToken.token,
+      );
+      expect(result).toEqualLeft(ACCESS_TOKEN_NOT_FOUND);
+    });
+
+    test('should successfully update lastUsedOn for a user Access Tokens', async () => {
+      mockPrisma.personalAccessToken.update.mockResolvedValueOnce(
+        userAccessToken,
+      );
+
+      const result = await accessTokenService.updateLastUsedForPAT(
+        `pat-${userAccessToken.token}`,
+      );
+      expect(result).toEqualRight(userAccessTokenCasted);
+    });
+  });
+});
--- a/packages/hoppscotch-backend/src/access-token/access-token.service.ts
+++ b/packages/hoppscotch-backend/src/access-token/access-token.service.ts
@@ -0,0 +1,203 @@
+import { HttpStatus, Injectable } from '@nestjs/common';
+import { PrismaService } from 'src/prisma/prisma.service';
+import { CreateAccessTokenDto } from './dto/create-access-token.dto';
+import { AuthUser } from 'src/types/AuthUser';
+import { isValidLength } from 'src/utils';
+import * as E from 'fp-ts/Either';
+import {
+  ACCESS_TOKEN_EXPIRY_INVALID,
+  ACCESS_TOKEN_LABEL_SHORT,
+  ACCESS_TOKEN_NOT_FOUND,
+} from 'src/errors';
+import { CreateAccessTokenResponse } from './helper';
+import { PersonalAccessToken } from '@prisma/client';
+import { AccessToken } from 'src/types/AccessToken';
+@Injectable()
+export class AccessTokenService {
+  constructor(private readonly prisma: PrismaService) {}
+
+  TITLE_LENGTH = 3;
+  VALID_TOKEN_DURATIONS = [7, 30, 60, 90];
+  TOKEN_PREFIX = 'pat-';
+
+  /**
+   * Calculate the expiration date of the token
+   *
+   * @param expiresOn Number of days the token is valid for
+   * @returns Date object of the expiration date
+   */
+  private calculateExpirationDate(expiresOn: null | number) {
+    if (expiresOn === null) return null;
+    return new Date(Date.now() + expiresOn * 24 * 60 * 60 * 1000);
+  }
+
+  /**
+   * Validate the expiration date of the token
+   *
+   * @param expiresOn Number of days the token is valid for
+   * @returns Boolean indicating if the expiration date is valid
+   */
+  private validateExpirationDate(expiresOn: null | number) {
+    if (expiresOn === null || this.VALID_TOKEN_DURATIONS.includes(expiresOn))
+      return true;
+    return false;
+  }
+
+  /**
+   * Typecast a database PersonalAccessToken to a AccessToken model
+   * @param token database PersonalAccessToken
+   * @returns AccessToken model
+   */
+  private cast(token: PersonalAccessToken): AccessToken {
+    return <AccessToken>{
+      id: token.id,
+      label: token.label,
+      createdOn: token.createdOn,
+      expiresOn: token.expiresOn,
+      lastUsedOn: token.updatedOn,
+    };
+  }
+
+  /**
+   * Extract UUID from the token
+   *
+   * @param token Personal Access Token
+   * @returns UUID of the token
+   */
+  private extractUUID(token): string | null {
+    if (!token.startsWith(this.TOKEN_PREFIX)) return null;
+    return token.slice(this.TOKEN_PREFIX.length);
+  }
+
+  /**
+   * Create a Personal Access Token
+   *
+   * @param createAccessTokenDto DTO for creating a Personal Access Token
+   * @param user AuthUser object
+   * @returns Either of the created token or error message
+   */
+  async createPAT(createAccessTokenDto: CreateAccessTokenDto, user: AuthUser) {
+    const isTitleValid = isValidLength(
+      createAccessTokenDto.label,
+      this.TITLE_LENGTH,
+    );
+    if (!isTitleValid)
+      return E.left({
+        message: ACCESS_TOKEN_LABEL_SHORT,
+        statusCode: HttpStatus.BAD_REQUEST,
+      });
+
+    if (!this.validateExpirationDate(createAccessTokenDto.expiryInDays))
+      return E.left({
+        message: ACCESS_TOKEN_EXPIRY_INVALID,
+        statusCode: HttpStatus.BAD_REQUEST,
+      });
+
+    const createdPAT = await this.prisma.personalAccessToken.create({
+      data: {
+        userUid: user.uid,
+        label: createAccessTokenDto.label,
+        expiresOn: this.calculateExpirationDate(
+          createAccessTokenDto.expiryInDays,
+        ),
+      },
+    });
+
+    const res: CreateAccessTokenResponse = {
+      token: `${this.TOKEN_PREFIX}${createdPAT.token}`,
+      info: this.cast(createdPAT),
+    };
+
+    return E.right(res);
+  }
+
+  /**
+   * Delete a Personal Access Token
+   *
+   * @param accessTokenID ID of the Personal Access Token
+   * @returns Either of true or error message
+   */
+  async deletePAT(accessTokenID: string) {
+    try {
+      await this.prisma.personalAccessToken.delete({
+        where: { id: accessTokenID },
+      });
+      return E.right(true);
+    } catch {
+      return E.left({
+        message: ACCESS_TOKEN_NOT_FOUND,
+        statusCode: HttpStatus.NOT_FOUND,
+      });
+    }
+  }
+
+  /**
+   * List all Personal Access Tokens of a user
+   *
+   * @param userUid UID of the user
+   * @param offset Offset for pagination
+   * @param limit Limit for pagination
+   * @returns Either of the list of Personal Access Tokens or error message
+   */
+  async listAllUserPAT(userUid: string, offset: number, limit: number) {
+    const userPATs = await this.prisma.personalAccessToken.findMany({
+      where: {
+        userUid: userUid,
+      },
+      skip: offset,
+      take: limit,
+      orderBy: {
+        createdOn: 'desc',
+      },
+    });
+
+    const userAccessTokenList = userPATs.map((pat) => this.cast(pat));
+
+    return userAccessTokenList;
+  }
+
+  /**
+   * Get a Personal Access Token
+   *
+   * @param accessToken Personal Access Token
+   * @returns Either of the Personal Access Token or error message
+   */
+  async getUserPAT(accessToken: string) {
+    const extractedToken = this.extractUUID(accessToken);
+    if (!extractedToken) return E.left(ACCESS_TOKEN_NOT_FOUND);
+
+    try {
+      const userPAT = await this.prisma.personalAccessToken.findUniqueOrThrow({
+        where: { token: extractedToken },
+        include: { user: true },
+      });
+      return E.right(userPAT);
+    } catch {
+      return E.left(ACCESS_TOKEN_NOT_FOUND);
+    }
+  }
+
+  /**
+   * Update the last used date of a Personal Access Token
+   *
+   * @param token Personal Access Token
+   * @returns Either of the updated Personal Access Token or error message
+   */
+  async updateLastUsedForPAT(token: string) {
+    const extractedToken = this.extractUUID(token);
+    if (!extractedToken) return E.left(ACCESS_TOKEN_NOT_FOUND);
+
+    try {
+      const updatedAccessToken = await this.prisma.personalAccessToken.update({
+        where: { token: extractedToken },
+        data: {
+          updatedOn: new Date(),
+        },
+      });
+
+      return E.right(this.cast(updatedAccessToken));
+    } catch {
+      return E.left(ACCESS_TOKEN_NOT_FOUND);
+    }
+  }
+}
--- a/packages/hoppscotch-backend/src/access-token/dto/create-access-token.dto.ts
+++ b/packages/hoppscotch-backend/src/access-token/dto/create-access-token.dto.ts
@@ -0,0 +1,5 @@
+// Inputs to create a new PAT
+export class CreateAccessTokenDto {
+  label: string;
+  expiryInDays: number | null;
+}
--- a/packages/hoppscotch-backend/src/access-token/helper.ts
+++ b/packages/hoppscotch-backend/src/access-token/helper.ts
@@ -0,0 +1,17 @@
+import { AccessToken } from 'src/types/AccessToken';
+
+// Response type of PAT creation method
+export type CreateAccessTokenResponse = {
+  token: string;
+  info: AccessToken;
+};
+
+// Response type of any error in PAT module
+export type CLIErrorResponse = {
+  reason: string;
+};
+
+// Return a CLIErrorResponse object
+export function createCLIErrorResponse(reason: string): CLIErrorResponse {
+  return { reason };
+}
--- a/packages/hoppscotch-backend/src/admin/admin.module.ts
+++ b/packages/hoppscotch-backend/src/admin/admin.module.ts
@@ -4,7 +4,6 @@ import { AdminService } from './admin.service';
 import { PrismaModule } from '../prisma/prisma.module';
 import { PubSubModule } from '../pubsub/pubsub.module';
 import { UserModule } from '../user/user.module';
-import { MailerModule } from '../mailer/mailer.module';
 import { TeamModule } from '../team/team.module';
 import { TeamInvitationModule } from '../team-invitation/team-invitation.module';
 import { TeamEnvironmentsModule } from '../team-environments/team-environments.module';
@@ -12,19 +11,20 @@ import { TeamCollectionModule } from '../team-collection/team-collection.module'
 import { TeamRequestModule } from '../team-request/team-request.module';
 import { InfraResolver } from './infra.resolver';
 import { ShortcodeModule } from 'src/shortcode/shortcode.module';
+import { InfraConfigModule } from 'src/infra-config/infra-config.module';

@Module({
  imports: [
    PrismaModule,
    PubSubModule,
    UserModule,
-    MailerModule,
    TeamModule,
    TeamInvitationModule,
    TeamEnvironmentsModule,
    TeamCollectionModule,
    TeamRequestModule,
    ShortcodeModule,
+    InfraConfigModule,
  ],
  providers: [InfraResolver, AdminResolver, AdminService],
  exports: [AdminService],
--- a/packages/hoppscotch-backend/src/admin/admin.resolver.ts
+++ b/packages/hoppscotch-backend/src/admin/admin.resolver.ts
@@ -27,9 +27,7 @@ import {
 } from './input-types.args';
 import { GqlThrottlerGuard } from 'src/guards/gql-throttler.guard';
 import { SkipThrottle } from '@nestjs/throttler';
-import { User } from 'src/user/user.model';
-import { PaginationArgs } from 'src/types/input-types.args';
-import { TeamInvitation } from 'src/team-invitation/team-invitation.model';
+import { UserDeletionResult } from 'src/user/user.model';

@UseGuards(GqlThrottlerGuard)
@Resolver(() => Admin)
@@ -49,203 +47,6 @@ export class AdminResolver {
    return admin;
  }

-  @ResolveField(() => [User], {
-    description: 'Returns a list of all admin users in infra',
-    deprecationReason: 'Use `infra` query instead',
-  })
-  @UseGuards(GqlAuthGuard, GqlAdminGuard)
-  async admins() {
-    const admins = await this.adminService.fetchAdmins();
-    return admins;
-  }
-  @ResolveField(() => User, {
-    description: 'Returns a user info by UID',
-    deprecationReason: 'Use `infra` query instead',
-  })
-  @UseGuards(GqlAuthGuard, GqlAdminGuard)
-  async userInfo(
-    @Args({
-      name: 'userUid',
-      type: () => ID,
-      description: 'The user UID',
-    })
-    userUid: string,
-  ): Promise<AuthUser> {
-    const user = await this.adminService.fetchUserInfo(userUid);
-    if (E.isLeft(user)) throwErr(user.left);
-    return user.right;
-  }
-
-  @ResolveField(() => [User], {
-    description: 'Returns a list of all the users in infra',
-    deprecationReason: 'Use `infra` query instead',
-  })
-  @UseGuards(GqlAuthGuard, GqlAdminGuard)
-  async allUsers(
-    @Parent() admin: Admin,
-    @Args() args: PaginationArgs,
-  ): Promise<AuthUser[]> {
-    const users = await this.adminService.fetchUsers(args.cursor, args.take);
-    return users;
-  }
-
-  @ResolveField(() => [InvitedUser], {
-    description: 'Returns a list of all the invited users',
-    deprecationReason: 'Use `infra` query instead',
-  })
-  async invitedUsers(@Parent() admin: Admin): Promise<InvitedUser[]> {
-    const users = await this.adminService.fetchInvitedUsers();
-    return users;
-  }
-
-  @ResolveField(() => [Team], {
-    description: 'Returns a list of all the teams in the infra',
-    deprecationReason: 'Use `infra` query instead',
-  })
-  async allTeams(
-    @Parent() admin: Admin,
-    @Args() args: PaginationArgs,
-  ): Promise<Team[]> {
-    const teams = await this.adminService.fetchAllTeams(args.cursor, args.take);
-    return teams;
-  }
-  @ResolveField(() => Team, {
-    description: 'Returns a team info by ID when requested by Admin',
-    deprecationReason: 'Use `infra` query instead',
-  })
-  async teamInfo(
-    @Parent() admin: Admin,
-    @Args({
-      name: 'teamID',
-      type: () => ID,
-      description: 'Team ID for which info to fetch',
-    })
-    teamID: string,
-  ): Promise<Team> {
-    const team = await this.adminService.getTeamInfo(teamID);
-    if (E.isLeft(team)) throwErr(team.left);
-    return team.right;
-  }
-
-  @ResolveField(() => Number, {
-    description: 'Return count of all the members in a team',
-    deprecationReason: 'Use `infra` query instead',
-  })
-  async membersCountInTeam(
-    @Parent() admin: Admin,
-    @Args({
-      name: 'teamID',
-      type: () => ID,
-      description: 'Team ID for which team members to fetch',
-      nullable: false,
-    })
-    teamID: string,
-  ): Promise<number> {
-    const teamMembersCount = await this.adminService.membersCountInTeam(teamID);
-    return teamMembersCount;
-  }
-
-  @ResolveField(() => Number, {
-    description: 'Return count of all the stored collections in a team',
-    deprecationReason: 'Use `infra` query instead',
-  })
-  async collectionCountInTeam(
-    @Parent() admin: Admin,
-    @Args({
-      name: 'teamID',
-      type: () => ID,
-      description: 'Team ID for which team members to fetch',
-    })
-    teamID: string,
-  ): Promise<number> {
-    const teamCollCount = await this.adminService.collectionCountInTeam(teamID);
-    return teamCollCount;
-  }
-  @ResolveField(() => Number, {
-    description: 'Return count of all the stored requests in a team',
-    deprecationReason: 'Use `infra` query instead',
-  })
-  async requestCountInTeam(
-    @Parent() admin: Admin,
-    @Args({
-      name: 'teamID',
-      type: () => ID,
-      description: 'Team ID for which team members to fetch',
-    })
-    teamID: string,
-  ): Promise<number> {
-    const teamReqCount = await this.adminService.requestCountInTeam(teamID);
-    return teamReqCount;
-  }
-
-  @ResolveField(() => Number, {
-    description: 'Return count of all the stored environments in a team',
-    deprecationReason: 'Use `infra` query instead',
-  })
-  async environmentCountInTeam(
-    @Parent() admin: Admin,
-    @Args({
-      name: 'teamID',
-      type: () => ID,
-      description: 'Team ID for which team members to fetch',
-    })
-    teamID: string,
-  ): Promise<number> {
-    const envsCount = await this.adminService.environmentCountInTeam(teamID);
-    return envsCount;
-  }
-
-  @ResolveField(() => [TeamInvitation], {
-    description: 'Return all the pending invitations in a team',
-    deprecationReason: 'Use `infra` query instead',
-  })
-  async pendingInvitationCountInTeam(
-    @Parent() admin: Admin,
-    @Args({
-      name: 'teamID',
-      type: () => ID,
-      description: 'Team ID for which team members to fetch',
-    })
-    teamID: string,
-  ) {
-    const invitations = await this.adminService.pendingInvitationCountInTeam(
-      teamID,
-    );
-    return invitations;
-  }
-
-  @ResolveField(() => Number, {
-    description: 'Return total number of Users in organization',
-    deprecationReason: 'Use `infra` query instead',
-  })
-  async usersCount() {
-    return this.adminService.getUsersCount();
-  }
-
-  @ResolveField(() => Number, {
-    description: 'Return total number of Teams in organization',
-    deprecationReason: 'Use `infra` query instead',
-  })
-  async teamsCount() {
-    return this.adminService.getTeamsCount();
-  }
-
-  @ResolveField(() => Number, {
-    description: 'Return total number of Team Collections in organization',
-    deprecationReason: 'Use `infra` query instead',
-  })
-  async teamCollectionsCount() {
-    return this.adminService.getTeamCollectionsCount();
-  }
-
-  @ResolveField(() => Number, {
-    description: 'Return total number of Team Requests in organization',
-    deprecationReason: 'Use `infra` query instead',
-  })
-  async teamRequestsCount() {
-    return this.adminService.getTeamRequestsCount();
-  }
-
  /* Mutations */

  @Mutation(() => InvitedUser, {
@@ -269,8 +70,26 @@ export class AdminResolver {
    return invitedUser.right;
  }

+  @Mutation(() => Boolean, {
+    description: 'Revoke a user invites by invitee emails',
+  })
+  @UseGuards(GqlAuthGuard, GqlAdminGuard)
+  async revokeUserInvitationsByAdmin(
+    @Args({
+      name: 'inviteeEmails',
+      description: 'Invitee Emails',
+      type: () => [String],
+    })
+    inviteeEmails: string[],
+  ): Promise<boolean> {
+    const invite = await this.adminService.revokeUserInvitations(inviteeEmails);
+    if (E.isLeft(invite)) throwErr(invite.left);
+    return invite.right;
+  }
+
  @Mutation(() => Boolean, {
    description: 'Delete an user account from infra',
+    deprecationReason: 'Use removeUsersByAdmin instead',
  })
  @UseGuards(GqlAuthGuard, GqlAdminGuard)
  async removeUserByAdmin(
@@ -281,12 +100,33 @@ export class AdminResolver {
    })
    userUID: string,
  ): Promise<boolean> {
-    const invitedUser = await this.adminService.removeUserAccount(userUID);
-    if (E.isLeft(invitedUser)) throwErr(invitedUser.left);
-    return invitedUser.right;
+    const removedUser = await this.adminService.removeUserAccount(userUID);
+    if (E.isLeft(removedUser)) throwErr(removedUser.left);
+    return removedUser.right;
  }
+
+  @Mutation(() => [UserDeletionResult], {
+    description: 'Delete user accounts from infra',
+  })
+  @UseGuards(GqlAuthGuard, GqlAdminGuard)
+  async removeUsersByAdmin(
+    @Args({
+      name: 'userUIDs',
+      description: 'users UID',
+      type: () => [ID],
+    })
+    userUIDs: string[],
+  ): Promise<UserDeletionResult[]> {
+    const deletionResults = await this.adminService.removeUserAccounts(
+      userUIDs,
+    );
+    if (E.isLeft(deletionResults)) throwErr(deletionResults.left);
+    return deletionResults.right;
+  }
+
  @Mutation(() => Boolean, {
    description: 'Make user an admin',
+    deprecationReason: 'Use makeUsersAdmin instead',
  })
  @UseGuards(GqlAuthGuard, GqlAdminGuard)
  async makeUserAdmin(
@@ -302,8 +142,51 @@ export class AdminResolver {
    return admin.right;
  }

+  @Mutation(() => Boolean, {
+    description: 'Make users an admin',
+  })
+  @UseGuards(GqlAuthGuard, GqlAdminGuard)
+  async makeUsersAdmin(
+    @Args({
+      name: 'userUIDs',
+      description: 'users UID',
+      type: () => [ID],
+    })
+    userUIDs: string[],
+  ): Promise<boolean> {
+    const isUpdated = await this.adminService.makeUsersAdmin(userUIDs);
+    if (E.isLeft(isUpdated)) throwErr(isUpdated.left);
+    return isUpdated.right;
+  }
+
+  @Mutation(() => Boolean, {
+    description: 'Update user display name',
+  })
+  @UseGuards(GqlAuthGuard, GqlAdminGuard)
+  async updateUserDisplayNameByAdmin(
+    @Args({
+      name: 'userUID',
+      description: 'users UID',
+      type: () => ID,
+    })
+    userUID: string,
+    @Args({
+      name: 'displayName',
+      description: 'users display name',
+    })
+    displayName: string,
+  ): Promise<boolean> {
+    const isUpdated = await this.adminService.updateUserDisplayName(
+      userUID,
+      displayName,
+    );
+    if (E.isLeft(isUpdated)) throwErr(isUpdated.left);
+    return isUpdated.right;
+  }
+
  @Mutation(() => Boolean, {
    description: 'Remove user as admin',
+    deprecationReason: 'Use demoteUsersByAdmin instead',
  })
  @UseGuards(GqlAuthGuard, GqlAdminGuard)
  async removeUserAsAdmin(
@@ -319,6 +202,23 @@ export class AdminResolver {
    return admin.right;
  }

+  @Mutation(() => Boolean, {
+    description: 'Remove users as admin',
+  })
+  @UseGuards(GqlAuthGuard, GqlAdminGuard)
+  async demoteUsersByAdmin(
+    @Args({
+      name: 'userUIDs',
+      description: 'users UID',
+      type: () => [ID],
+    })
+    userUIDs: string[],
+  ): Promise<boolean> {
+    const isUpdated = await this.adminService.demoteUsersByAdmin(userUIDs);
+    if (E.isLeft(isUpdated)) throwErr(isUpdated.left);
+    return isUpdated.right;
+  }
+
  @Mutation(() => Team, {
    description:
      'Create a new team by providing the user uid to nominate as Team owner',
--- a/packages/hoppscotch-backend/src/admin/admin.service.spec.ts
+++ b/packages/hoppscotch-backend/src/admin/admin.service.spec.ts
@@ -1,7 +1,7 @@
 import { AdminService } from './admin.service';
 import { PubSubService } from '../pubsub/pubsub.service';
 import { mockDeep } from 'jest-mock-extended';
-import { InvitedUsers } from '@prisma/client';
+import { InvitedUsers, User as DbUser } from '@prisma/client';
 import { UserService } from '../user/user.service';
 import { TeamService } from '../team/team.service';
 import { TeamEnvironmentsService } from '../team-environments/team-environments.service';
@@ -13,9 +13,15 @@ import { PrismaService } from 'src/prisma/prisma.service';
 import {
  DUPLICATE_EMAIL,
  INVALID_EMAIL,
+  ONLY_ONE_ADMIN_ACCOUNT,
  USER_ALREADY_INVITED,
+  USER_INVITATION_DELETION_FAILED,
+  USER_NOT_FOUND,
 } from '../errors';
 import { ShortcodeService } from 'src/shortcode/shortcode.service';
+import { ConfigService } from '@nestjs/config';
+import { OffsetPaginationArgs } from 'src/types/input-types.args';
+import * as E from 'fp-ts/Either';

 const mockPrisma = mockDeep<PrismaService>();
 const mockPubSub = mockDeep<PubSubService>();
@@ -27,6 +33,7 @@ const mockTeamInvitationService = mockDeep<TeamInvitationService>();
 const mockTeamCollectionService = mockDeep<TeamCollectionService>();
 const mockMailerService = mockDeep<MailerService>();
 const mockShortcodeService = mockDeep<ShortcodeService>();
+const mockConfigService = mockDeep<ConfigService>();

 const adminService = new AdminService(
  mockUserService,
@@ -39,6 +46,7 @@ const adminService = new AdminService(
  mockPrisma as any,
  mockMailerService,
  mockShortcodeService,
+  mockConfigService,
 );

 const invitedUsers: InvitedUsers[] = [
@@ -55,20 +63,78 @@ const invitedUsers: InvitedUsers[] = [
    invitedOn: new Date(),
  },
 ];
+
+const dbAdminUsers: DbUser[] = [
+  {
+    uid: 'uid 1',
+    displayName: 'displayName',
+    email: 'email@email.com',
+    photoURL: 'photoURL',
+    isAdmin: true,
+    refreshToken: 'refreshToken',
+    currentRESTSession: '',
+    currentGQLSession: '',
+    lastLoggedOn: new Date(),
+    createdOn: new Date(),
+  },
+  {
+    uid: 'uid 2',
+    displayName: 'displayName',
+    email: 'email@email.com',
+    photoURL: 'photoURL',
+    isAdmin: true,
+    refreshToken: 'refreshToken',
+    currentRESTSession: '',
+    currentGQLSession: '',
+    lastLoggedOn: new Date(),
+    createdOn: new Date(),
+  },
+];
+
 describe('AdminService', () => {
  describe('fetchInvitedUsers', () => {
-    test('should resolve right and return an array of invited users', async () => {
+    test('should resolve right and apply pagination correctly', async () => {
      // eslint-disable-next-line @typescript-eslint/ban-ts-comment
      // @ts-ignore
+      mockPrisma.user.findMany.mockResolvedValue([dbAdminUsers[0]]);
+      // @ts-ignore
      mockPrisma.invitedUsers.findMany.mockResolvedValue(invitedUsers);

-      const results = await adminService.fetchInvitedUsers();
+      const paginationArgs: OffsetPaginationArgs = { take: 5, skip: 2 };
+      const results = await adminService.fetchInvitedUsers(paginationArgs);
+
+      expect(mockPrisma.invitedUsers.findMany).toHaveBeenCalledWith({
+        ...paginationArgs,
+        orderBy: {
+          invitedOn: 'desc',
+        },
+        where: {
+          NOT: {
+            inviteeEmail: {
+              in: [dbAdminUsers[0].email],
+            },
+          },
+        },
+      });
+    });
+    test('should resolve right and return an array of invited users', async () => {
+      const paginationArgs: OffsetPaginationArgs = { take: 10, skip: 0 };
+
+      // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+      // @ts-ignore
+      mockPrisma.user.findMany.mockResolvedValue([dbAdminUsers[0]]);
+      // @ts-ignore
+      mockPrisma.invitedUsers.findMany.mockResolvedValue(invitedUsers);
+
+      const results = await adminService.fetchInvitedUsers(paginationArgs);
      expect(results).toEqual(invitedUsers);
    });
    test('should resolve left and return an empty array if invited users not found', async () => {
+      const paginationArgs: OffsetPaginationArgs = { take: 10, skip: 0 };
+
      mockPrisma.invitedUsers.findMany.mockResolvedValue([]);

-      const results = await adminService.fetchInvitedUsers();
+      const results = await adminService.fetchInvitedUsers(paginationArgs);
      expect(results).toEqual([]);
    });
  });
@@ -131,6 +197,58 @@ describe('AdminService', () => {
    });
  });

+  describe('revokeUserInvitations', () => {
+    test('should resolve left and return error if email not invited', async () => {
+      mockPrisma.invitedUsers.deleteMany.mockRejectedValueOnce(
+        'RecordNotFound',
+      );
+
+      const result = await adminService.revokeUserInvitations([
+        'test@gmail.com',
+      ]);
+
+      expect(result).toEqualLeft(USER_INVITATION_DELETION_FAILED);
+    });
+
+    test('should resolve right and return deleted invitee email', async () => {
+      const adminUid = 'adminUid';
+      mockPrisma.invitedUsers.deleteMany.mockResolvedValueOnce({ count: 1 });
+
+      const result = await adminService.revokeUserInvitations([
+        invitedUsers[0].inviteeEmail,
+      ]);
+
+      expect(mockPrisma.invitedUsers.deleteMany).toHaveBeenCalledWith({
+        where: {
+          inviteeEmail: { in: [invitedUsers[0].inviteeEmail] },
+        },
+      });
+      expect(result).toEqualRight(true);
+    });
+  });
+
+  describe('removeUsersAsAdmin', () => {
+    test('should resolve right and make admins to users', async () => {
+      mockUserService.fetchAdminUsers.mockResolvedValueOnce(dbAdminUsers);
+      mockUserService.removeUsersAsAdmin.mockResolvedValueOnce(E.right(true));
+
+      return expect(
+        await adminService.demoteUsersByAdmin([dbAdminUsers[0].uid]),
+      ).toEqualRight(true);
+    });
+
+    test('should resolve left and return error if only one admin in the infra', async () => {
+      mockUserService.fetchAdminUsers.mockResolvedValueOnce(dbAdminUsers);
+      mockUserService.removeUsersAsAdmin.mockResolvedValueOnce(E.right(true));
+
+      return expect(
+        await adminService.demoteUsersByAdmin(
+          dbAdminUsers.map((user) => user.uid),
+        ),
+      ).toEqualLeft(ONLY_ONE_ADMIN_ACCOUNT);
+    });
+  });
+
  describe('getUsersCount', () => {
    test('should return count of all users in the organization', async () => {
      mockUserService.getUsersCount.mockResolvedValueOnce(10);
--- a/packages/hoppscotch-backend/src/admin/admin.service.ts
+++ b/packages/hoppscotch-backend/src/admin/admin.service.ts
@@ -6,13 +6,16 @@ import * as E from 'fp-ts/Either';
 import * as O from 'fp-ts/Option';
 import { validateEmail } from '../utils';
 import {
+  ADMIN_CAN_NOT_BE_DELETED,
  DUPLICATE_EMAIL,
  EMAIL_FAILED,
  INVALID_EMAIL,
  ONLY_ONE_ADMIN_ACCOUNT,
  TEAM_INVITE_ALREADY_MEMBER,
  TEAM_INVITE_NO_INVITE_FOUND,
+  USERS_NOT_FOUND,
  USER_ALREADY_INVITED,
+  USER_INVITATION_DELETION_FAILED,
  USER_IS_ADMIN,
  USER_NOT_FOUND,
 } from '../errors';
@@ -25,6 +28,9 @@ import { TeamEnvironmentsService } from '../team-environments/team-environments.
 import { TeamInvitationService } from '../team-invitation/team-invitation.service';
 import { TeamMemberRole } from '../team/team.model';
 import { ShortcodeService } from 'src/shortcode/shortcode.service';
+import { ConfigService } from '@nestjs/config';
+import { OffsetPaginationArgs } from 'src/types/input-types.args';
+import { UserDeletionResult } from 'src/user/user.model';

@Injectable()
 export class AdminService {
@@ -39,6 +45,7 @@ export class AdminService {
    private readonly prisma: PrismaService,
    private readonly mailerService: MailerService,
    private readonly shortcodeService: ShortcodeService,
+    private readonly configService: ConfigService,
  ) {}

  /**
@@ -46,12 +53,30 @@ export class AdminService {
   * @param cursorID Users uid
   * @param take number of users to fetch
   * @returns an Either of array of user or error
+   * @deprecated use fetchUsersV2 instead
   */
  async fetchUsers(cursorID: string, take: number) {
    const allUsers = await this.userService.fetchAllUsers(cursorID, take);
    return allUsers;
  }

+  /**
+   * Fetch all the users in the infra.
+   * @param searchString search on users displayName or email
+   * @param paginationOption pagination options
+   * @returns an Either of array of user or error
+   */
+  async fetchUsersV2(
+    searchString: string,
+    paginationOption: OffsetPaginationArgs,
+  ) {
+    const allUsers = await this.userService.fetchAllUsersV2(
+      searchString,
+      paginationOption,
+    );
+    return allUsers;
+  }
+
  /**
   * Invite a user to join the infra.
   * @param adminUID Admin's UID
@@ -79,7 +104,7 @@ export class AdminService {
        template: 'user-invitation',
        variables: {
          inviteeEmail: inviteeEmail,
-          magicLink: `${process.env.VITE_BASE_URL}`,
+          magicLink: `${this.configService.get('VITE_BASE_URL')}`,
        },
      });
    } catch (e) {
@@ -108,14 +133,68 @@ export class AdminService {
    return E.right(invitedUser);
  }

+  /**
+   * Update the display name of a user
+   * @param userUid Who's display name is being updated
+   * @param displayName New display name of the user
+   * @returns an Either of boolean or error
+   */
+  async updateUserDisplayName(userUid: string, displayName: string) {
+    const updatedUser = await this.userService.updateUserDisplayName(
+      userUid,
+      displayName,
+    );
+    if (E.isLeft(updatedUser)) return E.left(updatedUser.left);
+
+    return E.right(true);
+  }
+
+  /**
+   * Revoke infra level user invitations
+   * @param inviteeEmails Invitee's emails
+   * @param adminUid Admin Uid
+   * @returns an Either of boolean or error string
+   */
+  async revokeUserInvitations(inviteeEmails: string[]) {
+    try {
+      await this.prisma.invitedUsers.deleteMany({
+        where: {
+          inviteeEmail: { in: inviteeEmails },
+        },
+      });
+      return E.right(true);
+    } catch (error) {
+      return E.left(USER_INVITATION_DELETION_FAILED);
+    }
+  }
+
  /**
   * Fetch the list of invited users by the admin.
   * @returns an Either of array of `InvitedUser` object or error
   */
-  async fetchInvitedUsers() {
-    const invitedUsers = await this.prisma.invitedUsers.findMany();
+  async fetchInvitedUsers(paginationOption: OffsetPaginationArgs) {
+    const userEmailObjs = await this.prisma.user.findMany({
+      select: {
+        email: true,
+      },
+    });

-    const users: InvitedUser[] = invitedUsers.map(
+    const pendingInvitedUsers = await this.prisma.invitedUsers.findMany({
+      take: paginationOption.take,
+      skip: paginationOption.skip,
+      orderBy: {
+        invitedOn: 'desc',
+      },
+      where: {
+        NOT: {
+          inviteeEmail: {
+            in: userEmailObjs.map((user) => user.email),
+          },
+        },
+      },
+    });
+
+    const users: InvitedUser[] = pendingInvitedUsers.map(
      (user) => <InvitedUser>{ ...user },
    );

@@ -335,6 +414,7 @@ export class AdminService {
   * Remove a user account by UID
   * @param userUid User UID
   * @returns an Either of boolean or error
+   * @deprecated use removeUserAccounts instead
   */
  async removeUserAccount(userUid: string) {
    const user = await this.userService.findUserById(userUid);
@@ -347,10 +427,73 @@ export class AdminService {
    return E.right(delUser.right);
  }

+  /**
+   * Remove user (not Admin) accounts by UIDs
+   * @param userUIDs User UIDs
+   * @returns an Either of boolean or error
+   */
+  async removeUserAccounts(userUIDs: string[]) {
+    const userDeleteResult: UserDeletionResult[] = [];
+
+    // step 1: fetch all users
+    const allUsersList = await this.userService.findUsersByIds(userUIDs);
+    if (allUsersList.length === 0) return E.left(USERS_NOT_FOUND);
+
+    // step 2: admin user can not be deleted without removing admin status/role
+    allUsersList.forEach((user) => {
+      if (user.isAdmin) {
+        userDeleteResult.push({
+          userUID: user.uid,
+          isDeleted: false,
+          errorMessage: ADMIN_CAN_NOT_BE_DELETED,
+        });
+      }
+    });
+
+    const nonAdminUsers = allUsersList.filter((user) => !user.isAdmin);
+    let deletedUserEmails: string[] = [];
+
+    // step 3: delete non-admin users
+    const deletionPromises = nonAdminUsers.map((user) => {
+      return this.userService
+        .deleteUserByUID(user)()
+        .then((res) => {
+          if (E.isLeft(res)) {
+            return {
+              userUID: user.uid,
+              isDeleted: false,
+              errorMessage: res.left,
+            } as UserDeletionResult;
+          }
+
+          deletedUserEmails.push(user.email);
+          return {
+            userUID: user.uid,
+            isDeleted: true,
+            errorMessage: null,
+          } as UserDeletionResult;
+        });
+    });
+    const promiseResult = await Promise.allSettled(deletionPromises);
+
+    // step 4: revoke all the invites sent to the deleted users
+    await this.revokeUserInvitations(deletedUserEmails);
+
+    // step 5: return the result
+    promiseResult.forEach((result) => {
+      if (result.status === 'fulfilled') {
+        userDeleteResult.push(result.value);
+      }
+    });
+
+    return E.right(userDeleteResult);
+  }
+
  /**
   * Make a user an admin
   * @param userUid User UID
   * @returns an Either of boolean or error
+   * @deprecated use makeUsersAdmin instead
   */
  async makeUserAdmin(userUID: string) {
    const admin = await this.userService.makeAdmin(userUID);
@@ -358,10 +501,22 @@ export class AdminService {
    return E.right(true);
  }

+  /**
+   * Make users to admin
+   * @param userUid User UIDs
+   * @returns an Either of boolean or error
+   */
+  async makeUsersAdmin(userUIDs: string[]) {
+    const isUpdated = await this.userService.makeAdmins(userUIDs);
+    if (E.isLeft(isUpdated)) return E.left(isUpdated.left);
+    return E.right(true);
+  }
+
  /**
   * Remove user as admin
   * @param userUid User UID
   * @returns an Either of boolean or error
+   * @deprecated use demoteUsersByAdmin instead
   */
  async removeUserAsAdmin(userUID: string) {
    const adminUsers = await this.userService.fetchAdminUsers();
@@ -372,6 +527,26 @@ export class AdminService {
    return E.right(true);
  }

+  /**
+   * Remove users as admin
+   * @param userUIDs User UIDs
+   * @returns an Either of boolean or error
+   */
+  async demoteUsersByAdmin(userUIDs: string[]) {
+    const adminUsers = await this.userService.fetchAdminUsers();
+
+    const remainingAdmins = adminUsers.filter(
+      (adminUser) => !userUIDs.includes(adminUser.uid),
+    );
+    if (remainingAdmins.length < 1) {
+      return E.left(ONLY_ONE_ADMIN_ACCOUNT);
+    }
+
+    const isUpdated = await this.userService.removeUsersAsAdmin(userUIDs);
+    if (E.isLeft(isUpdated)) return E.left(isUpdated.left);
+    return E.right(isUpdated.right);
+  }
+
  /**
   * Fetch list of all the Users in org
   * @returns number of users in the org
--- a/packages/hoppscotch-backend/src/admin/guards/rest-admin.guard.ts
+++ b/packages/hoppscotch-backend/src/admin/guards/rest-admin.guard.ts
@@ -0,0 +1,11 @@
+import { Injectable, ExecutionContext, CanActivate } from '@nestjs/common';
+
+@Injectable()
+export class RESTAdminGuard implements CanActivate {
+  canActivate(context: ExecutionContext): boolean {
+    const request = context.switchToHttp().getRequest();
+    const user = request.user;
+
+    return user.isAdmin;
+  }
+}
--- a/packages/hoppscotch-backend/src/admin/infra.resolver.ts
+++ b/packages/hoppscotch-backend/src/admin/infra.resolver.ts
@@ -1,5 +1,12 @@
 import { UseGuards } from '@nestjs/common';
-import { Args, ID, Query, ResolveField, Resolver } from '@nestjs/graphql';
+import {
+  Args,
+  ID,
+  Mutation,
+  Query,
+  ResolveField,
+  Resolver,
+} from '@nestjs/graphql';
 import { GqlThrottlerGuard } from 'src/guards/gql-throttler.guard';
 import { Infra } from './infra.model';
 import { AdminService } from './admin.service';
@@ -10,17 +17,31 @@ import { AuthUser } from 'src/types/AuthUser';
 import { throwErr } from 'src/utils';
 import * as E from 'fp-ts/Either';
 import { Admin } from './admin.model';
-import { PaginationArgs } from 'src/types/input-types.args';
+import {
+  OffsetPaginationArgs,
+  PaginationArgs,
+} from 'src/types/input-types.args';
 import { InvitedUser } from './invited-user.model';
 import { Team } from 'src/team/team.model';
 import { TeamInvitation } from 'src/team-invitation/team-invitation.model';
 import { GqlAdmin } from './decorators/gql-admin.decorator';
 import { ShortcodeWithUserEmail } from 'src/shortcode/shortcode.model';
+import { InfraConfig } from 'src/infra-config/infra-config.model';
+import { InfraConfigService } from 'src/infra-config/infra-config.service';
+import {
+  EnableAndDisableSSOArgs,
+  InfraConfigArgs,
+} from 'src/infra-config/input-args';
+import { InfraConfigEnum } from 'src/types/InfraConfig';
+import { ServiceStatus } from 'src/infra-config/helper';

@UseGuards(GqlThrottlerGuard)
@Resolver(() => Infra)
 export class InfraResolver {
-  constructor(private adminService: AdminService) {}
+  constructor(
+    private adminService: AdminService,
+    private infraConfigService: InfraConfigService,
+  ) {}

  @Query(() => Infra, {
    description: 'Fetch details of the Infrastructure',
@@ -59,6 +80,7 @@ export class InfraResolver {

  @ResolveField(() => [User], {
    description: 'Returns a list of all the users in infra',
+    deprecationReason: 'Use allUsersV2 instead',
  })
  @UseGuards(GqlAuthGuard, GqlAdminGuard)
  async allUsers(@Args() args: PaginationArgs): Promise<AuthUser[]> {
@@ -66,11 +88,33 @@ export class InfraResolver {
    return users;
  }

+  @ResolveField(() => [User], {
+    description: 'Returns a list of all the users in infra',
+  })
+  @UseGuards(GqlAuthGuard, GqlAdminGuard)
+  async allUsersV2(
+    @Args({
+      name: 'searchString',
+      nullable: true,
+      description: 'Search on users displayName or email',
+    })
+    searchString: string,
+    @Args() paginationOption: OffsetPaginationArgs,
+  ): Promise<AuthUser[]> {
+    const users = await this.adminService.fetchUsersV2(
+      searchString,
+      paginationOption,
+    );
+    return users;
+  }
+
  @ResolveField(() => [InvitedUser], {
    description: 'Returns a list of all the invited users',
  })
-  async invitedUsers(): Promise<InvitedUser[]> {
-    const users = await this.adminService.fetchInvitedUsers();
+  async invitedUsers(
+    @Args() args: OffsetPaginationArgs,
+  ): Promise<InvitedUser[]> {
+    const users = await this.adminService.fetchInvitedUsers(args);
    return users;
  }

@@ -222,4 +266,97 @@ export class InfraResolver {
      userEmail,
    );
  }
+
+  @Query(() => [InfraConfig], {
+    description: 'Retrieve configuration details for the instance',
+  })
+  @UseGuards(GqlAuthGuard, GqlAdminGuard)
+  async infraConfigs(
+    @Args({
+      name: 'configNames',
+      type: () => [InfraConfigEnum],
+      description: 'Configs to fetch',
+    })
+    names: InfraConfigEnum[],
+  ) {
+    const infraConfigs = await this.infraConfigService.getMany(names);
+    if (E.isLeft(infraConfigs)) throwErr(infraConfigs.left);
+    return infraConfigs.right;
+  }
+
+  @Query(() => [String], {
+    description: 'Allowed Auth Provider list',
+  })
+  @UseGuards(GqlAuthGuard, GqlAdminGuard)
+  allowedAuthProviders() {
+    return this.infraConfigService.getAllowedAuthProviders();
+  }
+
+  /* Mutations */
+
+  @Mutation(() => [InfraConfig], {
+    description: 'Update Infra Configs',
+  })
+  @UseGuards(GqlAuthGuard, GqlAdminGuard)
+  async updateInfraConfigs(
+    @Args({
+      name: 'infraConfigs',
+      type: () => [InfraConfigArgs],
+      description: 'InfraConfigs to update',
+    })
+    infraConfigs: InfraConfigArgs[],
+  ) {
+    const updatedRes = await this.infraConfigService.updateMany(infraConfigs);
+    if (E.isLeft(updatedRes)) throwErr(updatedRes.left);
+    return updatedRes.right;
+  }
+
+  @Mutation(() => Boolean, {
+    description: 'Enable or disable analytics collection',
+  })
+  @UseGuards(GqlAuthGuard, GqlAdminGuard)
+  async toggleAnalyticsCollection(
+    @Args({
+      name: 'status',
+      type: () => ServiceStatus,
+      description: 'Toggle analytics collection',
+    })
+    analyticsCollectionStatus: ServiceStatus,
+  ) {
+    const res = await this.infraConfigService.toggleAnalyticsCollection(
+      analyticsCollectionStatus,
+    );
+    if (E.isLeft(res)) throwErr(res.left);
+    return res.right;
+  }
+
+  @Mutation(() => Boolean, {
+    description: 'Reset Infra Configs with default values (.env)',
+  })
+  @UseGuards(GqlAuthGuard, GqlAdminGuard)
+  async resetInfraConfigs() {
+    const resetRes = await this.infraConfigService.reset();
+    if (E.isLeft(resetRes)) throwErr(resetRes.left);
+    return true;
+  }
+
+  @Mutation(() => Boolean, {
+    description: 'Enable or Disable SSO for login/signup',
+  })
+  @UseGuards(GqlAuthGuard, GqlAdminGuard)
+  async enableAndDisableSSO(
+    @Args({
+      name: 'providerInfo',
+      type: () => [EnableAndDisableSSOArgs],
+      description: 'SSO provider and status',
+    })
+    providerInfo: EnableAndDisableSSOArgs[],
+  ) {
+    const isUpdated = await this.infraConfigService.enableAndDisableSSO(
+      providerInfo,
+    );
+    if (E.isLeft(isUpdated)) throwErr(isUpdated.left);
+
+    return true;
+  }
 }
--- a/packages/hoppscotch-backend/src/app.module.ts
+++ b/packages/hoppscotch-backend/src/app.module.ts
@@ -20,51 +20,73 @@ import { ShortcodeModule } from './shortcode/shortcode.module';
 import { COOKIES_NOT_FOUND } from './errors';
 import { ThrottlerModule } from '@nestjs/throttler';
 import { AppController } from './app.controller';
+import { ConfigModule, ConfigService } from '@nestjs/config';
+import { InfraConfigModule } from './infra-config/infra-config.module';
+import { loadInfraConfiguration } from './infra-config/helper';
+import { MailerModule } from './mailer/mailer.module';
+import { PosthogModule } from './posthog/posthog.module';
+import { ScheduleModule } from '@nestjs/schedule';
+import { HealthModule } from './health/health.module';
+import { AccessTokenModule } from './access-token/access-token.module';

@Module({
  imports: [
-    GraphQLModule.forRoot<ApolloDriverConfig>({
-      buildSchemaOptions: {
-        numberScalarMode: 'integer',
-      },
-      playground: process.env.PRODUCTION !== 'true',
-      autoSchemaFile: true,
-      installSubscriptionHandlers: true,
-      subscriptions: {
-        'subscriptions-transport-ws': {
-          path: '/graphql',
-          onConnect: (_, websocket) => {
-            try {
-              const cookies = subscriptionContextCookieParser(
-                websocket.upgradeReq.headers.cookie,
-              );
-
-              return {
-                headers: { ...websocket?.upgradeReq?.headers, cookies },
-              };
-            } catch (error) {
-              throw new HttpException(COOKIES_NOT_FOUND, 400, {
-                cause: new Error(COOKIES_NOT_FOUND),
-              });
-            }
-          },
-        },
-      },
-      context: ({ req, res, connection }) => ({
-        req,
-        res,
-        connection,
-      }),
-      driver: ApolloDriver,
+    ConfigModule.forRoot({
+      isGlobal: true,
+      load: [async () => loadInfraConfiguration()],
    }),
-    ThrottlerModule.forRoot([
-      {
-        ttl: +process.env.RATE_LIMIT_TTL,
-        limit: +process.env.RATE_LIMIT_MAX,
+    GraphQLModule.forRootAsync<ApolloDriverConfig>({
+      driver: ApolloDriver,
+      imports: [ConfigModule],
+      inject: [ConfigService],
+      useFactory: async (configService: ConfigService) => {
+        return {
+          buildSchemaOptions: {
+            numberScalarMode: 'integer',
+          },
+          playground: configService.get('PRODUCTION') !== 'true',
+          autoSchemaFile: true,
+          installSubscriptionHandlers: true,
+          subscriptions: {
+            'subscriptions-transport-ws': {
+              path: '/graphql',
+              onConnect: (_, websocket) => {
+                try {
+                  const cookies = subscriptionContextCookieParser(
+                    websocket.upgradeReq.headers.cookie,
+                  );
+                  return {
+                    headers: { ...websocket?.upgradeReq?.headers, cookies },
+                  };
+                } catch (error) {
+                  throw new HttpException(COOKIES_NOT_FOUND, 400, {
+                    cause: new Error(COOKIES_NOT_FOUND),
+                  });
+                }
+              },
+            },
+          },
+          context: ({ req, res, connection }) => ({
+            req,
+            res,
+            connection,
+          }),
+        };
      },
-    ]),
+    }),
+    ThrottlerModule.forRootAsync({
+      imports: [ConfigModule],
+      inject: [ConfigService],
+      useFactory: async (configService: ConfigService) => [
+        {
+          ttl: +configService.get('RATE_LIMIT_TTL'),
+          limit: +configService.get('RATE_LIMIT_MAX'),
+        },
+      ],
+    }),
+    MailerModule.register(),
    UserModule,
-    AuthModule,
+    AuthModule.register(),
    AdminModule,
    UserSettingsModule,
    UserEnvironmentsModule,
@@ -77,6 +99,11 @@ import { AppController } from './app.controller';
    TeamInvitationModule,
    UserCollectionModule,
    ShortcodeModule,
+    InfraConfigModule,
+    PosthogModule,
+    ScheduleModule.forRoot(),
+    HealthModule,
+    AccessTokenModule,
  ],
  providers: [GQLComplexityPlugin],
  controllers: [AppController],
--- a/packages/hoppscotch-backend/src/auth/auth.controller.ts
+++ b/packages/hoppscotch-backend/src/auth/auth.controller.ts
@@ -2,12 +2,12 @@ import {
  Body,
  Controller,
  Get,
-  InternalServerErrorException,
  Post,
  Query,
  Request,
  Res,
  UseGuards,
+  UseInterceptors,
 } from '@nestjs/common';
 import { AuthService } from './auth.service';
 import { SignInMagicDto } from './dto/signin-magic.dto';
@@ -19,23 +19,30 @@ import { JwtAuthGuard } from './guards/jwt-auth.guard';
 import { GqlUser } from 'src/decorators/gql-user.decorator';
 import { AuthUser } from 'src/types/AuthUser';
 import { RTCookie } from 'src/decorators/rt-cookie.decorator';
-import {
-  AuthProvider,
-  authCookieHandler,
-  authProviderCheck,
-  throwHTTPErr,
-} from './helper';
+import { AuthProvider, authCookieHandler, authProviderCheck } from './helper';
 import { GoogleSSOGuard } from './guards/google-sso.guard';
 import { GithubSSOGuard } from './guards/github-sso.guard';
 import { MicrosoftSSOGuard } from './guards/microsoft-sso-.guard';
 import { ThrottlerBehindProxyGuard } from 'src/guards/throttler-behind-proxy.guard';
 import { SkipThrottle } from '@nestjs/throttler';
 import { AUTH_PROVIDER_NOT_SPECIFIED } from 'src/errors';
+import { ConfigService } from '@nestjs/config';
+import { throwHTTPErr } from 'src/utils';
+import { UserLastLoginInterceptor } from 'src/interceptors/user-last-login.interceptor';

@UseGuards(ThrottlerBehindProxyGuard)
@Controller({ path: 'auth', version: '1' })
 export class AuthController {
-  constructor(private authService: AuthService) {}
+  constructor(
+    private authService: AuthService,
+    private configService: ConfigService,
+  ) {}
+
+  @Get('providers')
+  async getAuthProviders() {
+    const providers = await this.authService.getAuthProviders();
+    return { providers };
+  }

  /**
   ** Route to initiate magic-link auth for a users email
@@ -45,8 +52,14 @@ export class AuthController {
    @Body() authData: SignInMagicDto,
    @Query('origin') origin: string,
  ) {
-    if (!authProviderCheck(AuthProvider.EMAIL))
+    if (
+      !authProviderCheck(
+        AuthProvider.EMAIL,
+        this.configService.get('INFRA.VITE_ALLOWED_AUTH_PROVIDERS'),
+      )
+    ) {
      throwHTTPErr({ message: AUTH_PROVIDER_NOT_SPECIFIED, statusCode: 404 });
+    }

    const deviceIdToken = await this.authService.signInMagicLink(
      authData.email,
@@ -99,6 +112,7 @@ export class AuthController {
  @Get('google/callback')
  @SkipThrottle()
  @UseGuards(GoogleSSOGuard)
+  @UseInterceptors(UserLastLoginInterceptor)
  async googleAuthRedirect(@Request() req, @Res() res) {
    const authTokens = await this.authService.generateAuthTokens(req.user.uid);
    if (E.isLeft(authTokens)) throwHTTPErr(authTokens.left);
@@ -124,6 +138,7 @@ export class AuthController {
  @Get('github/callback')
  @SkipThrottle()
  @UseGuards(GithubSSOGuard)
+  @UseInterceptors(UserLastLoginInterceptor)
  async githubAuthRedirect(@Request() req, @Res() res) {
    const authTokens = await this.authService.generateAuthTokens(req.user.uid);
    if (E.isLeft(authTokens)) throwHTTPErr(authTokens.left);
@@ -149,6 +164,7 @@ export class AuthController {
  @Get('microsoft/callback')
  @SkipThrottle()
  @UseGuards(MicrosoftSSOGuard)
+  @UseInterceptors(UserLastLoginInterceptor)
  async microsoftAuthRedirect(@Request() req, @Res() res) {
    const authTokens = await this.authService.generateAuthTokens(req.user.uid);
    if (E.isLeft(authTokens)) throwHTTPErr(authTokens.left);
--- a/packages/hoppscotch-backend/src/auth/auth.module.ts
+++ b/packages/hoppscotch-backend/src/auth/auth.module.ts
@@ -2,7 +2,6 @@ import { Module } from '@nestjs/common';
 import { AuthService } from './auth.service';
 import { AuthController } from './auth.controller';
 import { UserModule } from 'src/user/user.module';
-import { MailerModule } from 'src/mailer/mailer.module';
 import { PrismaModule } from 'src/prisma/prisma.module';
 import { PassportModule } from '@nestjs/passport';
 import { JwtModule } from '@nestjs/jwt';
@@ -12,25 +11,55 @@ import { GoogleStrategy } from './strategies/google.strategy';
 import { GithubStrategy } from './strategies/github.strategy';
 import { MicrosoftStrategy } from './strategies/microsoft.strategy';
 import { AuthProvider, authProviderCheck } from './helper';
+import { ConfigModule, ConfigService } from '@nestjs/config';
+import {
+  isInfraConfigTablePopulated,
+  loadInfraConfiguration,
+} from 'src/infra-config/helper';
+import { InfraConfigModule } from 'src/infra-config/infra-config.module';

@Module({
  imports: [
    PrismaModule,
    UserModule,
-    MailerModule,
    PassportModule,
-    JwtModule.register({
-      secret: process.env.JWT_SECRET,
+    JwtModule.registerAsync({
+      imports: [ConfigModule],
+      inject: [ConfigService],
+      useFactory: async (configService: ConfigService) => ({
+        secret: configService.get('JWT_SECRET'),
+      }),
    }),
+    InfraConfigModule,
  ],
-  providers: [
-    AuthService,
-    JwtStrategy,
-    RTJwtStrategy,
-    ...(authProviderCheck(AuthProvider.GOOGLE) ? [GoogleStrategy] : []),
-    ...(authProviderCheck(AuthProvider.GITHUB) ? [GithubStrategy] : []),
-    ...(authProviderCheck(AuthProvider.MICROSOFT) ? [MicrosoftStrategy] : []),
-  ],
+  providers: [AuthService, JwtStrategy, RTJwtStrategy],
  controllers: [AuthController],
 })
-export class AuthModule {}
+export class AuthModule {
+  static async register() {
+    const isInfraConfigPopulated = await isInfraConfigTablePopulated();
+    if (!isInfraConfigPopulated) {
+      return { module: AuthModule };
+    }
+
+    const env = await loadInfraConfiguration();
+    const allowedAuthProviders = env.INFRA.VITE_ALLOWED_AUTH_PROVIDERS;
+
+    const providers = [
+      ...(authProviderCheck(AuthProvider.GOOGLE, allowedAuthProviders)
+        ? [GoogleStrategy]
+        : []),
+      ...(authProviderCheck(AuthProvider.GITHUB, allowedAuthProviders)
+        ? [GithubStrategy]
+        : []),
+      ...(authProviderCheck(AuthProvider.MICROSOFT, allowedAuthProviders)
+        ? [MicrosoftStrategy]
+        : []),
+    ];
+
+    return {
+      module: AuthModule,
+      providers,
+    };
+  }
+}
--- a/packages/hoppscotch-backend/src/auth/auth.service.spec.ts
+++ b/packages/hoppscotch-backend/src/auth/auth.service.spec.ts
@@ -21,15 +21,26 @@ import { VerifyMagicDto } from './dto/verify-magic.dto';
 import { DateTime } from 'luxon';
 import * as argon2 from 'argon2';
 import * as E from 'fp-ts/Either';
+import { ConfigService } from '@nestjs/config';
+import { InfraConfigService } from 'src/infra-config/infra-config.service';

 const mockPrisma = mockDeep<PrismaService>();
 const mockUser = mockDeep<UserService>();
 const mockJWT = mockDeep<JwtService>();
 const mockMailer = mockDeep<MailerService>();
+const mockConfigService = mockDeep<ConfigService>();
+const mockInfraConfigService = mockDeep<InfraConfigService>();

 // eslint-disable-next-line @typescript-eslint/ban-ts-comment
 // @ts-ignore
-const authService = new AuthService(mockUser, mockPrisma, mockJWT, mockMailer);
+const authService = new AuthService(
+  mockUser,
+  mockPrisma,
+  mockJWT,
+  mockMailer,
+  mockConfigService,
+  mockInfraConfigService,
+);

 const currentTime = new Date();

@@ -40,6 +51,7 @@ const user: AuthUser = {
  photoURL: 'https://en.wikipedia.org/wiki/Dwight_Schrute',
  isAdmin: false,
  refreshToken: 'hbfvdkhjbvkdvdfjvbnkhjb',
+  lastLoggedOn: currentTime,
  createdOn: currentTime,
  currentGQLSession: {},
  currentRESTSession: {},
@@ -91,6 +103,8 @@ describe('signInMagicLink', () => {
    mockUser.createUserViaMagicLink.mockResolvedValue(user);
    // create new entry in VerificationToken table
    mockPrisma.verificationToken.create.mockResolvedValueOnce(passwordlessData);
+    // Read env variable 'MAGIC_LINK_TOKEN_VALIDITY' from config service
+    mockConfigService.get.mockReturnValue('3');

    const result = await authService.signInMagicLink(
      'dwight@dundermifflin.com',
@@ -159,9 +173,11 @@ describe('verifyMagicLinkTokens', () => {
    // generateAuthTokens
    mockJWT.sign.mockReturnValue(user.refreshToken);
    // UpdateUserRefreshToken
-    mockUser.UpdateUserRefreshToken.mockResolvedValueOnce(E.right(user));
+    mockUser.updateUserRefreshToken.mockResolvedValueOnce(E.right(user));
    // deletePasswordlessVerificationToken
    mockPrisma.verificationToken.delete.mockResolvedValueOnce(passwordlessData);
+    // usersService.updateUserLastLoggedOn
+    mockUser.updateUserLastLoggedOn.mockResolvedValue(E.right(true));

    const result = await authService.verifyMagicLinkTokens(magicLinkVerify);
    expect(result).toEqualRight({
@@ -184,9 +200,11 @@ describe('verifyMagicLinkTokens', () => {
    // generateAuthTokens
    mockJWT.sign.mockReturnValue(user.refreshToken);
    // UpdateUserRefreshToken
-    mockUser.UpdateUserRefreshToken.mockResolvedValueOnce(E.right(user));
+    mockUser.updateUserRefreshToken.mockResolvedValueOnce(E.right(user));
    // deletePasswordlessVerificationToken
    mockPrisma.verificationToken.delete.mockResolvedValueOnce(passwordlessData);
+    // usersService.updateUserLastLoggedOn
+    mockUser.updateUserLastLoggedOn.mockResolvedValue(E.right(true));

    const result = await authService.verifyMagicLinkTokens(magicLinkVerify);
    expect(result).toEqualRight({
@@ -226,7 +244,7 @@ describe('verifyMagicLinkTokens', () => {
    // generateAuthTokens
    mockJWT.sign.mockReturnValue(user.refreshToken);
    // UpdateUserRefreshToken
-    mockUser.UpdateUserRefreshToken.mockResolvedValueOnce(
+    mockUser.updateUserRefreshToken.mockResolvedValueOnce(
      E.left(USER_NOT_FOUND),
    );

@@ -251,7 +269,7 @@ describe('verifyMagicLinkTokens', () => {
    // generateAuthTokens
    mockJWT.sign.mockReturnValue(user.refreshToken);
    // UpdateUserRefreshToken
-    mockUser.UpdateUserRefreshToken.mockResolvedValueOnce(E.right(user));
+    mockUser.updateUserRefreshToken.mockResolvedValueOnce(E.right(user));
    // deletePasswordlessVerificationToken
    mockPrisma.verificationToken.delete.mockRejectedValueOnce('RecordNotFound');

@@ -267,7 +285,7 @@ describe('generateAuthTokens', () => {
  test('Should successfully generate tokens with valid inputs', async () => {
    mockJWT.sign.mockReturnValue(user.refreshToken);
    // UpdateUserRefreshToken
-    mockUser.UpdateUserRefreshToken.mockResolvedValueOnce(E.right(user));
+    mockUser.updateUserRefreshToken.mockResolvedValueOnce(E.right(user));

    const result = await authService.generateAuthTokens(user.uid);
    expect(result).toEqualRight({
@@ -279,7 +297,7 @@ describe('generateAuthTokens', () => {
  test('Should throw USER_NOT_FOUND when updating refresh tokens fails', async () => {
    mockJWT.sign.mockReturnValue(user.refreshToken);
    // UpdateUserRefreshToken
-    mockUser.UpdateUserRefreshToken.mockResolvedValueOnce(
+    mockUser.updateUserRefreshToken.mockResolvedValueOnce(
      E.left(USER_NOT_FOUND),
    );

@@ -306,7 +324,7 @@ describe('refreshAuthTokens', () => {
    // generateAuthTokens
    mockJWT.sign.mockReturnValue(user.refreshToken);
    // UpdateUserRefreshToken
-    mockUser.UpdateUserRefreshToken.mockResolvedValueOnce(
+    mockUser.updateUserRefreshToken.mockResolvedValueOnce(
      E.left(USER_NOT_FOUND),
    );

@@ -335,7 +353,7 @@ describe('refreshAuthTokens', () => {
    // generateAuthTokens
    mockJWT.sign.mockReturnValue('sdhjcbjsdhcbshjdcb');
    // UpdateUserRefreshToken
-    mockUser.UpdateUserRefreshToken.mockResolvedValueOnce(
+    mockUser.updateUserRefreshToken.mockResolvedValueOnce(
      E.right({
        ...user,
        refreshToken: 'sdhjcbjsdhcbshjdcb',
--- a/packages/hoppscotch-backend/src/auth/auth.service.ts
+++ b/packages/hoppscotch-backend/src/auth/auth.service.ts
@@ -24,10 +24,12 @@ import {
  RefreshTokenPayload,
 } from 'src/types/AuthTokens';
 import { JwtService } from '@nestjs/jwt';
-import { AuthError } from 'src/types/AuthError';
+import { RESTError } from 'src/types/RESTError';
 import { AuthUser, IsAdmin } from 'src/types/AuthUser';
 import { VerificationToken } from '@prisma/client';
 import { Origin } from './helper';
+import { ConfigService } from '@nestjs/config';
+import { InfraConfigService } from 'src/infra-config/infra-config.service';

@Injectable()
 export class AuthService {
@@ -36,6 +38,8 @@ export class AuthService {
    private prismaService: PrismaService,
    private jwtService: JwtService,
    private readonly mailerService: MailerService,
+    private readonly configService: ConfigService,
+    private infraConfigService: InfraConfigService,
  ) {}

  /**
@@ -46,10 +50,12 @@ export class AuthService {
   */
  private async generateMagicLinkTokens(user: AuthUser) {
    const salt = await bcrypt.genSalt(
-      parseInt(process.env.TOKEN_SALT_COMPLEXITY),
+      parseInt(this.configService.get('TOKEN_SALT_COMPLEXITY')),
    );
    const expiresOn = DateTime.now()
-      .plus({ hours: parseInt(process.env.MAGIC_LINK_TOKEN_VALIDITY) })
+      .plus({
+        hours: parseInt(this.configService.get('MAGIC_LINK_TOKEN_VALIDITY')),
+      })
      .toISO()
      .toString();

@@ -95,23 +101,23 @@ export class AuthService {
   */
  private async generateRefreshToken(userUid: string) {
    const refreshTokenPayload: RefreshTokenPayload = {
-      iss: process.env.VITE_BASE_URL,
+      iss: this.configService.get('VITE_BASE_URL'),
      sub: userUid,
-      aud: [process.env.VITE_BASE_URL],
+      aud: [this.configService.get('VITE_BASE_URL')],
    };

    const refreshToken = await this.jwtService.sign(refreshTokenPayload, {
-      expiresIn: process.env.REFRESH_TOKEN_VALIDITY, //7 Days
+      expiresIn: this.configService.get('REFRESH_TOKEN_VALIDITY'), //7 Days
    });

    const refreshTokenHash = await argon2.hash(refreshToken);

-    const updatedUser = await this.usersService.UpdateUserRefreshToken(
+    const updatedUser = await this.usersService.updateUserRefreshToken(
      refreshTokenHash,
      userUid,
    );
    if (E.isLeft(updatedUser))
-      return E.left(<AuthError>{
+      return E.left(<RESTError>{
        message: updatedUser.left,
        statusCode: HttpStatus.NOT_FOUND,
      });
@@ -127,9 +133,9 @@ export class AuthService {
   */
  async generateAuthTokens(userUid: string) {
    const accessTokenPayload: AccessTokenPayload = {
-      iss: process.env.VITE_BASE_URL,
+      iss: this.configService.get('VITE_BASE_URL'),
      sub: userUid,
-      aud: [process.env.VITE_BASE_URL],
+      aud: [this.configService.get('VITE_BASE_URL')],
    };

    const refreshToken = await this.generateRefreshToken(userUid);
@@ -137,7 +143,7 @@ export class AuthService {

    return E.right(<AuthTokens>{
      access_token: await this.jwtService.sign(accessTokenPayload, {
-        expiresIn: process.env.ACCESS_TOKEN_VALIDITY, //1 Day
+        expiresIn: this.configService.get('ACCESS_TOKEN_VALIDITY'), //1 Day
      }),
      refresh_token: refreshToken.right,
    });
@@ -218,14 +224,14 @@ export class AuthService {
    let url: string;
    switch (origin) {
      case Origin.ADMIN:
-        url = process.env.VITE_ADMIN_URL;
+        url = this.configService.get('VITE_ADMIN_URL');
        break;
      case Origin.APP:
-        url = process.env.VITE_BASE_URL;
+        url = this.configService.get('VITE_BASE_URL');
        break;
      default:
        // if origin is invalid by default set URL to Hoppscotch-App
-        url = process.env.VITE_BASE_URL;
+        url = this.configService.get('VITE_BASE_URL');
    }

    await this.mailerService.sendEmail(email, {
@@ -249,7 +255,7 @@ export class AuthService {
   */
  async verifyMagicLinkTokens(
    magicLinkIDTokens: VerifyMagicDto,
-  ): Promise<E.Right<AuthTokens> | E.Left<AuthError>> {
+  ): Promise<E.Right<AuthTokens> | E.Left<RESTError>> {
    const passwordlessTokens = await this.validatePasswordlessTokens(
      magicLinkIDTokens,
    );
@@ -314,6 +320,8 @@ export class AuthService {
        statusCode: HttpStatus.NOT_FOUND,
      });

+    this.usersService.updateUserLastLoggedOn(passwordlessTokens.value.userUid);
+
    return E.right(tokens.right);
  }

@@ -367,7 +375,7 @@ export class AuthService {
    if (usersCount === 1) {
      const elevatedUser = await this.usersService.makeAdmin(user.uid);
      if (E.isLeft(elevatedUser))
-        return E.left(<AuthError>{
+        return E.left(<RESTError>{
          message: elevatedUser.left,
          statusCode: HttpStatus.NOT_FOUND,
        });
@@ -377,4 +385,8 @@ export class AuthService {

    return E.right(<IsAdmin>{ isAdmin: false });
  }
+
+  getAuthProviders() {
+    return this.infraConfigService.getAllowedAuthProviders();
+  }
 }
--- a/packages/hoppscotch-backend/src/auth/guards/github-sso.guard.ts
+++ b/packages/hoppscotch-backend/src/auth/guards/github-sso.guard.ts
@@ -1,16 +1,28 @@
 import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
-import { AuthProvider, authProviderCheck, throwHTTPErr } from '../helper';
+import { AuthProvider, authProviderCheck } from '../helper';
 import { Observable } from 'rxjs';
 import { AUTH_PROVIDER_NOT_SPECIFIED } from 'src/errors';
+import { ConfigService } from '@nestjs/config';
+import { throwHTTPErr } from 'src/utils';

@Injectable()
 export class GithubSSOGuard extends AuthGuard('github') implements CanActivate {
+  constructor(private readonly configService: ConfigService) {
+    super();
+  }
+
  canActivate(
    context: ExecutionContext,
  ): boolean | Promise<boolean> | Observable<boolean> {
-    if (!authProviderCheck(AuthProvider.GITHUB))
+    if (
+      !authProviderCheck(
+        AuthProvider.GITHUB,
+        this.configService.get('INFRA.VITE_ALLOWED_AUTH_PROVIDERS'),
+      )
+    ) {
      throwHTTPErr({ message: AUTH_PROVIDER_NOT_SPECIFIED, statusCode: 404 });
+    }

    return super.canActivate(context);
  }
--- a/packages/hoppscotch-backend/src/auth/guards/google-sso.guard.ts
+++ b/packages/hoppscotch-backend/src/auth/guards/google-sso.guard.ts
@@ -1,16 +1,28 @@
 import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
-import { AuthProvider, authProviderCheck, throwHTTPErr } from '../helper';
+import { AuthProvider, authProviderCheck } from '../helper';
 import { Observable } from 'rxjs';
 import { AUTH_PROVIDER_NOT_SPECIFIED } from 'src/errors';
+import { ConfigService } from '@nestjs/config';
+import { throwHTTPErr } from 'src/utils';

@Injectable()
 export class GoogleSSOGuard extends AuthGuard('google') implements CanActivate {
+  constructor(private readonly configService: ConfigService) {
+    super();
+  }
+
  canActivate(
    context: ExecutionContext,
  ): boolean | Promise<boolean> | Observable<boolean> {
-    if (!authProviderCheck(AuthProvider.GOOGLE))
+    if (
+      !authProviderCheck(
+        AuthProvider.GOOGLE,
+        this.configService.get('INFRA.VITE_ALLOWED_AUTH_PROVIDERS'),
+      )
+    ) {
      throwHTTPErr({ message: AUTH_PROVIDER_NOT_SPECIFIED, statusCode: 404 });
+    }

    return super.canActivate(context);
  }
--- a/packages/hoppscotch-backend/src/auth/guards/microsoft-sso-.guard.ts
+++ b/packages/hoppscotch-backend/src/auth/guards/microsoft-sso-.guard.ts
@@ -1,22 +1,34 @@
 import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
-import { AuthProvider, authProviderCheck, throwHTTPErr } from '../helper';
+import { AuthProvider, authProviderCheck } from '../helper';
 import { Observable } from 'rxjs';
 import { AUTH_PROVIDER_NOT_SPECIFIED } from 'src/errors';
+import { ConfigService } from '@nestjs/config';
+import { throwHTTPErr } from 'src/utils';

@Injectable()
 export class MicrosoftSSOGuard
  extends AuthGuard('microsoft')
  implements CanActivate
 {
+  constructor(private readonly configService: ConfigService) {
+    super();
+  }
+
  canActivate(
    context: ExecutionContext,
  ): boolean | Promise<boolean> | Observable<boolean> {
-    if (!authProviderCheck(AuthProvider.MICROSOFT))
+    if (
+      !authProviderCheck(
+        AuthProvider.MICROSOFT,
+        this.configService.get('INFRA.VITE_ALLOWED_AUTH_PROVIDERS'),
+      )
+    ) {
      throwHTTPErr({
        message: AUTH_PROVIDER_NOT_SPECIFIED,
        statusCode: 404,
      });
+    }

    return super.canActivate(context);
  }
--- a/packages/hoppscotch-backend/src/auth/helper.ts
+++ b/packages/hoppscotch-backend/src/auth/helper.ts
@@ -1,11 +1,11 @@
 import { HttpException, HttpStatus } from '@nestjs/common';
 import { DateTime } from 'luxon';
-import { AuthError } from 'src/types/AuthError';
 import { AuthTokens } from 'src/types/AuthTokens';
 import { Response } from 'express';
 import * as cookie from 'cookie';
 import { AUTH_PROVIDER_NOT_SPECIFIED, COOKIES_NOT_FOUND } from 'src/errors';
 import { throwErr } from 'src/utils';
+import { ConfigService } from '@nestjs/config';

 enum AuthTokenType {
  ACCESS_TOKEN = 'access_token',
@@ -24,15 +24,6 @@ export enum AuthProvider {
  EMAIL = 'EMAIL',
 }

-/**
- * This function allows throw to be used as an expression
- * @param errMessage Message present in the error message
- */
-export function throwHTTPErr(errorData: AuthError): never {
-  const { message, statusCode } = errorData;
-  throw new HttpException(message, statusCode);
-}
-
 /**
 * Sets and returns the cookies in the response object on successful authentication
 * @param res Express Response Object
@@ -45,15 +36,17 @@ export const authCookieHandler = (
  redirect: boolean,
  redirectUrl: string | null,
 ) => {
+  const configService = new ConfigService();
+
  const currentTime = DateTime.now();
  const accessTokenValidity = currentTime
    .plus({
-      milliseconds: parseInt(process.env.ACCESS_TOKEN_VALIDITY),
+      milliseconds: parseInt(configService.get('ACCESS_TOKEN_VALIDITY')),
    })
    .toMillis();
  const refreshTokenValidity = currentTime
    .plus({
-      milliseconds: parseInt(process.env.REFRESH_TOKEN_VALIDITY),
+      milliseconds: parseInt(configService.get('REFRESH_TOKEN_VALIDITY')),
    })
    .toMillis();

@@ -75,10 +68,12 @@ export const authCookieHandler = (
  }

  // check to see if redirectUrl is a whitelisted url
-  const whitelistedOrigins = process.env.WHITELISTED_ORIGINS.split(',');
+  const whitelistedOrigins = configService
+    .get('WHITELISTED_ORIGINS')
+    .split(',');
  if (!whitelistedOrigins.includes(redirectUrl))
    // if it is not redirect by default to REDIRECT_URL
-    redirectUrl = process.env.REDIRECT_URL;
+    redirectUrl = configService.get('REDIRECT_URL');

  return res.status(HttpStatus.OK).redirect(redirectUrl);
 };
@@ -112,13 +107,16 @@ export const subscriptionContextCookieParser = (rawCookies: string) => {
 * @param provider Provider we want to check the presence of
 * @returns Boolean if provider specified is present or not
 */
-export function authProviderCheck(provider: string) {
+export function authProviderCheck(
+  provider: string,
+  VITE_ALLOWED_AUTH_PROVIDERS: string,
+) {
  if (!provider) {
    throwErr(AUTH_PROVIDER_NOT_SPECIFIED);
  }

-  const envVariables = process.env.VITE_ALLOWED_AUTH_PROVIDERS
-    ? process.env.VITE_ALLOWED_AUTH_PROVIDERS.split(',').map((provider) =>
+  const envVariables = VITE_ALLOWED_AUTH_PROVIDERS
+    ? VITE_ALLOWED_AUTH_PROVIDERS.split(',').map((provider) =>
        provider.trim().toUpperCase(),
      )
    : [];
--- a/packages/hoppscotch-backend/src/auth/strategies/github.strategy.ts
+++ b/packages/hoppscotch-backend/src/auth/strategies/github.strategy.ts
@@ -5,18 +5,20 @@ import { AuthService } from '../auth.service';
 import { UserService } from 'src/user/user.service';
 import * as O from 'fp-ts/Option';
 import * as E from 'fp-ts/Either';
+import { ConfigService } from '@nestjs/config';

@Injectable()
 export class GithubStrategy extends PassportStrategy(Strategy) {
  constructor(
    private authService: AuthService,
    private usersService: UserService,
+    private configService: ConfigService,
  ) {
    super({
-      clientID: process.env.GITHUB_CLIENT_ID,
-      clientSecret: process.env.GITHUB_CLIENT_SECRET,
-      callbackURL: process.env.GITHUB_CALLBACK_URL,
-      scope: [process.env.GITHUB_SCOPE],
+      clientID: configService.get('INFRA.GITHUB_CLIENT_ID'),
+      clientSecret: configService.get('INFRA.GITHUB_CLIENT_SECRET'),
+      callbackURL: configService.get('INFRA.GITHUB_CALLBACK_URL'),
+      scope: [configService.get('INFRA.GITHUB_SCOPE')],
      store: true,
    });
  }
--- a/packages/hoppscotch-backend/src/auth/strategies/google.strategy.ts
+++ b/packages/hoppscotch-backend/src/auth/strategies/google.strategy.ts
@@ -5,18 +5,20 @@ import { UserService } from 'src/user/user.service';
 import * as O from 'fp-ts/Option';
 import { AuthService } from '../auth.service';
 import * as E from 'fp-ts/Either';
+import { ConfigService } from '@nestjs/config';

@Injectable()
 export class GoogleStrategy extends PassportStrategy(Strategy) {
  constructor(
    private usersService: UserService,
    private authService: AuthService,
+    private configService: ConfigService,
  ) {
    super({
-      clientID: process.env.GOOGLE_CLIENT_ID,
-      clientSecret: process.env.GOOGLE_CLIENT_SECRET,
-      callbackURL: process.env.GOOGLE_CALLBACK_URL,
-      scope: process.env.GOOGLE_SCOPE.split(','),
+      clientID: configService.get('INFRA.GOOGLE_CLIENT_ID'),
+      clientSecret: configService.get('INFRA.GOOGLE_CLIENT_SECRET'),
+      callbackURL: configService.get('INFRA.GOOGLE_CALLBACK_URL'),
+      scope: configService.get('INFRA.GOOGLE_SCOPE').split(','),
      passReqToCallback: true,
      store: true,
    });
--- a/packages/hoppscotch-backend/src/auth/strategies/jwt.strategy.ts
+++ b/packages/hoppscotch-backend/src/auth/strategies/jwt.strategy.ts
@@ -15,10 +15,14 @@ import {
  INVALID_ACCESS_TOKEN,
  USER_NOT_FOUND,
 } from 'src/errors';
+import { ConfigService } from '@nestjs/config';

@Injectable()
 export class JwtStrategy extends PassportStrategy(Strategy, 'jwt') {
-  constructor(private usersService: UserService) {
+  constructor(
+    private usersService: UserService,
+    private configService: ConfigService,
+  ) {
    super({
      jwtFromRequest: ExtractJwt.fromExtractors([
        (request: Request) => {
@@ -29,7 +33,7 @@ export class JwtStrategy extends PassportStrategy(Strategy, 'jwt') {
          return ATCookie;
        },
      ]),
-      secretOrKey: process.env.JWT_SECRET,
+      secretOrKey: configService.get('JWT_SECRET'),
    });
  }

--- a/packages/hoppscotch-backend/src/auth/strategies/microsoft.strategy.ts
+++ b/packages/hoppscotch-backend/src/auth/strategies/microsoft.strategy.ts
@@ -5,19 +5,21 @@ import { AuthService } from '../auth.service';
 import { UserService } from 'src/user/user.service';
 import * as O from 'fp-ts/Option';
 import * as E from 'fp-ts/Either';
+import { ConfigService } from '@nestjs/config';

@Injectable()
 export class MicrosoftStrategy extends PassportStrategy(Strategy) {
  constructor(
    private authService: AuthService,
    private usersService: UserService,
+    private configService: ConfigService,
  ) {
    super({
-      clientID: process.env.MICROSOFT_CLIENT_ID,
-      clientSecret: process.env.MICROSOFT_CLIENT_SECRET,
-      callbackURL: process.env.MICROSOFT_CALLBACK_URL,
-      scope: [process.env.MICROSOFT_SCOPE],
-      tenant: process.env.MICROSOFT_TENANT,
+      clientID: configService.get('INFRA.MICROSOFT_CLIENT_ID'),
+      clientSecret: configService.get('INFRA.MICROSOFT_CLIENT_SECRET'),
+      callbackURL: configService.get('INFRA.MICROSOFT_CALLBACK_URL'),
+      scope: [configService.get('INFRA.MICROSOFT_SCOPE')],
+      tenant: configService.get('INFRA.MICROSOFT_TENANT'),
      store: true,
    });
  }
--- a/packages/hoppscotch-backend/src/auth/strategies/rt-jwt.strategy.ts
+++ b/packages/hoppscotch-backend/src/auth/strategies/rt-jwt.strategy.ts
@@ -14,10 +14,14 @@ import {
  USER_NOT_FOUND,
 } from 'src/errors';
 import * as O from 'fp-ts/Option';
+import { ConfigService } from '@nestjs/config';

@Injectable()
 export class RTJwtStrategy extends PassportStrategy(Strategy, 'jwt-refresh') {
-  constructor(private usersService: UserService) {
+  constructor(
+    private usersService: UserService,
+    private configService: ConfigService,
+  ) {
    super({
      jwtFromRequest: ExtractJwt.fromExtractors([
        (request: Request) => {
@@ -28,7 +32,7 @@ export class RTJwtStrategy extends PassportStrategy(Strategy, 'jwt-refresh') {
          return RTCookie;
        },
      ]),
-      secretOrKey: process.env.JWT_SECRET,
+      secretOrKey: configService.get('JWT_SECRET'),
    });
  }

--- a/packages/hoppscotch-backend/src/errors.ts
+++ b/packages/hoppscotch-backend/src/errors.ts
@@ -10,6 +10,14 @@ export const DUPLICATE_EMAIL = 'email/both_emails_cannot_be_same' as const;
 export const ONLY_ONE_ADMIN_ACCOUNT =
  'admin/only_one_admin_account_found' as const;

+/**
+ * Admin user can not be deleted
+ * To delete the admin user, first make the Admin user a normal user
+ * (AdminService)
+ */
+export const ADMIN_CAN_NOT_BE_DELETED =
+  'admin/admin_can_not_be_deleted' as const;
+
 /**
 * Token Authorization failed (Check 'Authorization' Header)
 * (GqlAuthGuard)
@@ -28,6 +36,13 @@ export const JSON_INVALID = 'json_invalid';
 */
 export const AUTH_PROVIDER_NOT_SPECIFIED = 'auth/provider_not_specified';

+/**
+ * Auth Provider not specified
+ * (Auth)
+ */
+export const AUTH_PROVIDER_NOT_CONFIGURED =
+  'auth/provider_not_configured_correctly';
+
 /**
 * Environment variable "VITE_ALLOWED_AUTH_PROVIDERS" is not present in .env file
 */
@@ -69,6 +84,12 @@ export const USER_ALREADY_INVITED = 'admin/user_already_invited' as const;
 */
 export const USER_UPDATE_FAILED = 'user/update_failed' as const;

+/**
+ * User display name validation failure
+ * (UserService)
+ */
+export const USER_SHORT_DISPLAY_NAME = 'user/short_display_name' as const;
+
 /**
 * User deletion failure
 * (UserService)
@@ -92,6 +113,13 @@ export const USER_IS_OWNER = 'user/is_owner' as const;
 */
 export const USER_IS_ADMIN = 'user/is_admin' as const;

+/**
+ * User invite deletion failure error due to invitation not found
+ * (AdminService)
+ */
+export const USER_INVITATION_DELETION_FAILED =
+  'user/invitation_deletion_failed' as const;
+
 /**
 * Teams not found
 * (TeamsService)
@@ -206,6 +234,12 @@ export const TEAM_COL_NOT_SAME_PARENT =
 export const TEAM_COL_SAME_NEXT_COLL =
  'team_coll/collection_and_next_collection_are_same';

+/**
+ * Team Collection search failed
+ * (TeamCollectionService)
+ */
+export const TEAM_COL_SEARCH_FAILED = 'team_coll/team_collection_search_failed';
+
 /**
 * Team Collection Re-Ordering Failed
 * (TeamCollectionService)
@@ -261,6 +295,13 @@ export const TEAM_NOT_OWNER = 'team_coll/team_not_owner' as const;
 export const TEAM_COLL_DATA_INVALID =
  'team_coll/team_coll_data_invalid' as const;

+/**
+ * Team Collection parent tree generation failed
+ * (TeamCollectionService)
+ */
+export const TEAM_COLL_PARENT_TREE_GEN_FAILED =
+  'team_coll/team_coll_parent_tree_generation_failed';
+
 /**
 * Tried to perform an action on a request that doesn't accept their member role level
 * (GqlRequestTeamMemberGuard)
@@ -286,6 +327,19 @@ export const TEAM_REQ_INVALID_TARGET_COLL_ID =
 */
 export const TEAM_REQ_REORDERING_FAILED = 'team_req/reordering_failed' as const;

+/**
+ * Team Request search failed
+ * (TeamRequestService)
+ */
+export const TEAM_REQ_SEARCH_FAILED = 'team_req/team_request_search_failed';
+
+/**
+ * Team Request parent tree generation failed
+ * (TeamRequestService)
+ */
+export const TEAM_REQ_PARENT_TREE_GEN_FAILED =
+  'team_req/team_req_parent_tree_generation_failed';
+
 /**
 * No Postmark Sender Email defined
 * (AuthService)
@@ -644,3 +698,102 @@ export const SHORTCODE_INVALID_PROPERTIES_JSON =
 */
 export const SHORTCODE_PROPERTIES_NOT_FOUND =
  'shortcode/properties_not_found' as const;
+
+/**
+ * Infra Config not found
+ * (InfraConfigService)
+ */
+export const INFRA_CONFIG_NOT_FOUND = 'infra_config/not_found' as const;
+
+/**
+ * Infra Config update failed
+ * (InfraConfigService)
+ */
+export const INFRA_CONFIG_UPDATE_FAILED = 'infra_config/update_failed' as const;
+
+/**
+ * Infra Config not listed for onModuleInit creation
+ * (InfraConfigService)
+ */
+export const INFRA_CONFIG_NOT_LISTED =
+  'infra_config/properly_not_listed' as const;
+
+/**
+ * Infra Config reset failed
+ * (InfraConfigService)
+ */
+export const INFRA_CONFIG_RESET_FAILED = 'infra_config/reset_failed' as const;
+
+/**
+ * Infra Config invalid input for Config variable
+ * (InfraConfigService)
+ */
+export const INFRA_CONFIG_INVALID_INPUT = 'infra_config/invalid_input' as const;
+
+/**
+ * Infra Config service (auth provider/mailer/audit logs) not configured
+ * (InfraConfigService)
+ */
+export const INFRA_CONFIG_SERVICE_NOT_CONFIGURED =
+  'infra_config/service_not_configured' as const;
+
+/**
+ * Infra Config update/fetch operation not allowed
+ * (InfraConfigService)
+ */
+export const INFRA_CONFIG_OPERATION_NOT_ALLOWED =
+  'infra_config/operation_not_allowed';
+
+/**
+ * Error message for when the database table does not exist
+ * (InfraConfigService)
+ */
+export const DATABASE_TABLE_NOT_EXIST =
+  'Database migration not found. Please check the documentation for assistance: https://docs.hoppscotch.io/documentation/self-host/community-edition/install-and-build#running-migrations';
+
+/**
+ * PostHog client is not initialized
+ * (InfraConfigService)
+ */
+export const POSTHOG_CLIENT_NOT_INITIALIZED = 'posthog/client_not_initialized';
+
+/**
+ * Inputs supplied are invalid
+ */
+export const INVALID_PARAMS = 'invalid_parameters' as const;
+
+/**
+ * The provided label for the access-token is short (less than 3 characters)
+ * (AccessTokenService)
+ */
+export const ACCESS_TOKEN_LABEL_SHORT = 'access_token/label_too_short';
+
+/**
+ * The provided expiryInDays value is not valid
+ * (AccessTokenService)
+ */
+export const ACCESS_TOKEN_EXPIRY_INVALID = 'access_token/expiry_days_invalid';
+
+/**
+ * The provided PAT ID is invalid
+ * (AccessTokenService)
+ */
+export const ACCESS_TOKEN_NOT_FOUND = 'access_token/access_token_not_found';
+
+/**
+ * AccessTokens is expired
+ * (AccessTokenService)
+ */
+export const ACCESS_TOKENS_EXPIRED = 'TOKEN_EXPIRED';
+
+/**
+ * AccessTokens is invalid
+ * (AccessTokenService)
+ */
+export const ACCESS_TOKENS_INVALID = 'TOKEN_INVALID';
+
+/**
+ * AccessTokens is invalid
+ * (AccessTokenService)
+ */
+export const ACCESS_TOKENS_INVALID_DATA_ID = 'INVALID_ID';
--- a/packages/hoppscotch-backend/src/guards/rest-pat-auth.guard.ts
+++ b/packages/hoppscotch-backend/src/guards/rest-pat-auth.guard.ts
@@ -0,0 +1,48 @@
+import {
+  BadRequestException,
+  CanActivate,
+  ExecutionContext,
+  Injectable,
+} from '@nestjs/common';
+import { Request } from 'express';
+import { AccessTokenService } from 'src/access-token/access-token.service';
+import * as E from 'fp-ts/Either';
+import { DateTime } from 'luxon';
+import { ACCESS_TOKENS_EXPIRED, ACCESS_TOKENS_INVALID } from 'src/errors';
+import { createCLIErrorResponse } from 'src/access-token/helper';
+@Injectable()
+export class PATAuthGuard implements CanActivate {
+  constructor(private accessTokenService: AccessTokenService) {}
+
+  async canActivate(context: ExecutionContext): Promise<boolean> {
+    const request = context.switchToHttp().getRequest();
+    const token = this.extractTokenFromHeader(request);
+    if (!token) {
+      throw new BadRequestException(
+        createCLIErrorResponse(ACCESS_TOKENS_INVALID),
+      );
+    }
+
+    const userAccessToken = await this.accessTokenService.getUserPAT(token);
+    if (E.isLeft(userAccessToken))
+      throw new BadRequestException(
+        createCLIErrorResponse(ACCESS_TOKENS_INVALID),
+      );
+    request.user = userAccessToken.right.user;
+
+    const accessToken = userAccessToken.right;
+    if (accessToken.expiresOn === null) return true;
+
+    const today = DateTime.now().toISO();
+    if (accessToken.expiresOn.toISOString() > today) return true;
+
+    throw new BadRequestException(
+      createCLIErrorResponse(ACCESS_TOKENS_EXPIRED),
+    );
+  }
+
+  private extractTokenFromHeader(request: Request): string | undefined {
+    const [type, token] = request.headers.authorization?.split(' ') ?? [];
+    return type === 'Bearer' ? token : undefined;
+  }
+}
--- a/packages/hoppscotch-backend/src/health/health.controller.ts
+++ b/packages/hoppscotch-backend/src/health/health.controller.ts
@@ -0,0 +1,24 @@
+import { Controller, Get } from '@nestjs/common';
+import {
+  HealthCheck,
+  HealthCheckService,
+  PrismaHealthIndicator,
+} from '@nestjs/terminus';
+import { PrismaService } from 'src/prisma/prisma.service';
+
+@Controller('health')
+export class HealthController {
+  constructor(
+    private health: HealthCheckService,
+    private prismaHealth: PrismaHealthIndicator,
+    private prisma: PrismaService,
+  ) {}
+
+  @Get()
+  @HealthCheck()
+  check() {
+    return this.health.check([
+      async () => this.prismaHealth.pingCheck('database', this.prisma),
+    ]);
+  }
+}
--- a/packages/hoppscotch-backend/src/health/health.module.ts
+++ b/packages/hoppscotch-backend/src/health/health.module.ts
@@ -0,0 +1,10 @@
+import { Module } from '@nestjs/common';
+import { HealthController } from './health.controller';
+import { PrismaModule } from 'src/prisma/prisma.module';
+import { TerminusModule } from '@nestjs/terminus';
+
+@Module({
+  imports: [PrismaModule, TerminusModule],
+  controllers: [HealthController],
+})
+export class HealthModule {}
--- a/packages/hoppscotch-backend/src/infra-config/helper.ts
+++ b/packages/hoppscotch-backend/src/infra-config/helper.ts
@@ -0,0 +1,259 @@
+import { AuthProvider } from 'src/auth/helper';
+import {
+  AUTH_PROVIDER_NOT_CONFIGURED,
+  DATABASE_TABLE_NOT_EXIST,
+} from 'src/errors';
+import { PrismaService } from 'src/prisma/prisma.service';
+import { InfraConfigEnum } from 'src/types/InfraConfig';
+import { throwErr } from 'src/utils';
+import { randomBytes } from 'crypto';
+
+export enum ServiceStatus {
+  ENABLE = 'ENABLE',
+  DISABLE = 'DISABLE',
+}
+
+const AuthProviderConfigurations = {
+  [AuthProvider.GOOGLE]: [
+    InfraConfigEnum.GOOGLE_CLIENT_ID,
+    InfraConfigEnum.GOOGLE_CLIENT_SECRET,
+    InfraConfigEnum.GOOGLE_CALLBACK_URL,
+    InfraConfigEnum.GOOGLE_SCOPE,
+  ],
+  [AuthProvider.GITHUB]: [
+    InfraConfigEnum.GITHUB_CLIENT_ID,
+    InfraConfigEnum.GITHUB_CLIENT_SECRET,
+    InfraConfigEnum.GITHUB_CALLBACK_URL,
+    InfraConfigEnum.GITHUB_SCOPE,
+  ],
+  [AuthProvider.MICROSOFT]: [
+    InfraConfigEnum.MICROSOFT_CLIENT_ID,
+    InfraConfigEnum.MICROSOFT_CLIENT_SECRET,
+    InfraConfigEnum.MICROSOFT_CALLBACK_URL,
+    InfraConfigEnum.MICROSOFT_SCOPE,
+    InfraConfigEnum.MICROSOFT_TENANT,
+  ],
+  [AuthProvider.EMAIL]: [
+    InfraConfigEnum.MAILER_SMTP_URL,
+    InfraConfigEnum.MAILER_ADDRESS_FROM,
+  ],
+};
+
+/**
+ * Load environment variables from the database and set them in the process
+ *
+ * @Description Fetch the 'infra_config' table from the database and return it as an object
+ * (ConfigModule will set the environment variables in the process)
+ */
+export async function loadInfraConfiguration() {
+  try {
+    const prisma = new PrismaService();
+
+    const infraConfigs = await prisma.infraConfig.findMany();
+
+    let environmentObject: Record<string, any> = {};
+    infraConfigs.forEach((infraConfig) => {
+      environmentObject[infraConfig.name] = infraConfig.value;
+    });
+
+    return { INFRA: environmentObject };
+  } catch (error) {
+    // Prisma throw error if 'Can't reach at database server' OR 'Table does not exist'
+    // Reason for not throwing error is, we want successful build during 'postinstall' and generate dist files
+    return { INFRA: {} };
+  }
+}
+
+/**
+ * Read the default values from .env file and return them as an array
+ * @returns Array of default infra configs
+ */
+export async function getDefaultInfraConfigs(): Promise<
+  { name: InfraConfigEnum; value: string }[]
+> {
+  const prisma = new PrismaService();
+
+  // Prepare rows for 'infra_config' table with default values (from .env) for each 'name'
+  const infraConfigDefaultObjs: { name: InfraConfigEnum; value: string }[] = [
+    {
+      name: InfraConfigEnum.MAILER_SMTP_URL,
+      value: process.env.MAILER_SMTP_URL,
+    },
+    {
+      name: InfraConfigEnum.MAILER_ADDRESS_FROM,
+      value: process.env.MAILER_ADDRESS_FROM,
+    },
+    {
+      name: InfraConfigEnum.GOOGLE_CLIENT_ID,
+      value: process.env.GOOGLE_CLIENT_ID,
+    },
+    {
+      name: InfraConfigEnum.GOOGLE_CLIENT_SECRET,
+      value: process.env.GOOGLE_CLIENT_SECRET,
+    },
+    {
+      name: InfraConfigEnum.GOOGLE_CALLBACK_URL,
+      value: process.env.GOOGLE_CALLBACK_URL,
+    },
+    {
+      name: InfraConfigEnum.GOOGLE_SCOPE,
+      value: process.env.GOOGLE_SCOPE,
+    },
+    {
+      name: InfraConfigEnum.GITHUB_CLIENT_ID,
+      value: process.env.GITHUB_CLIENT_ID,
+    },
+    {
+      name: InfraConfigEnum.GITHUB_CLIENT_SECRET,
+      value: process.env.GITHUB_CLIENT_SECRET,
+    },
+    {
+      name: InfraConfigEnum.GITHUB_CALLBACK_URL,
+      value: process.env.GITHUB_CALLBACK_URL,
+    },
+    {
+      name: InfraConfigEnum.GITHUB_SCOPE,
+      value: process.env.GITHUB_SCOPE,
+    },
+    {
+      name: InfraConfigEnum.MICROSOFT_CLIENT_ID,
+      value: process.env.MICROSOFT_CLIENT_ID,
+    },
+    {
+      name: InfraConfigEnum.MICROSOFT_CLIENT_SECRET,
+      value: process.env.MICROSOFT_CLIENT_SECRET,
+    },
+    {
+      name: InfraConfigEnum.MICROSOFT_CALLBACK_URL,
+      value: process.env.MICROSOFT_CALLBACK_URL,
+    },
+    {
+      name: InfraConfigEnum.MICROSOFT_SCOPE,
+      value: process.env.MICROSOFT_SCOPE,
+    },
+    {
+      name: InfraConfigEnum.MICROSOFT_TENANT,
+      value: process.env.MICROSOFT_TENANT,
+    },
+    {
+      name: InfraConfigEnum.VITE_ALLOWED_AUTH_PROVIDERS,
+      value: getConfiguredSSOProviders(),
+    },
+    {
+      name: InfraConfigEnum.ALLOW_ANALYTICS_COLLECTION,
+      value: false.toString(),
+    },
+    {
+      name: InfraConfigEnum.ANALYTICS_USER_ID,
+      value: generateAnalyticsUserId(),
+    },
+    {
+      name: InfraConfigEnum.IS_FIRST_TIME_INFRA_SETUP,
+      value: (await prisma.infraConfig.count()) === 0 ? 'true' : 'false',
+    },
+  ];
+
+  return infraConfigDefaultObjs;
+}
+
+/**
+ * Get the missing entries in the 'infra_config' table
+ * @returns Array of InfraConfig
+ */
+export async function getMissingInfraConfigEntries() {
+  const prisma = new PrismaService();
+  const [dbInfraConfigs, infraConfigDefaultObjs] = await Promise.all([
+    prisma.infraConfig.findMany(),
+    getDefaultInfraConfigs(),
+  ]);
+
+  const missingEntries = infraConfigDefaultObjs.filter(
+    (config) =>
+      !dbInfraConfigs.some((dbConfig) => dbConfig.name === config.name),
+  );
+
+  return missingEntries;
+}
+
+/**
+ * Verify if 'infra_config' table is loaded with all entries
+ * @returns boolean
+ */
+export async function isInfraConfigTablePopulated(): Promise<boolean> {
+  const prisma = new PrismaService();
+  try {
+    const propsRemainingToInsert = await getMissingInfraConfigEntries();
+
+    if (propsRemainingToInsert.length > 0) {
+      console.log(
+        'Infra Config table is not populated with all entries. Populating now...',
+      );
+      return false;
+    }
+
+    return true;
+  } catch (error) {
+    return false;
+  }
+}
+
+/**
+ * Stop the app after 5 seconds
+ * (Docker will re-start the app)
+ */
+export function stopApp() {
+  console.log('Stopping app in 5 seconds...');
+
+  setTimeout(() => {
+    console.log('Stopping app now...');
+    process.kill(process.pid, 'SIGTERM');
+  }, 5000);
+}
+
+/**
+ * Get the configured SSO providers
+ * @returns Array of configured SSO providers
+ */
+export function getConfiguredSSOProviders() {
+  const allowedAuthProviders: string[] =
+    process.env.VITE_ALLOWED_AUTH_PROVIDERS.split(',');
+  let configuredAuthProviders: string[] = [];
+
+  const addProviderIfConfigured = (provider) => {
+    const configParameters: string[] = AuthProviderConfigurations[provider];
+
+    const isConfigured = configParameters.every((configParameter) => {
+      return process.env[configParameter];
+    });
+
+    if (isConfigured) configuredAuthProviders.push(provider);
+  };
+
+  allowedAuthProviders.forEach((provider) => addProviderIfConfigured(provider));
+
+  if (configuredAuthProviders.length === 0) {
+    throwErr(AUTH_PROVIDER_NOT_CONFIGURED);
+  } else if (allowedAuthProviders.length !== configuredAuthProviders.length) {
+    const unConfiguredAuthProviders = allowedAuthProviders.filter(
+      (provider) => {
+        return !configuredAuthProviders.includes(provider);
+      },
+    );
+    console.log(
+      `${unConfiguredAuthProviders.join(
+        ',',
+      )} SSO auth provider(s) are not configured properly. Do configure them from Admin Dashboard.`,
+    );
+  }
+
+  return configuredAuthProviders.join(',');
+}
+
+/**
+ * Generate a hashed valued for analytics
+ * @returns Generated hashed value
+ */
+export function generateAnalyticsUserId() {
+  const hashedUserID = randomBytes(20).toString('hex');
+  return hashedUserID;
+}
--- a/packages/hoppscotch-backend/src/infra-config/infra-config.controller.ts
+++ b/packages/hoppscotch-backend/src/infra-config/infra-config.controller.ts
@@ -0,0 +1,47 @@
+import { Controller, Get, HttpStatus, Put, UseGuards } from '@nestjs/common';
+import { ThrottlerBehindProxyGuard } from 'src/guards/throttler-behind-proxy.guard';
+import { InfraConfigService } from './infra-config.service';
+import * as E from 'fp-ts/Either';
+import { JwtAuthGuard } from 'src/auth/guards/jwt-auth.guard';
+import { RESTAdminGuard } from 'src/admin/guards/rest-admin.guard';
+import { RESTError } from 'src/types/RESTError';
+import { InfraConfigEnum } from 'src/types/InfraConfig';
+import { throwHTTPErr } from 'src/utils';
+
+@UseGuards(ThrottlerBehindProxyGuard)
+@Controller({ path: 'site', version: '1' })
+export class SiteController {
+  constructor(private infraConfigService: InfraConfigService) {}
+
+  @Get('setup')
+  @UseGuards(JwtAuthGuard, RESTAdminGuard)
+  async fetchSetupInfo() {
+    const status = await this.infraConfigService.get(
+      InfraConfigEnum.IS_FIRST_TIME_INFRA_SETUP,
+    );
+
+    if (E.isLeft(status))
+      throwHTTPErr(<RESTError>{
+        message: status.left,
+        statusCode: HttpStatus.NOT_FOUND,
+      });
+    return status.right;
+  }
+
+  @Put('setup')
+  @UseGuards(JwtAuthGuard, RESTAdminGuard)
+  async setSetupAsComplete() {
+    const res = await this.infraConfigService.update(
+      InfraConfigEnum.IS_FIRST_TIME_INFRA_SETUP,
+      false.toString(),
+      false,
+    );
+
+    if (E.isLeft(res))
+      throwHTTPErr(<RESTError>{
+        message: res.left,
+        statusCode: HttpStatus.FORBIDDEN,
+      });
+    return res.right;
+  }
+}
--- a/packages/hoppscotch-backend/src/infra-config/infra-config.model.ts
+++ b/packages/hoppscotch-backend/src/infra-config/infra-config.model.ts
@@ -0,0 +1,29 @@
+import { Field, ObjectType, registerEnumType } from '@nestjs/graphql';
+import { AuthProvider } from 'src/auth/helper';
+import { InfraConfigEnum } from 'src/types/InfraConfig';
+import { ServiceStatus } from './helper';
+
+@ObjectType()
+export class InfraConfig {
+  @Field({
+    description: 'Infra Config Name',
+  })
+  name: InfraConfigEnum;
+
+  @Field({
+    description: 'Infra Config Value',
+  })
+  value: string;
+}
+
+registerEnumType(InfraConfigEnum, {
+  name: 'InfraConfigEnum',
+});
+
+registerEnumType(AuthProvider, {
+  name: 'AuthProvider',
+});
+
+registerEnumType(ServiceStatus, {
+  name: 'ServiceStatus',
+});
--- a/packages/hoppscotch-backend/src/infra-config/infra-config.module.ts
+++ b/packages/hoppscotch-backend/src/infra-config/infra-config.module.ts
@@ -0,0 +1,12 @@
+import { Module } from '@nestjs/common';
+import { InfraConfigService } from './infra-config.service';
+import { PrismaModule } from 'src/prisma/prisma.module';
+import { SiteController } from './infra-config.controller';
+
+@Module({
+  imports: [PrismaModule],
+  providers: [InfraConfigService],
+  exports: [InfraConfigService],
+  controllers: [SiteController],
+})
+export class InfraConfigModule {}
--- a/packages/hoppscotch-backend/src/infra-config/infra-config.service.spec.ts
+++ b/packages/hoppscotch-backend/src/infra-config/infra-config.service.spec.ts
@@ -0,0 +1,223 @@
+import { mockDeep, mockReset } from 'jest-mock-extended';
+import { PrismaService } from 'src/prisma/prisma.service';
+import { InfraConfigService } from './infra-config.service';
+import { InfraConfigEnum } from 'src/types/InfraConfig';
+import {
+  INFRA_CONFIG_NOT_FOUND,
+  INFRA_CONFIG_OPERATION_NOT_ALLOWED,
+  INFRA_CONFIG_UPDATE_FAILED,
+} from 'src/errors';
+import { ConfigService } from '@nestjs/config';
+import * as helper from './helper';
+import { InfraConfig as dbInfraConfig } from '@prisma/client';
+import { InfraConfig } from './infra-config.model';
+
+const mockPrisma = mockDeep<PrismaService>();
+const mockConfigService = mockDeep<ConfigService>();
+
+// eslint-disable-next-line @typescript-eslint/ban-ts-comment
+// @ts-ignore
+const infraConfigService = new InfraConfigService(
+  mockPrisma,
+  mockConfigService,
+);
+
+const INITIALIZED_DATE_CONST = new Date();
+const dbInfraConfigs: dbInfraConfig[] = [
+  {
+    id: '3',
+    name: InfraConfigEnum.GOOGLE_CLIENT_ID,
+    value: 'abcdefghijkl',
+    active: true,
+    createdOn: INITIALIZED_DATE_CONST,
+    updatedOn: INITIALIZED_DATE_CONST,
+  },
+  {
+    id: '4',
+    name: InfraConfigEnum.VITE_ALLOWED_AUTH_PROVIDERS,
+    value: 'google',
+    active: true,
+    createdOn: INITIALIZED_DATE_CONST,
+    updatedOn: INITIALIZED_DATE_CONST,
+  },
+];
+const infraConfigs: InfraConfig[] = [
+  {
+    name: dbInfraConfigs[0].name as InfraConfigEnum,
+    value: dbInfraConfigs[0].value,
+  },
+  {
+    name: dbInfraConfigs[1].name as InfraConfigEnum,
+    value: dbInfraConfigs[1].value,
+  },
+];
+
+beforeEach(() => {
+  mockReset(mockPrisma);
+});
+
+describe('InfraConfigService', () => {
+  describe('update', () => {
+    it('should update the infra config without backend server restart', async () => {
+      const name = InfraConfigEnum.GOOGLE_CLIENT_ID;
+      const value = 'true';
+
+      mockPrisma.infraConfig.update.mockResolvedValueOnce({
+        id: '',
+        name,
+        value,
+        active: true,
+        createdOn: new Date(),
+        updatedOn: new Date(),
+      });
+
+      jest.spyOn(helper, 'stopApp').mockReturnValueOnce();
+      const result = await infraConfigService.update(name, value);
+
+      expect(helper.stopApp).not.toHaveBeenCalled();
+      expect(result).toEqualRight({ name, value });
+    });
+
+    it('should update the infra config with backend server restart', async () => {
+      const name = InfraConfigEnum.GOOGLE_CLIENT_ID;
+      const value = 'true';
+
+      mockPrisma.infraConfig.update.mockResolvedValueOnce({
+        id: '',
+        name,
+        value,
+        active: true,
+        createdOn: new Date(),
+        updatedOn: new Date(),
+      });
+      jest.spyOn(helper, 'stopApp').mockReturnValueOnce();
+
+      const result = await infraConfigService.update(name, value, true);
+
+      expect(helper.stopApp).toHaveBeenCalledTimes(1);
+      expect(result).toEqualRight({ name, value });
+    });
+
+    it('should update the infra config', async () => {
+      const name = InfraConfigEnum.GOOGLE_CLIENT_ID;
+      const value = 'true';
+
+      mockPrisma.infraConfig.update.mockResolvedValueOnce({
+        id: '',
+        name,
+        value,
+        active: true,
+        createdOn: new Date(),
+        updatedOn: new Date(),
+      });
+      jest.spyOn(helper, 'stopApp').mockReturnValueOnce();
+
+      const result = await infraConfigService.update(name, value);
+      expect(result).toEqualRight({ name, value });
+    });
+
+    it('should pass correct params to prisma update', async () => {
+      const name = InfraConfigEnum.GOOGLE_CLIENT_ID;
+      const value = 'true';
+
+      jest.spyOn(helper, 'stopApp').mockReturnValueOnce();
+
+      await infraConfigService.update(name, value);
+
+      expect(mockPrisma.infraConfig.update).toHaveBeenCalledWith({
+        where: { name },
+        data: { value },
+      });
+      expect(mockPrisma.infraConfig.update).toHaveBeenCalledTimes(1);
+    });
+
+    it('should throw an error if the infra config update failed', async () => {
+      const name = InfraConfigEnum.GOOGLE_CLIENT_ID;
+      const value = 'true';
+
+      mockPrisma.infraConfig.update.mockRejectedValueOnce('null');
+
+      const result = await infraConfigService.update(name, value);
+      expect(result).toEqualLeft(INFRA_CONFIG_UPDATE_FAILED);
+    });
+  });
+
+  describe('get', () => {
+    it('should get the infra config', async () => {
+      const name = InfraConfigEnum.GOOGLE_CLIENT_ID;
+      const value = 'true';
+
+      mockPrisma.infraConfig.findUniqueOrThrow.mockResolvedValueOnce({
+        id: '',
+        name,
+        value,
+        active: true,
+        createdOn: new Date(),
+        updatedOn: new Date(),
+      });
+      const result = await infraConfigService.get(name);
+      expect(result).toEqualRight({ name, value });
+    });
+
+    it('should pass correct params to prisma findUnique', async () => {
+      const name = InfraConfigEnum.GOOGLE_CLIENT_ID;
+
+      await infraConfigService.get(name);
+
+      expect(mockPrisma.infraConfig.findUniqueOrThrow).toHaveBeenCalledWith({
+        where: { name },
+      });
+      expect(mockPrisma.infraConfig.findUniqueOrThrow).toHaveBeenCalledTimes(1);
+    });
+
+    it('should throw an error if the infra config does not exist', async () => {
+      const name = InfraConfigEnum.GOOGLE_CLIENT_ID;
+
+      mockPrisma.infraConfig.findUniqueOrThrow.mockRejectedValueOnce('null');
+
+      const result = await infraConfigService.get(name);
+      expect(result).toEqualLeft(INFRA_CONFIG_NOT_FOUND);
+    });
+  });
+
+  describe('getMany', () => {
+    it('should throw error if any disallowed names are provided', async () => {
+      const disallowedNames = [InfraConfigEnum.VITE_ALLOWED_AUTH_PROVIDERS];
+      const result = await infraConfigService.getMany(disallowedNames);
+
+      expect(result).toEqualLeft(INFRA_CONFIG_OPERATION_NOT_ALLOWED);
+    });
+    it('should resolve right with disallowed names if `checkDisallowed` parameter passed', async () => {
+      const disallowedNames = [InfraConfigEnum.VITE_ALLOWED_AUTH_PROVIDERS];
+
+      const dbInfraConfigResponses = dbInfraConfigs.filter((dbConfig) =>
+        disallowedNames.includes(dbConfig.name as InfraConfigEnum),
+      );
+      mockPrisma.infraConfig.findMany.mockResolvedValueOnce(
+        dbInfraConfigResponses,
+      );
+
+      const result = await infraConfigService.getMany(disallowedNames, false);
+
+      expect(result).toEqualRight(
+        infraConfigs.filter((i) => disallowedNames.includes(i.name)),
+      );
+    });
+
+    it('should return right with infraConfigs if Prisma query succeeds', async () => {
+      const allowedNames = [InfraConfigEnum.GOOGLE_CLIENT_ID];
+
+      const dbInfraConfigResponses = dbInfraConfigs.filter((dbConfig) =>
+        allowedNames.includes(dbConfig.name as InfraConfigEnum),
+      );
+      mockPrisma.infraConfig.findMany.mockResolvedValueOnce(
+        dbInfraConfigResponses,
+      );
+
+      const result = await infraConfigService.getMany(allowedNames);
+      expect(result).toEqualRight(
+        infraConfigs.filter((i) => allowedNames.includes(i.name)),
+      );
+    });
+  });
+});
--- a/packages/hoppscotch-backend/src/infra-config/infra-config.service.ts
+++ b/packages/hoppscotch-backend/src/infra-config/infra-config.service.ts
@@ -0,0 +1,423 @@
+import { Injectable, OnModuleInit } from '@nestjs/common';
+import { InfraConfig } from './infra-config.model';
+import { PrismaService } from 'src/prisma/prisma.service';
+import { InfraConfig as DBInfraConfig } from '@prisma/client';
+import * as E from 'fp-ts/Either';
+import { InfraConfigEnum } from 'src/types/InfraConfig';
+import {
+  AUTH_PROVIDER_NOT_SPECIFIED,
+  DATABASE_TABLE_NOT_EXIST,
+  INFRA_CONFIG_INVALID_INPUT,
+  INFRA_CONFIG_NOT_FOUND,
+  INFRA_CONFIG_RESET_FAILED,
+  INFRA_CONFIG_UPDATE_FAILED,
+  INFRA_CONFIG_SERVICE_NOT_CONFIGURED,
+  INFRA_CONFIG_OPERATION_NOT_ALLOWED,
+} from 'src/errors';
+import {
+  throwErr,
+  validateSMTPEmail,
+  validateSMTPUrl,
+  validateUrl,
+} from 'src/utils';
+import { ConfigService } from '@nestjs/config';
+import {
+  ServiceStatus,
+  getDefaultInfraConfigs,
+  getMissingInfraConfigEntries,
+  stopApp,
+} from './helper';
+import { EnableAndDisableSSOArgs, InfraConfigArgs } from './input-args';
+import { AuthProvider } from 'src/auth/helper';
+
+@Injectable()
+export class InfraConfigService implements OnModuleInit {
+  constructor(
+    private readonly prisma: PrismaService,
+    private readonly configService: ConfigService,
+  ) {}
+
+  // Following fields are not updatable by `infraConfigs` Mutation. Use dedicated mutations for these fields instead.
+  EXCLUDE_FROM_UPDATE_CONFIGS = [
+    InfraConfigEnum.VITE_ALLOWED_AUTH_PROVIDERS,
+    InfraConfigEnum.ALLOW_ANALYTICS_COLLECTION,
+    InfraConfigEnum.ANALYTICS_USER_ID,
+    InfraConfigEnum.IS_FIRST_TIME_INFRA_SETUP,
+  ];
+  // Following fields can not be fetched by `infraConfigs` Query. Use dedicated queries for these fields instead.
+  EXCLUDE_FROM_FETCH_CONFIGS = [
+    InfraConfigEnum.VITE_ALLOWED_AUTH_PROVIDERS,
+    InfraConfigEnum.ANALYTICS_USER_ID,
+    InfraConfigEnum.IS_FIRST_TIME_INFRA_SETUP,
+  ];
+
+  async onModuleInit() {
+    await this.initializeInfraConfigTable();
+  }
+
+  /**
+   * Initialize the 'infra_config' table with values from .env
+   * @description This function create rows 'infra_config' in very first time (only once)
+   */
+  async initializeInfraConfigTable() {
+    try {
+      const propsToInsert = await getMissingInfraConfigEntries();
+
+      if (propsToInsert.length > 0) {
+        await this.prisma.infraConfig.createMany({ data: propsToInsert });
+        stopApp();
+      }
+    } catch (error) {
+      if (error.code === 'P1001') {
+        // Prisma error code for 'Can't reach at database server'
+        // We're not throwing error here because we want to allow the app to run 'pnpm install'
+      } else if (error.code === 'P2021') {
+        // Prisma error code for 'Table does not exist'
+        throwErr(DATABASE_TABLE_NOT_EXIST);
+      } else {
+        throwErr(error);
+      }
+    }
+  }
+
+  /**
+   * Typecast a database InfraConfig to a InfraConfig model
+   * @param dbInfraConfig database InfraConfig
+   * @returns InfraConfig model
+   */
+  cast(dbInfraConfig: DBInfraConfig) {
+    return <InfraConfig>{
+      name: dbInfraConfig.name,
+      value: dbInfraConfig.value ?? '',
+    };
+  }
+
+  /**
+   * Get all the InfraConfigs as map
+   * @returns InfraConfig map
+   */
+  async getInfraConfigsMap() {
+    const infraConfigs = await this.prisma.infraConfig.findMany();
+    const infraConfigMap: Record<string, string> = {};
+    infraConfigs.forEach((config) => {
+      infraConfigMap[config.name] = config.value;
+    });
+    return infraConfigMap;
+  }
+
+  /**
+   * Update InfraConfig by name
+   * @param name Name of the InfraConfig
+   * @param value Value of the InfraConfig
+   * @param restartEnabled If true, restart the app after updating the InfraConfig
+   * @returns InfraConfig model
+   */
+  async update(name: InfraConfigEnum, value: string, restartEnabled = false) {
+    const isValidate = this.validateEnvValues([{ name, value }]);
+    if (E.isLeft(isValidate)) return E.left(isValidate.left);
+
+    try {
+      const infraConfig = await this.prisma.infraConfig.update({
+        where: { name },
+        data: { value },
+      });
+
+      if (restartEnabled) stopApp();
+
+      return E.right(this.cast(infraConfig));
+    } catch (e) {
+      return E.left(INFRA_CONFIG_UPDATE_FAILED);
+    }
+  }
+
+  /**
+   * Update InfraConfigs by name
+   * @param infraConfigs InfraConfigs to update
+   * @returns InfraConfig model
+   */
+  async updateMany(infraConfigs: InfraConfigArgs[]) {
+    for (let i = 0; i < infraConfigs.length; i++) {
+      if (this.EXCLUDE_FROM_UPDATE_CONFIGS.includes(infraConfigs[i].name))
+        return E.left(INFRA_CONFIG_OPERATION_NOT_ALLOWED);
+    }
+
+    const isValidate = this.validateEnvValues(infraConfigs);
+    if (E.isLeft(isValidate)) return E.left(isValidate.left);
+
+    try {
+      await this.prisma.$transaction(async (tx) => {
+        for (let i = 0; i < infraConfigs.length; i++) {
+          await tx.infraConfig.update({
+            where: { name: infraConfigs[i].name },
+            data: { value: infraConfigs[i].value },
+          });
+        }
+      });
+
+      stopApp();
+
+      return E.right(infraConfigs);
+    } catch (e) {
+      return E.left(INFRA_CONFIG_UPDATE_FAILED);
+    }
+  }
+
+  /**
+   * Check if the service is configured or not
+   * @param service Service can be Auth Provider, Mailer, Audit Log etc.
+   * @param configMap Map of all the infra configs
+   * @returns Either true or false
+   */
+  isServiceConfigured(
+    service: AuthProvider,
+    configMap: Record<string, string>,
+  ) {
+    switch (service) {
+      case AuthProvider.GOOGLE:
+        return (
+          configMap.GOOGLE_CLIENT_ID &&
+          configMap.GOOGLE_CLIENT_SECRET &&
+          configMap.GOOGLE_CALLBACK_URL &&
+          configMap.GOOGLE_SCOPE
+        );
+      case AuthProvider.GITHUB:
+        return (
+          configMap.GITHUB_CLIENT_ID &&
+          configMap.GITHUB_CLIENT_SECRET &&
+          configMap.GITHUB_CALLBACK_URL &&
+          configMap.GITHUB_SCOPE
+        );
+      case AuthProvider.MICROSOFT:
+        return (
+          configMap.MICROSOFT_CLIENT_ID &&
+          configMap.MICROSOFT_CLIENT_SECRET &&
+          configMap.MICROSOFT_CALLBACK_URL &&
+          configMap.MICROSOFT_SCOPE &&
+          configMap.MICROSOFT_TENANT
+        );
+      case AuthProvider.EMAIL:
+        return configMap.MAILER_SMTP_URL && configMap.MAILER_ADDRESS_FROM;
+      default:
+        return false;
+    }
+  }
+
+  /**
+   * Enable or Disable Analytics Collection
+   *
+   * @param status Status to enable or disable
+   * @returns Boolean of status of analytics collection
+   */
+  async toggleAnalyticsCollection(status: ServiceStatus) {
+    const isUpdated = await this.update(
+      InfraConfigEnum.ALLOW_ANALYTICS_COLLECTION,
+      status === ServiceStatus.ENABLE ? 'true' : 'false',
+    );
+
+    if (E.isLeft(isUpdated)) return E.left(isUpdated.left);
+    return E.right(isUpdated.right.value === 'true');
+  }
+
+  /**
+   * Enable or Disable SSO for login/signup
+   * @param provider Auth Provider to enable or disable
+   * @param status Status to enable or disable
+   * @returns Either true or an error
+   */
+  async enableAndDisableSSO(providerInfo: EnableAndDisableSSOArgs[]) {
+    const allowedAuthProviders = this.configService
+      .get<string>('INFRA.VITE_ALLOWED_AUTH_PROVIDERS')
+      .split(',');
+
+    let updatedAuthProviders = allowedAuthProviders;
+
+    const infraConfigMap = await this.getInfraConfigsMap();
+
+    providerInfo.forEach(({ provider, status }) => {
+      if (status === ServiceStatus.ENABLE) {
+        const isConfigured = this.isServiceConfigured(provider, infraConfigMap);
+        if (!isConfigured) {
+          throwErr(INFRA_CONFIG_SERVICE_NOT_CONFIGURED);
+        }
+        updatedAuthProviders.push(provider);
+      } else if (status === ServiceStatus.DISABLE) {
+        updatedAuthProviders = updatedAuthProviders.filter(
+          (p) => p !== provider,
+        );
+      }
+    });
+
+    updatedAuthProviders = [...new Set(updatedAuthProviders)];
+
+    if (updatedAuthProviders.length === 0) {
+      return E.left(AUTH_PROVIDER_NOT_SPECIFIED);
+    }
+
+    const isUpdated = await this.update(
+      InfraConfigEnum.VITE_ALLOWED_AUTH_PROVIDERS,
+      updatedAuthProviders.join(','),
+      true,
+    );
+    if (E.isLeft(isUpdated)) return E.left(isUpdated.left);
+
+    return E.right(true);
+  }
+
+  /**
+   * Get InfraConfig by name
+   * @param name Name of the InfraConfig
+   * @returns InfraConfig model
+   */
+  async get(name: InfraConfigEnum) {
+    try {
+      const infraConfig = await this.prisma.infraConfig.findUniqueOrThrow({
+        where: { name },
+      });
+
+      return E.right(this.cast(infraConfig));
+    } catch (e) {
+      return E.left(INFRA_CONFIG_NOT_FOUND);
+    }
+  }
+
+  /**
+   * Get InfraConfigs by names
+   * @param names Names of the InfraConfigs
+   * @param checkDisallowedKeys If true, check if the names are allowed to fetch by client
+   * @returns InfraConfig model
+   */
+  async getMany(names: InfraConfigEnum[], checkDisallowedKeys: boolean = true) {
+    if (checkDisallowedKeys) {
+      // Check if the names are allowed to fetch by client
+      for (let i = 0; i < names.length; i++) {
+        if (this.EXCLUDE_FROM_FETCH_CONFIGS.includes(names[i]))
+          return E.left(INFRA_CONFIG_OPERATION_NOT_ALLOWED);
+      }
+    }
+
+    try {
+      const infraConfigs = await this.prisma.infraConfig.findMany({
+        where: { name: { in: names } },
+      });
+
+      return E.right(infraConfigs.map((p) => this.cast(p)));
+    } catch (e) {
+      return E.left(INFRA_CONFIG_NOT_FOUND);
+    }
+  }
+
+  /**
+   * Get allowed auth providers for login/signup
+   * @returns string[]
+   */
+  getAllowedAuthProviders() {
+    return this.configService
+      .get<string>('INFRA.VITE_ALLOWED_AUTH_PROVIDERS')
+      .split(',');
+  }
+
+  /**
+   * Reset all the InfraConfigs to their default values (from .env)
+   */
+  async reset() {
+    // These are all the infra-configs that should not be reset
+    const RESET_EXCLUSION_LIST = [
+      InfraConfigEnum.IS_FIRST_TIME_INFRA_SETUP,
+      InfraConfigEnum.ANALYTICS_USER_ID,
+      InfraConfigEnum.ALLOW_ANALYTICS_COLLECTION,
+    ];
+    try {
+      const infraConfigDefaultObjs = await getDefaultInfraConfigs();
+      const updatedInfraConfigDefaultObjs = infraConfigDefaultObjs.filter(
+        (p) => RESET_EXCLUSION_LIST.includes(p.name) === false,
+      );
+
+      await this.prisma.infraConfig.deleteMany({
+        where: {
+          name: {
+            in: updatedInfraConfigDefaultObjs.map((p) => p.name),
+          },
+        },
+      });
+
+      await this.prisma.infraConfig.createMany({
+        data: updatedInfraConfigDefaultObjs,
+      });
+
+      stopApp();
+
+      return E.right(true);
+    } catch (e) {
+      return E.left(INFRA_CONFIG_RESET_FAILED);
+    }
+  }
+
+  /**
+   * Validate the values of the InfraConfigs
+   */
+  validateEnvValues(
+    infraConfigs: {
+      name: InfraConfigEnum;
+      value: string;
+    }[],
+  ) {
+    for (let i = 0; i < infraConfigs.length; i++) {
+      switch (infraConfigs[i].name) {
+        case InfraConfigEnum.MAILER_SMTP_URL:
+          const isValidUrl = validateSMTPUrl(infraConfigs[i].value);
+          if (!isValidUrl) return E.left(INFRA_CONFIG_INVALID_INPUT);
+          break;
+        case InfraConfigEnum.MAILER_ADDRESS_FROM:
+          const isValidEmail = validateSMTPEmail(infraConfigs[i].value);
+          if (!isValidEmail) return E.left(INFRA_CONFIG_INVALID_INPUT);
+          break;
+        case InfraConfigEnum.GOOGLE_CLIENT_ID:
+          if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
+          break;
+        case InfraConfigEnum.GOOGLE_CLIENT_SECRET:
+          if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
+          break;
+        case InfraConfigEnum.GOOGLE_CALLBACK_URL:
+          if (!validateUrl(infraConfigs[i].value))
+            return E.left(INFRA_CONFIG_INVALID_INPUT);
+          break;
+        case InfraConfigEnum.GOOGLE_SCOPE:
+          if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
+          break;
+        case InfraConfigEnum.GITHUB_CLIENT_ID:
+          if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
+          break;
+        case InfraConfigEnum.GITHUB_CLIENT_SECRET:
+          if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
+          break;
+        case InfraConfigEnum.GITHUB_CALLBACK_URL:
+          if (!validateUrl(infraConfigs[i].value))
+            return E.left(INFRA_CONFIG_INVALID_INPUT);
+          break;
+        case InfraConfigEnum.GITHUB_SCOPE:
+          if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
+          break;
+        case InfraConfigEnum.MICROSOFT_CLIENT_ID:
+          if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
+          break;
+        case InfraConfigEnum.MICROSOFT_CLIENT_SECRET:
+          if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
+          break;
+        case InfraConfigEnum.MICROSOFT_CALLBACK_URL:
+          if (!validateUrl(infraConfigs[i].value))
+            return E.left(INFRA_CONFIG_INVALID_INPUT);
+          break;
+        case InfraConfigEnum.MICROSOFT_SCOPE:
+          if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
+          break;
+        case InfraConfigEnum.MICROSOFT_TENANT:
+          if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
+          break;
+        default:
+          break;
+      }
+    }
+
+    return E.right(true);
+  }
+}
--- a/packages/hoppscotch-backend/src/infra-config/input-args.ts
+++ b/packages/hoppscotch-backend/src/infra-config/input-args.ts
@@ -0,0 +1,30 @@
+import { Field, InputType } from '@nestjs/graphql';
+import { InfraConfigEnum } from 'src/types/InfraConfig';
+import { ServiceStatus } from './helper';
+import { AuthProvider } from 'src/auth/helper';
+
+@InputType()
+export class InfraConfigArgs {
+  @Field(() => InfraConfigEnum, {
+    description: 'Infra Config Name',
+  })
+  name: InfraConfigEnum;
+
+  @Field({
+    description: 'Infra Config Value',
+  })
+  value: string;
+}
+
+@InputType()
+export class EnableAndDisableSSOArgs {
+  @Field(() => AuthProvider, {
+    description: 'Auth Provider',
+  })
+  provider: AuthProvider;
+
+  @Field(() => ServiceStatus, {
+    description: 'Auth Provider Status',
+  })
+  status: ServiceStatus;
+}
--- a/packages/hoppscotch-backend/src/interceptors/access-token.interceptor.ts
+++ b/packages/hoppscotch-backend/src/interceptors/access-token.interceptor.ts
@@ -0,0 +1,34 @@
+import {
+  CallHandler,
+  ExecutionContext,
+  Injectable,
+  NestInterceptor,
+  UnauthorizedException,
+} from '@nestjs/common';
+import { Observable, map } from 'rxjs';
+import { AccessTokenService } from 'src/access-token/access-token.service';
+import * as E from 'fp-ts/Either';
+
+@Injectable()
+export class AccessTokenInterceptor implements NestInterceptor {
+  constructor(private readonly accessTokenService: AccessTokenService) {}
+
+  intercept(context: ExecutionContext, handler: CallHandler): Observable<any> {
+    const req = context.switchToHttp().getRequest();
+    const authHeader = req.headers.authorization;
+    const token = authHeader && authHeader.split(' ')[1];
+    if (!token) {
+      throw new UnauthorizedException();
+    }
+
+    return handler.handle().pipe(
+      map(async (data) => {
+        const userAccessToken =
+          await this.accessTokenService.updateLastUsedForPAT(token);
+        if (E.isLeft(userAccessToken)) throw new UnauthorizedException();
+
+        return data;
+      }),
+    );
+  }
+}
--- a/packages/hoppscotch-backend/src/interceptors/user-last-login.interceptor.ts
+++ b/packages/hoppscotch-backend/src/interceptors/user-last-login.interceptor.ts
@@ -0,0 +1,26 @@
+import {
+  Injectable,
+  NestInterceptor,
+  ExecutionContext,
+  CallHandler,
+} from '@nestjs/common';
+import { Observable } from 'rxjs';
+import { tap } from 'rxjs/operators';
+import { AuthUser } from 'src/types/AuthUser';
+import { UserService } from 'src/user/user.service';
+
+@Injectable()
+export class UserLastLoginInterceptor implements NestInterceptor {
+  constructor(private userService: UserService) {}
+
+  intercept(context: ExecutionContext, next: CallHandler): Observable<any> {
+    const user: AuthUser = context.switchToHttp().getRequest().user;
+
+    const now = Date.now();
+    return next.handle().pipe(
+      tap(() => {
+        this.userService.updateUserLastLoggedOn(user.uid);
+      }),
+    );
+  }
+}
--- a/packages/hoppscotch-backend/src/mailer/mailer.module.ts
+++ b/packages/hoppscotch-backend/src/mailer/mailer.module.ts
@@ -1,4 +1,4 @@
-import { Module } from '@nestjs/common';
+import { Global, Module } from '@nestjs/common';
 import { MailerModule as NestMailerModule } from '@nestjs-modules/mailer';
 import { HandlebarsAdapter } from '@nestjs-modules/mailer/dist/adapters/handlebars.adapter';
 import { MailerService } from './mailer.service';
@@ -7,24 +7,42 @@ import {
  MAILER_FROM_ADDRESS_UNDEFINED,
  MAILER_SMTP_URL_UNDEFINED,
 } from 'src/errors';
+import { ConfigService } from '@nestjs/config';
+import { loadInfraConfiguration } from 'src/infra-config/helper';

+@Global()
@Module({
-  imports: [
-    NestMailerModule.forRoot({
-      transport:
-        process.env.MAILER_SMTP_URL ?? throwErr(MAILER_SMTP_URL_UNDEFINED),
-      defaults: {
-        from:
-          process.env.MAILER_ADDRESS_FROM ??
-          throwErr(MAILER_FROM_ADDRESS_UNDEFINED),
-      },
-      template: {
-        dir: __dirname + '/templates',
-        adapter: new HandlebarsAdapter(),
-      },
-    }),
-  ],
+  imports: [],
  providers: [MailerService],
  exports: [MailerService],
 })
-export class MailerModule {}
+export class MailerModule {
+  static async register() {
+    const env = await loadInfraConfiguration();
+
+    let mailerSmtpUrl = env.INFRA.MAILER_SMTP_URL;
+    let mailerAddressFrom = env.INFRA.MAILER_ADDRESS_FROM;
+
+    if (!env.INFRA.MAILER_SMTP_URL || !env.INFRA.MAILER_ADDRESS_FROM) {
+      const config = new ConfigService();
+      mailerSmtpUrl = config.get('MAILER_SMTP_URL');
+      mailerAddressFrom = config.get('MAILER_ADDRESS_FROM');
+    }
+
+    return {
+      module: MailerModule,
+      imports: [
+        NestMailerModule.forRoot({
+          transport: mailerSmtpUrl ?? throwErr(MAILER_SMTP_URL_UNDEFINED),
+          defaults: {
+            from: mailerAddressFrom ?? throwErr(MAILER_FROM_ADDRESS_UNDEFINED),
+          },
+          template: {
+            dir: __dirname + '/templates',
+            adapter: new HandlebarsAdapter(),
+          },
+        }),
+      ],
+    };
+  }
+}
--- a/packages/hoppscotch-backend/src/mailer/mailer.service.ts
+++ b/packages/hoppscotch-backend/src/mailer/mailer.service.ts
@@ -25,7 +25,7 @@ export class MailerService {
  ): string {
    switch (mailDesc.template) {
      case 'team-invitation':
-        return `${mailDesc.variables.invitee} invited you to join ${mailDesc.variables.invite_team_name} in Hoppscotch`;
+        return `A user has invited you to join a team workspace in Hoppscotch`;

      case 'user-invitation':
        return 'Sign in to Hoppscotch';
--- a/packages/hoppscotch-backend/src/mailer/templates/team-invitation.hbs
+++ b/packages/hoppscotch-backend/src/mailer/templates/team-invitation.hbs
@@ -27,6 +27,12 @@
      color: #3869D4;
    }

+    a.nohighlight {
+      color: inherit !important;
+      text-decoration: none !important;
+      cursor: default !important;
+    }
+
    a img {
      border: none;
    }
@@ -458,7 +464,7 @@
                    <td class="content-cell">
                      <div class="f-fallback">
 <h1>Hi there,</h1>
-<p>{{invitee}} with {{invite_team_name}} has invited you to use Hoppscotch to collaborate with them. Click the button below to set up your account and get started:</p>
+<p><a class="nohighlight" name="invitee" href="#">{{invitee}}</a> with <a class="nohighlight" name="invite_team_name" href="#">{{invite_team_name}}</a> has invited you to use Hoppscotch to collaborate with them. Click the button below to set up your account and get started:</p>
 <!-- Action -->
 <table class="body-action" align="center" width="100%" cellpadding="0" cellspacing="0">
  <tr>
@@ -484,7 +490,7 @@
  Welcome aboard, <br />
  Your friends at Hoppscotch
 </p>
-<p><strong>P.S.</strong> If you don't associate with {{invitee}} or {{invite_team_name}}, just ignore this email.</p>
+<p><strong>P.S.</strong> If you don't associate with <a class="nohighlight" name="invitee" href="#">{{invitee}}</a> or <a class="nohighlight" name="invite_team_name" href="#">{{invite_team_name}}</a>, just ignore this email.</p>
 <!-- Sub copy -->
 <table class="body-sub">
  <tr>
--- a/packages/hoppscotch-backend/src/mailer/templates/user-invitation.hbs
+++ b/packages/hoppscotch-backend/src/mailer/templates/user-invitation.hbs
@@ -14,7 +14,7 @@
  -->
    <style type="text/css" rel="stylesheet" media="all">
    /* Base ------------------------------ */
-    
+
    @import url("https://fonts.googleapis.com/css?family=Nunito+Sans:400,700&display=swap");
    body {
      width: 100% !important;
@@ -22,19 +22,25 @@
      margin: 0;
      -webkit-text-size-adjust: none;
    }
-    
+
    a {
      color: #3869D4;
    }
-    
+
+    a.nohighlight {
+      color: inherit !important;
+      text-decoration: none !important;
+      cursor: default !important;
+    }
+
    a img {
      border: none;
    }
-    
+
    td {
      word-break: break-word;
    }
-    
+
    .preheader {
      display: none !important;
      visibility: hidden;
@@ -47,13 +53,13 @@
      overflow: hidden;
    }
    /* Type ------------------------------ */
-    
+
    body,
    td,
    th {
      font-family: "Nunito Sans", Helvetica, Arial, sans-serif;
    }
-    
+
    h1 {
      margin-top: 0;
      color: #333333;
@@ -61,7 +67,7 @@
      font-weight: bold;
      text-align: left;
    }
-    
+
    h2 {
      margin-top: 0;
      color: #333333;
@@ -69,7 +75,7 @@
      font-weight: bold;
      text-align: left;
    }
-    
+
    h3 {
      margin-top: 0;
      color: #333333;
@@ -77,12 +83,12 @@
      font-weight: bold;
      text-align: left;
    }
-    
+
    td,
    th {
      font-size: 16px;
    }
-    
+
    p,
    ul,
    ol,
@@ -91,25 +97,25 @@
      font-size: 16px;
      line-height: 1.625;
    }
-    
+
    p.sub {
      font-size: 13px;
    }
    /* Utilities ------------------------------ */
-    
+
    .align-right {
      text-align: right;
    }
-    
+
    .align-left {
      text-align: left;
    }
-    
+
    .align-center {
      text-align: center;
    }
    /* Buttons ------------------------------ */
-    
+
    .button {
      background-color: #3869D4;
      border-top: 10px solid #3869D4;
@@ -124,7 +130,7 @@
      -webkit-text-size-adjust: none;
      box-sizing: border-box;
    }
-    
+
    .button--green {
      background-color: #22BC66;
      border-top: 10px solid #22BC66;
@@ -132,7 +138,7 @@
      border-bottom: 10px solid #22BC66;
      border-left: 18px solid #22BC66;
    }
-    
+
    .button--red {
      background-color: #FF6136;
      border-top: 10px solid #FF6136;
@@ -140,7 +146,7 @@
      border-bottom: 10px solid #FF6136;
      border-left: 18px solid #FF6136;
    }
-    
+
    @media only screen and (max-width: 500px) {
      .button {
        width: 100% !important;
@@ -148,21 +154,21 @@
      }
    }
    /* Attribute list ------------------------------ */
-    
+
    .attributes {
      margin: 0 0 21px;
    }
-    
+
    .attributes_content {
      background-color: #F4F4F7;
      padding: 16px;
    }
-    
+
    .attributes_item {
      padding: 0;
    }
    /* Related Items ------------------------------ */
-    
+
    .related {
      width: 100%;
      margin: 0;
@@ -171,31 +177,31 @@
      -premailer-cellpadding: 0;
      -premailer-cellspacing: 0;
    }
-    
+
    .related_item {
      padding: 10px 0;
      color: #CBCCCF;
      font-size: 15px;
      line-height: 18px;
    }
-    
+
    .related_item-title {
      display: block;
      margin: .5em 0 0;
    }
-    
+
    .related_item-thumb {
      display: block;
      padding-bottom: 10px;
    }
-    
+
    .related_heading {
      border-top: 1px solid #CBCCCF;
      text-align: center;
      padding: 25px 0 10px;
    }
    /* Discount Code ------------------------------ */
-    
+
    .discount {
      width: 100%;
      margin: 0;
@@ -206,33 +212,33 @@
      background-color: #F4F4F7;
      border: 2px dashed #CBCCCF;
    }
-    
+
    .discount_heading {
      text-align: center;
    }
-    
+
    .discount_body {
      text-align: center;
      font-size: 15px;
    }
    /* Social Icons ------------------------------ */
-    
+
    .social {
      width: auto;
    }
-    
+
    .social td {
      padding: 0;
      width: auto;
    }
-    
+
    .social_icon {
      height: 20px;
      margin: 0 8px 10px 8px;
      padding: 0;
    }
    /* Data table ------------------------------ */
-    
+
    .purchase {
      width: 100%;
      margin: 0;
@@ -241,7 +247,7 @@
      -premailer-cellpadding: 0;
      -premailer-cellspacing: 0;
    }
-    
+
    .purchase_content {
      width: 100%;
      margin: 0;
@@ -250,50 +256,50 @@
      -premailer-cellpadding: 0;
      -premailer-cellspacing: 0;
    }
-    
+
    .purchase_item {
      padding: 10px 0;
      color: #51545E;
      font-size: 15px;
      line-height: 18px;
    }
-    
+
    .purchase_heading {
      padding-bottom: 8px;
      border-bottom: 1px solid #EAEAEC;
    }
-    
+
    .purchase_heading p {
      margin: 0;
      color: #85878E;
      font-size: 12px;
    }
-    
+
    .purchase_footer {
      padding-top: 15px;
      border-top: 1px solid #EAEAEC;
    }
-    
+
    .purchase_total {
      margin: 0;
      text-align: right;
      font-weight: bold;
      color: #333333;
    }
-    
+
    .purchase_total--label {
      padding: 0 15px 0 0;
    }
-    
+
    body {
      background-color: #F2F4F6;
      color: #51545E;
    }
-    
+
    p {
      color: #51545E;
    }
-    
+
    .email-wrapper {
      width: 100%;
      margin: 0;
@@ -303,7 +309,7 @@
      -premailer-cellspacing: 0;
      background-color: #F2F4F6;
    }
-    
+
    .email-content {
      width: 100%;
      margin: 0;
@@ -313,16 +319,16 @@
      -premailer-cellspacing: 0;
    }
    /* Masthead ----------------------- */
-    
+
    .email-masthead {
      padding: 25px 0;
      text-align: center;
    }
-    
+
    .email-masthead_logo {
      width: 94px;
    }
-    
+
    .email-masthead_name {
      font-size: 16px;
      font-weight: bold;
@@ -331,7 +337,7 @@
      text-shadow: 0 1px 0 white;
    }
    /* Body ------------------------------ */
-    
+
    .email-body {
      width: 100%;
      margin: 0;
@@ -340,7 +346,7 @@
      -premailer-cellpadding: 0;
      -premailer-cellspacing: 0;
    }
-    
+
    .email-body_inner {
      width: 570px;
      margin: 0 auto;
@@ -350,7 +356,7 @@
      -premailer-cellspacing: 0;
      background-color: #FFFFFF;
    }
-    
+
    .email-footer {
      width: 570px;
      margin: 0 auto;
@@ -360,11 +366,11 @@
      -premailer-cellspacing: 0;
      text-align: center;
    }
-    
+
    .email-footer p {
      color: #A8AAAF;
    }
-    
+
    .body-action {
      width: 100%;
      margin: 30px auto;
@@ -374,25 +380,25 @@
      -premailer-cellspacing: 0;
      text-align: center;
    }
-    
+
    .body-sub {
      margin-top: 25px;
      padding-top: 25px;
      border-top: 1px solid #EAEAEC;
    }
-    
+
    .content-cell {
      padding: 45px;
    }
    /*Media Queries ------------------------------ */
-    
+
    @media only screen and (max-width: 600px) {
      .email-body_inner,
      .email-footer {
        width: 100% !important;
      }
    }
-    
+
    @media (prefers-color-scheme: dark) {
      body,
      .email-body,
--- a/packages/hoppscotch-backend/src/main.ts
+++ b/packages/hoppscotch-backend/src/main.ts
@@ -6,18 +6,24 @@ import { VersioningType } from '@nestjs/common';
 import * as session from 'express-session';
 import { emitGQLSchemaFile } from './gql-schema';
 import { checkEnvironmentAuthProvider } from './utils';
+import { ConfigService } from '@nestjs/config';

 async function bootstrap() {
-  console.log(`Running in production: ${process.env.PRODUCTION}`);
-  console.log(`Port: ${process.env.PORT}`);
-
-  checkEnvironmentAuthProvider();
-
  const app = await NestFactory.create(AppModule);

+  const configService = app.get(ConfigService);
+
+  console.log(`Running in production:  ${configService.get('PRODUCTION')}`);
+  console.log(`Port: ${configService.get('PORT')}`);
+
+  checkEnvironmentAuthProvider(
+    configService.get('INFRA.VITE_ALLOWED_AUTH_PROVIDERS') ??
+      configService.get('VITE_ALLOWED_AUTH_PROVIDERS'),
+  );
+
  app.use(
    session({
-      secret: process.env.SESSION_SECRET,
+      secret: configService.get('SESSION_SECRET'),
    }),
  );

@@ -28,18 +34,18 @@ async function bootstrap() {
    }),
  );

-  if (process.env.PRODUCTION === 'false') {
+  if (configService.get('PRODUCTION') === 'false') {
    console.log('Enabling CORS with development settings');

    app.enableCors({
-      origin: process.env.WHITELISTED_ORIGINS.split(','),
+      origin: configService.get('WHITELISTED_ORIGINS').split(','),
      credentials: true,
    });
  } else {
    console.log('Enabling CORS with production settings');

    app.enableCors({
-      origin: process.env.WHITELISTED_ORIGINS.split(','),
+      origin: configService.get('WHITELISTED_ORIGINS').split(','),
      credentials: true,
    });
  }
@@ -47,7 +53,13 @@ async function bootstrap() {
    type: VersioningType.URI,
  });
  app.use(cookieParser());
-  await app.listen(process.env.PORT || 3170);
+  await app.listen(configService.get('PORT') || 3170);
+
+  // Graceful shutdown
+  process.on('SIGTERM', async () => {
+    console.info('SIGTERM signal received');
+    await app.close();
+  });
 }

 if (!process.env.GENERATE_GQL_SCHEMA) {
--- a/packages/hoppscotch-backend/src/posthog/posthog.module.ts
+++ b/packages/hoppscotch-backend/src/posthog/posthog.module.ts
@@ -0,0 +1,9 @@
+import { Module } from '@nestjs/common';
+import { PosthogService } from './posthog.service';
+import { PrismaModule } from 'src/prisma/prisma.module';
+
+@Module({
+  imports: [PrismaModule],
+  providers: [PosthogService],
+})
+export class PosthogModule {}
--- a/packages/hoppscotch-backend/src/posthog/posthog.service.ts
+++ b/packages/hoppscotch-backend/src/posthog/posthog.service.ts
@@ -0,0 +1,58 @@
+import { Injectable } from '@nestjs/common';
+import { PostHog } from 'posthog-node';
+import { Cron, CronExpression, SchedulerRegistry } from '@nestjs/schedule';
+import { ConfigService } from '@nestjs/config';
+import { PrismaService } from 'src/prisma/prisma.service';
+import { CronJob } from 'cron';
+import { POSTHOG_CLIENT_NOT_INITIALIZED } from 'src/errors';
+import { throwErr } from 'src/utils';
+@Injectable()
+export class PosthogService {
+  private postHogClient: PostHog;
+  private POSTHOG_API_KEY = 'phc_9CipPajQC22mSkk2wxe2TXsUA0Ysyupe8dt5KQQELqx';
+
+  constructor(
+    private readonly configService: ConfigService,
+    private readonly prismaService: PrismaService,
+    private schedulerRegistry: SchedulerRegistry,
+  ) {}
+
+  async onModuleInit() {
+    if (this.configService.get('INFRA.ALLOW_ANALYTICS_COLLECTION') === 'true') {
+      console.log('Initializing PostHog');
+      this.postHogClient = new PostHog(this.POSTHOG_API_KEY, {
+        host: 'https://eu.posthog.com',
+      });
+
+      // Schedule the cron job only if analytics collection is allowed
+      this.scheduleCronJob();
+    }
+  }
+
+  private scheduleCronJob() {
+    const job = new CronJob(CronExpression.EVERY_WEEK, async () => {
+      await this.capture();
+    });
+
+    this.schedulerRegistry.addCronJob('captureAnalytics', job);
+    job.start();
+  }
+
+  async capture() {
+    if (!this.postHogClient) {
+      throwErr(POSTHOG_CLIENT_NOT_INITIALIZED);
+    }
+
+    this.postHogClient.capture({
+      distinctId: this.configService.get('INFRA.ANALYTICS_USER_ID'),
+      event: 'sh_instance',
+      properties: {
+        type: 'COMMUNITY',
+        total_user_count: await this.prismaService.user.count(),
+        total_workspace_count: await this.prismaService.team.count(),
+        version: this.configService.get('npm_package_version'),
+      },
+    });
+    console.log('Sent event to PostHog');
+  }
+}
--- a/packages/hoppscotch-backend/src/shortcode/shortcode.service.spec.ts
+++ b/packages/hoppscotch-backend/src/shortcode/shortcode.service.spec.ts
@@ -48,6 +48,7 @@ const user: AuthUser = {
  photoURL: 'https://en.wikipedia.org/wiki/Dwight_Schrute',
  isAdmin: false,
  refreshToken: 'hbfvdkhjbvkdvdfjvbnkhjb',
+  lastLoggedOn: createdOn,
  createdOn: createdOn,
  currentGQLSession: {},
  currentRESTSession: {},
@@ -504,20 +505,24 @@ describe('ShortcodeService', () => {
      );
      expect(result).toEqual(<ShortcodeWithUserEmail[]>[
        {
-          id: shortcodes[0].id,
-          request: JSON.stringify(shortcodes[0].request),
-          properties: JSON.stringify(shortcodes[0].embedProperties),
-          createdOn: shortcodes[0].createdOn,
+          id: shortcodesWithUserEmail[0].id,
+          request: JSON.stringify(shortcodesWithUserEmail[0].request),
+          properties: JSON.stringify(
+            shortcodesWithUserEmail[0].embedProperties,
+          ),
+          createdOn: shortcodesWithUserEmail[0].createdOn,
          creator: {
            uid: user.uid,
            email: user.email,
          },
        },
        {
-          id: shortcodes[1].id,
-          request: JSON.stringify(shortcodes[1].request),
-          properties: JSON.stringify(shortcodes[1].embedProperties),
-          createdOn: shortcodes[1].createdOn,
+          id: shortcodesWithUserEmail[1].id,
+          request: JSON.stringify(shortcodesWithUserEmail[1].request),
+          properties: JSON.stringify(
+            shortcodesWithUserEmail[1].embedProperties,
+          ),
+          createdOn: shortcodesWithUserEmail[1].createdOn,
          creator: {
            uid: user.uid,
            email: user.email,
--- a/packages/hoppscotch-backend/src/team-collection/helper.ts
+++ b/packages/hoppscotch-backend/src/team-collection/helper.ts
@@ -0,0 +1,25 @@
+import { TeamRequest } from '@prisma/client';
+
+// Type of data returned from the query to obtain all search results
+export type SearchQueryReturnType = {
+  id: string;
+  title: string;
+  type: 'collection' | 'request';
+  method?: string;
+};
+
+// Type of data returned from the query to obtain all parents
+export type ParentTreeQueryReturnType = {
+  id: string;
+  parentID: string;
+  title: string;
+};
+// Type of data returned from the query to fetch collection details from CLI
+export type GetCollectionResponse = {
+  id: string;
+  data: string | null;
+  title: string;
+  parentID: string | null;
+  folders: GetCollectionResponse[];
+  requests: TeamRequest[];
+};
--- a/packages/hoppscotch-backend/src/team-collection/team-collection.controller.ts
+++ b/packages/hoppscotch-backend/src/team-collection/team-collection.controller.ts
@@ -0,0 +1,54 @@
+import {
+  Controller,
+  Get,
+  HttpStatus,
+  Param,
+  Query,
+  UseGuards,
+} from '@nestjs/common';
+import { TeamCollectionService } from './team-collection.service';
+import * as E from 'fp-ts/Either';
+import { ThrottlerBehindProxyGuard } from 'src/guards/throttler-behind-proxy.guard';
+import { JwtAuthGuard } from 'src/auth/guards/jwt-auth.guard';
+import { RequiresTeamRole } from 'src/team/decorators/requires-team-role.decorator';
+import { TeamMemberRole } from '@prisma/client';
+import { RESTTeamMemberGuard } from 'src/team/guards/rest-team-member.guard';
+import { throwHTTPErr } from 'src/utils';
+import { RESTError } from 'src/types/RESTError';
+import { INVALID_PARAMS } from 'src/errors';
+
+@UseGuards(ThrottlerBehindProxyGuard)
+@Controller({ path: 'team-collection', version: '1' })
+export class TeamCollectionController {
+  constructor(private readonly teamCollectionService: TeamCollectionService) {}
+
+  @Get('search/:teamID')
+  @RequiresTeamRole(
+    TeamMemberRole.VIEWER,
+    TeamMemberRole.EDITOR,
+    TeamMemberRole.OWNER,
+  )
+  @UseGuards(JwtAuthGuard, RESTTeamMemberGuard)
+  async searchByTitle(
+    @Query('searchQuery') searchQuery: string,
+    @Param('teamID') teamID: string,
+    @Query('take') take: string,
+    @Query('skip') skip: string,
+  ) {
+    if (!teamID || !searchQuery) {
+      return <RESTError>{
+        message: INVALID_PARAMS,
+        statusCode: HttpStatus.BAD_REQUEST,
+      };
+    }
+
+    const res = await this.teamCollectionService.searchByTitle(
+      searchQuery.trim(),
+      teamID,
+      parseInt(take),
+      parseInt(skip),
+    );
+    if (E.isLeft(res)) throwHTTPErr(res.left);
+    return res.right;
+  }
+}
--- a/packages/hoppscotch-backend/src/team-collection/team-collection.module.ts
+++ b/packages/hoppscotch-backend/src/team-collection/team-collection.module.ts
@@ -6,6 +6,7 @@ import { GqlCollectionTeamMemberGuard } from './guards/gql-collection-team-membe
 import { TeamModule } from '../team/team.module';
 import { UserModule } from '../user/user.module';
 import { PubSubModule } from '../pubsub/pubsub.module';
+import { TeamCollectionController } from './team-collection.controller';

@Module({
  imports: [PrismaModule, TeamModule, UserModule, PubSubModule],
@@ -15,5 +16,6 @@ import { PubSubModule } from '../pubsub/pubsub.module';
    GqlCollectionTeamMemberGuard,
  ],
  exports: [TeamCollectionService, GqlCollectionTeamMemberGuard],
+  controllers: [TeamCollectionController],
 })
 export class TeamCollectionModule {}
--- a/packages/hoppscotch-backend/src/team-collection/team-collection.service.spec.ts
+++ b/packages/hoppscotch-backend/src/team-collection/team-collection.service.spec.ts
@@ -12,6 +12,7 @@ import {
  TEAM_COL_REORDERING_FAILED,
  TEAM_COL_SAME_NEXT_COLL,
  TEAM_INVALID_COLL_ID,
+  TEAM_MEMBER_NOT_FOUND,
  TEAM_NOT_OWNER,
 } from 'src/errors';
 import { PrismaService } from 'src/prisma/prisma.service';
@@ -19,15 +20,18 @@ import { PubSubService } from 'src/pubsub/pubsub.service';
 import { AuthUser } from 'src/types/AuthUser';
 import { TeamCollectionService } from './team-collection.service';
 import { TeamCollection } from './team-collection.model';
+import { TeamService } from 'src/team/team.service';

 const mockPrisma = mockDeep<PrismaService>();
 const mockPubSub = mockDeep<PubSubService>();
+const mockTeamService = mockDeep<TeamService>();

 // eslint-disable-next-line @typescript-eslint/ban-ts-comment
 // @ts-ignore
 const teamCollectionService = new TeamCollectionService(
  mockPrisma,
  mockPubSub as any,
+  mockTeamService,
 );

 const currentTime = new Date();
@@ -39,6 +43,7 @@ const user: AuthUser = {
  photoURL: 'https://en.wikipedia.org/wiki/Dwight_Schrute',
  isAdmin: false,
  refreshToken: 'hbfvdkhjbvkdvdfjvbnkhjb',
+  lastLoggedOn: currentTime,
  createdOn: currentTime,
  currentGQLSession: {},
  currentRESTSession: {},
@@ -1738,3 +1743,63 @@ describe('updateTeamCollection', () => {
 });

 //ToDo: write test cases for exportCollectionsToJSON
+
+describe('getCollectionForCLI', () => {
+  test('should throw TEAM_COLL_NOT_FOUND if collectionID is invalid', async () => {
+    mockPrisma.teamCollection.findUniqueOrThrow.mockRejectedValueOnce(
+      'NotFoundError',
+    );
+
+    const result = await teamCollectionService.getCollectionForCLI(
+      'invalidID',
+      user.uid,
+    );
+    expect(result).toEqualLeft(TEAM_COLL_NOT_FOUND);
+  });
+
+  test('should throw TEAM_MEMBER_NOT_FOUND if user not in same team', async () => {
+    mockPrisma.teamCollection.findUniqueOrThrow.mockResolvedValueOnce(
+      rootTeamCollection,
+    );
+    mockTeamService.getTeamMember.mockResolvedValue(null);
+
+    const result = await teamCollectionService.getCollectionForCLI(
+      rootTeamCollection.id,
+      user.uid,
+    );
+    expect(result).toEqualLeft(TEAM_MEMBER_NOT_FOUND);
+  });
+
+  // test('should return the TeamCollection data for CLI', async () => {
+  //   mockPrisma.teamCollection.findUniqueOrThrow.mockResolvedValueOnce(
+  //     rootTeamCollection,
+  //   );
+  //   mockTeamService.getTeamMember.mockResolvedValue({
+  //     membershipID: 'sdc3sfdv',
+  //     userUid: user.uid,
+  //     role: TeamMemberRole.OWNER,
+  //   });
+
+  //   const result = await teamCollectionService.getCollectionForCLI(
+  //     rootTeamCollection.id,
+  //     user.uid,
+  //   );
+  //   expect(result).toEqualRight({
+  //     id: rootTeamCollection.id,
+  //     data: JSON.stringify(rootTeamCollection.data),
+  //     title: rootTeamCollection.title,
+  //     parentID: rootTeamCollection.parentID,
+  //     folders: [
+  //       {
+  //         id: childTeamCollection.id,
+  //         data: JSON.stringify(childTeamCollection.data),
+  //         title: childTeamCollection.title,
+  //         parentID: childTeamCollection.parentID,
+  //         folders: [],
+  //         requests: [],
+  //       },
+  //     ],
+  //     requests: [],
+  //   });
+  // });
+});
--- a/packages/hoppscotch-backend/src/team-collection/team-collection.service.ts
+++ b/packages/hoppscotch-backend/src/team-collection/team-collection.service.ts
@@ -1,4 +1,4 @@
-import { Injectable } from '@nestjs/common';
+import { HttpStatus, Injectable } from '@nestjs/common';
 import { PrismaService } from '../prisma/prisma.service';
 import { TeamCollection } from './team-collection.model';
 import {
@@ -14,20 +14,38 @@ import {
  TEAM_COL_SAME_NEXT_COLL,
  TEAM_COL_REORDERING_FAILED,
  TEAM_COLL_DATA_INVALID,
+  TEAM_REQ_SEARCH_FAILED,
+  TEAM_COL_SEARCH_FAILED,
+  TEAM_REQ_PARENT_TREE_GEN_FAILED,
+  TEAM_COLL_PARENT_TREE_GEN_FAILED,
+  TEAM_MEMBER_NOT_FOUND,
 } from '../errors';
 import { PubSubService } from '../pubsub/pubsub.service';
-import { isValidLength } from 'src/utils';
+import { escapeSqlLikeString, isValidLength } from 'src/utils';
 import * as E from 'fp-ts/Either';
 import * as O from 'fp-ts/Option';
-import { Prisma, TeamCollection as DBTeamCollection } from '@prisma/client';
+import {
+  Prisma,
+  TeamCollection as DBTeamCollection,
+  TeamRequest,
+} from '@prisma/client';
 import { CollectionFolder } from 'src/types/CollectionFolder';
 import { stringToJson } from 'src/utils';
+import { CollectionSearchNode } from 'src/types/CollectionSearchNode';
+import {
+  GetCollectionResponse,
+  ParentTreeQueryReturnType,
+  SearchQueryReturnType,
+} from './helper';
+import { RESTError } from 'src/types/RESTError';
+import { TeamService } from 'src/team/team.service';

@Injectable()
 export class TeamCollectionService {
  constructor(
    private readonly prisma: PrismaService,
    private readonly pubsub: PubSubService,
+    private readonly teamService: TeamService,
  ) {}

  TITLE_LENGTH = 3;
@@ -1056,4 +1074,376 @@ export class TeamCollectionService {
      return E.left(TEAM_COLL_NOT_FOUND);
    }
  }
+
+  /**
+   * Search for TeamCollections and TeamRequests by title
+   *
+   * @param searchQuery The search query
+   * @param teamID The Team ID
+   * @param take Number of items we want returned
+   * @param skip Number of items we want to skip
+   * @returns An Either of the search results
+   */
+  async searchByTitle(
+    searchQuery: string,
+    teamID: string,
+    take = 10,
+    skip = 0,
+  ) {
+    // Fetch all collections and requests that match the search query
+    const searchResults: SearchQueryReturnType[] = [];
+
+    const matchedCollections = await this.searchCollections(
+      searchQuery,
+      teamID,
+      take,
+      skip,
+    );
+    if (E.isLeft(matchedCollections))
+      return E.left(<RESTError>{
+        message: matchedCollections.left,
+        statusCode: HttpStatus.NOT_FOUND,
+      });
+    searchResults.push(...matchedCollections.right);
+
+    const matchedRequests = await this.searchRequests(
+      searchQuery,
+      teamID,
+      take,
+      skip,
+    );
+    if (E.isLeft(matchedRequests))
+      return E.left(<RESTError>{
+        message: matchedRequests.left,
+        statusCode: HttpStatus.NOT_FOUND,
+      });
+    searchResults.push(...matchedRequests.right);
+
+    // Generate the parent tree for searchResults
+    const searchResultsWithTree: CollectionSearchNode[] = [];
+
+    for (let i = 0; i < searchResults.length; i++) {
+      const fetchedParentTree = await this.fetchParentTree(searchResults[i]);
+      if (E.isLeft(fetchedParentTree))
+        return E.left(<RESTError>{
+          message: fetchedParentTree.left,
+          statusCode: HttpStatus.NOT_FOUND,
+        });
+      searchResultsWithTree.push({
+        type: searchResults[i].type,
+        title: searchResults[i].title,
+        method: searchResults[i].method,
+        id: searchResults[i].id,
+        path: !fetchedParentTree
+          ? []
+          : (fetchedParentTree.right as CollectionSearchNode[]),
+      });
+    }
+
+    return E.right({ data: searchResultsWithTree });
+  }
+
+  /**
+   * Search for TeamCollections by title
+   *
+   * @param searchQuery The search query
+   * @param teamID The Team ID
+   * @param take Number of items we want returned
+   * @param skip Number of items we want to skip
+   * @returns An Either of the search results
+   */
+  private async searchCollections(
+    searchQuery: string,
+    teamID: string,
+    take: number,
+    skip: number,
+  ) {
+    const query = Prisma.sql`
+    SELECT
+      id,title,'collection' AS type
+    FROM
+      "TeamCollection"
+    WHERE
+      "TeamCollection"."teamID"=${teamID}
+      AND
+        title ILIKE ${`%${escapeSqlLikeString(searchQuery)}%`}
+    ORDER BY
+      similarity(title, ${searchQuery})
+    LIMIT ${take}
+    OFFSET ${skip === 0 ? 0 : (skip - 1) * take};
+  `;
+
+    try {
+      const res = await this.prisma.$queryRaw<SearchQueryReturnType[]>(query);
+      return E.right(res);
+    } catch (error) {
+      return E.left(TEAM_COL_SEARCH_FAILED);
+    }
+  }
+
+  /**
+   * Search for TeamRequests by title
+   *
+   * @param searchQuery The search query
+   * @param teamID The Team ID
+   * @param take Number of items we want returned
+   * @param skip Number of items we want to skip
+   * @returns An Either of the search results
+   */
+  private async searchRequests(
+    searchQuery: string,
+    teamID: string,
+    take: number,
+    skip: number,
+  ) {
+    const query = Prisma.sql`
+    SELECT
+      id,title,request->>'method' as method,'request' AS type
+    FROM
+      "TeamRequest"
+    WHERE
+      "TeamRequest"."teamID"=${teamID}
+      AND
+        title ILIKE ${`%${escapeSqlLikeString(searchQuery)}%`}
+    ORDER BY
+      similarity(title, ${searchQuery})
+    LIMIT ${take}
+    OFFSET ${skip === 0 ? 0 : (skip - 1) * take};
+  `;
+
+    try {
+      const res = await this.prisma.$queryRaw<SearchQueryReturnType[]>(query);
+      return E.right(res);
+    } catch (error) {
+      return E.left(TEAM_REQ_SEARCH_FAILED);
+    }
+  }
+
+  /**
+   * Generate the parent tree of a search result
+   *
+   * @param searchResult The search result for which we want to generate the parent tree
+   * @returns The parent tree of the search result
+   */
+  private async fetchParentTree(searchResult: SearchQueryReturnType) {
+    return searchResult.type === 'collection'
+      ? await this.fetchCollectionParentTree(searchResult.id)
+      : await this.fetchRequestParentTree(searchResult.id);
+  }
+
+  /**
+   * Generate the parent tree of a collection
+   *
+   * @param id The ID of the collection
+   * @returns The parent tree of the collection
+   */
+  private async fetchCollectionParentTree(id: string) {
+    try {
+      const query = Prisma.sql`
+      WITH RECURSIVE collection_tree AS (
+        SELECT tc.id, tc."parentID", tc.title
+        FROM "TeamCollection" AS tc
+        JOIN "TeamCollection" AS tr ON tc.id = tr."parentID"
+        WHERE tr.id = ${id}
+
+        UNION ALL
+
+        SELECT parent.id,  parent."parentID", parent.title
+        FROM "TeamCollection" AS parent
+        JOIN collection_tree AS ct ON parent.id = ct."parentID"
+      )
+      SELECT * FROM collection_tree;
+      `;
+      const res = await this.prisma.$queryRaw<ParentTreeQueryReturnType[]>(
+        query,
+      );
+
+      const collectionParentTree = this.generateParentTree(res);
+      return E.right(collectionParentTree);
+    } catch (error) {
+      E.left(TEAM_COLL_PARENT_TREE_GEN_FAILED);
+    }
+  }
+
+  /**
+   * Generate the parent tree from the collections
+   *
+   * @param parentCollections The parent collections
+   * @returns The parent tree of the parent collections
+   */
+  private generateParentTree(parentCollections: ParentTreeQueryReturnType[]) {
+    function findChildren(id: string): CollectionSearchNode[] {
+      const collection = parentCollections.filter((item) => item.id === id)[0];
+      if (collection.parentID == null) {
+        return <CollectionSearchNode[]>[
+          {
+            id: collection.id,
+            title: collection.title,
+            type: 'collection' as const,
+            path: [],
+          },
+        ];
+      }
+
+      const res = <CollectionSearchNode[]>[
+        {
+          id: collection.id,
+          title: collection.title,
+          type: 'collection' as const,
+          path: findChildren(collection.parentID),
+        },
+      ];
+      return res;
+    }
+
+    if (parentCollections.length > 0) {
+      if (parentCollections[0].parentID == null) {
+        return <CollectionSearchNode[]>[
+          {
+            id: parentCollections[0].id,
+            title: parentCollections[0].title,
+            type: 'collection',
+            path: [],
+          },
+        ];
+      }
+
+      return <CollectionSearchNode[]>[
+        {
+          id: parentCollections[0].id,
+          title: parentCollections[0].title,
+          type: 'collection',
+          path: findChildren(parentCollections[0].parentID),
+        },
+      ];
+    }
+
+    return <CollectionSearchNode[]>[];
+  }
+
+  /**
+   * Generate the parent tree of a request
+   *
+   * @param id The ID of the request
+   * @returns The parent tree of the request
+   */
+  private async fetchRequestParentTree(id: string) {
+    try {
+      const query = Prisma.sql`
+      WITH RECURSIVE request_collection_tree AS (
+        SELECT tc.id, tc."parentID", tc.title
+        FROM "TeamCollection" AS tc
+        JOIN "TeamRequest" AS tr ON tc.id = tr."collectionID"
+        WHERE tr.id = ${id}
+
+        UNION ALL
+
+        SELECT parent.id, parent."parentID", parent.title
+        FROM "TeamCollection" AS parent
+        JOIN request_collection_tree AS ct ON parent.id = ct."parentID"
+      )
+      SELECT * FROM request_collection_tree;
+
+      `;
+      const res = await this.prisma.$queryRaw<ParentTreeQueryReturnType[]>(
+        query,
+      );
+
+      const requestParentTree = this.generateParentTree(res);
+      return E.right(requestParentTree);
+    } catch (error) {
+      return E.left(TEAM_REQ_PARENT_TREE_GEN_FAILED);
+    }
+  }
+
+  /**
+   * Get all requests in a collection
+   *
+   * @param collectionID The Collection ID
+   * @returns A list of all requests in the collection
+   */
+  private async getAllRequestsInCollection(collectionID: string) {
+    const dbTeamRequests = await this.prisma.teamRequest.findMany({
+      where: {
+        collectionID: collectionID,
+      },
+      orderBy: {
+        orderIndex: 'asc',
+      },
+    });
+
+    const teamRequests = dbTeamRequests.map((tr) => {
+      return <TeamRequest>{
+        id: tr.id,
+        collectionID: tr.collectionID,
+        teamID: tr.teamID,
+        title: tr.title,
+        request: JSON.stringify(tr.request),
+      };
+    });
+
+    return teamRequests;
+  }
+
+  /**
+   * Get Collection Tree for CLI
+   *
+   * @param parentID The parent Collection ID
+   * @returns Collection tree for CLI
+   */
+  private async getCollectionTreeForCLI(parentID: string | null) {
+    const childCollections = await this.prisma.teamCollection.findMany({
+      where: { parentID },
+      orderBy: { orderIndex: 'asc' },
+    });
+
+    const response: GetCollectionResponse[] = [];
+
+    for (const collection of childCollections) {
+      const folder: GetCollectionResponse = {
+        id: collection.id,
+        data: collection.data === null ? null : JSON.stringify(collection.data),
+        title: collection.title,
+        parentID: collection.parentID,
+        folders: await this.getCollectionTreeForCLI(collection.id),
+        requests: await this.getAllRequestsInCollection(collection.id),
+      };
+
+      response.push(folder);
+    }
+
+    return response;
+  }
+
+  /**
+   * Get Collection for CLI
+   *
+   * @param collectionID The Collection ID
+   * @param userUid The User UID
+   * @returns An Either of the Collection details
+   */
+  async getCollectionForCLI(collectionID: string, userUid: string) {
+    try {
+      const collection = await this.prisma.teamCollection.findUniqueOrThrow({
+        where: { id: collectionID },
+      });
+
+      const teamMember = await this.teamService.getTeamMember(
+        collection.teamID,
+        userUid,
+      );
+      if (!teamMember) return E.left(TEAM_MEMBER_NOT_FOUND);
+
+      return E.right(<GetCollectionResponse>{
+        id: collection.id,
+        data: collection.data === null ? null : JSON.stringify(collection.data),
+        title: collection.title,
+        parentID: collection.parentID,
+        folders: await this.getCollectionTreeForCLI(collection.id),
+        requests: await this.getAllRequestsInCollection(collection.id),
+      });
+    } catch (error) {
+      return E.left(TEAM_COLL_NOT_FOUND);
+    }
+  }
 }
--- a/packages/hoppscotch-backend/src/team-environments/team-environments.service.spec.ts
+++ b/packages/hoppscotch-backend/src/team-environments/team-environments.service.spec.ts
@@ -6,19 +6,24 @@ import {
  JSON_INVALID,
  TEAM_ENVIRONMENT_NOT_FOUND,
  TEAM_ENVIRONMENT_SHORT_NAME,
+  TEAM_MEMBER_NOT_FOUND,
 } from 'src/errors';
+import { TeamService } from 'src/team/team.service';
+import { TeamMemberRole } from 'src/team/team.model';

 const mockPrisma = mockDeep<PrismaService>();

 const mockPubSub = {
  publish: jest.fn().mockResolvedValue(null),
 };
+const mockTeamService = mockDeep<TeamService>();

 // eslint-disable-next-line @typescript-eslint/ban-ts-comment
 // @ts-ignore
 const teamEnvironmentsService = new TeamEnvironmentsService(
  mockPrisma,
  mockPubSub as any,
+  mockTeamService,
 );

 const teamEnvironment = {
@@ -380,4 +385,47 @@ describe('TeamEnvironmentsService', () => {
      expect(result).toEqual(0);
    });
  });
+
+  describe('getTeamEnvironmentForCLI', () => {
+    test('should successfully return a TeamEnvironment with valid ID', async () => {
+      mockPrisma.teamEnvironment.findFirstOrThrow.mockResolvedValueOnce(
+        teamEnvironment,
+      );
+      mockTeamService.getTeamMember.mockResolvedValue({
+        membershipID: 'sdc3sfdv',
+        userUid: '123454',
+        role: TeamMemberRole.OWNER,
+      });
+
+      const result = await teamEnvironmentsService.getTeamEnvironmentForCLI(
+        teamEnvironment.id,
+        '123454',
+      );
+      expect(result).toEqualRight(teamEnvironment);
+    });
+
+    test('should throw TEAM_ENVIRONMENT_NOT_FOUND with invalid ID', async () => {
+      mockPrisma.teamEnvironment.findFirstOrThrow.mockRejectedValueOnce(
+        'RejectOnNotFound',
+      );
+
+      const result = await teamEnvironmentsService.getTeamEnvironment(
+        teamEnvironment.id,
+      );
+      expect(result).toEqualLeft(TEAM_ENVIRONMENT_NOT_FOUND);
+    });
+
+    test('should throw TEAM_MEMBER_NOT_FOUND if user not in same team', async () => {
+      mockPrisma.teamEnvironment.findFirstOrThrow.mockResolvedValueOnce(
+        teamEnvironment,
+      );
+      mockTeamService.getTeamMember.mockResolvedValue(null);
+
+      const result = await teamEnvironmentsService.getTeamEnvironmentForCLI(
+        teamEnvironment.id,
+        '333',
+      );
+      expect(result).toEqualLeft(TEAM_MEMBER_NOT_FOUND);
+    });
+  });
 });
--- a/packages/hoppscotch-backend/src/team-environments/team-environments.service.ts
+++ b/packages/hoppscotch-backend/src/team-environments/team-environments.service.ts
@@ -6,14 +6,17 @@ import { TeamEnvironment } from './team-environments.model';
 import {
  TEAM_ENVIRONMENT_NOT_FOUND,
  TEAM_ENVIRONMENT_SHORT_NAME,
+  TEAM_MEMBER_NOT_FOUND,
 } from 'src/errors';
 import * as E from 'fp-ts/Either';
 import { isValidLength } from 'src/utils';
+import { TeamService } from 'src/team/team.service';
@Injectable()
 export class TeamEnvironmentsService {
  constructor(
    private readonly prisma: PrismaService,
    private readonly pubsub: PubSubService,
+    private readonly teamService: TeamService,
  ) {}

  TITLE_LENGTH = 3;
@@ -242,4 +245,30 @@ export class TeamEnvironmentsService {
    });
    return envCount;
  }
+
+  /**
+   * Get details of a TeamEnvironment for CLI.
+   *
+   * @param id TeamEnvironment ID
+   * @param userUid User UID
+   * @returns Either of a TeamEnvironment or error message
+   */
+  async getTeamEnvironmentForCLI(id: string, userUid: string) {
+    try {
+      const teamEnvironment =
+        await this.prisma.teamEnvironment.findFirstOrThrow({
+          where: { id },
+        });
+
+      const teamMember = await this.teamService.getTeamMember(
+        teamEnvironment.teamID,
+        userUid,
+      );
+      if (!teamMember) return E.left(TEAM_MEMBER_NOT_FOUND);
+
+      return E.right(teamEnvironment);
+    } catch (error) {
+      return E.left(TEAM_ENVIRONMENT_NOT_FOUND);
+    }
+  }
 }
--- a/packages/hoppscotch-backend/src/team-invitation/team-invitation.module.ts
+++ b/packages/hoppscotch-backend/src/team-invitation/team-invitation.module.ts
@@ -1,5 +1,4 @@
 import { Module } from '@nestjs/common';
-import { MailerModule } from 'src/mailer/mailer.module';
 import { PrismaModule } from 'src/prisma/prisma.module';
 import { PubSubModule } from 'src/pubsub/pubsub.module';
 import { TeamModule } from 'src/team/team.module';
@@ -12,7 +11,7 @@ import { TeamInviteeGuard } from './team-invitee.guard';
 import { TeamTeamInviteExtResolver } from './team-teaminvite-ext.resolver';

@Module({
-  imports: [PrismaModule, TeamModule, PubSubModule, UserModule, MailerModule],
+  imports: [PrismaModule, TeamModule, PubSubModule, UserModule],
  providers: [
    TeamInvitationService,
    TeamInvitationResolver,
--- a/packages/hoppscotch-backend/src/team-invitation/team-invitation.service.ts
+++ b/packages/hoppscotch-backend/src/team-invitation/team-invitation.service.ts
@@ -20,6 +20,7 @@ import { UserService } from 'src/user/user.service';
 import { PubSubService } from 'src/pubsub/pubsub.service';
 import { validateEmail } from '../utils';
 import { AuthUser } from 'src/types/AuthUser';
+import { ConfigService } from '@nestjs/config';

@Injectable()
 export class TeamInvitationService {
@@ -28,8 +29,8 @@ export class TeamInvitationService {
    private readonly userService: UserService,
    private readonly teamService: TeamService,
    private readonly mailerService: MailerService,
-
    private readonly pubsub: PubSubService,
+    private readonly configService: ConfigService,
  ) {}

  /**
@@ -150,7 +151,9 @@ export class TeamInvitationService {
      template: 'team-invitation',
      variables: {
        invitee: creator.displayName ?? 'A Hoppscotch User',
-        action_url: `${process.env.VITE_BASE_URL}/join-team?id=${dbInvitation.id}`,
+        action_url: `${this.configService.get('VITE_BASE_URL')}/join-team?id=${
+          dbInvitation.id
+        }`,
        invite_team_name: team.name,
      },
    });
--- a/packages/hoppscotch-backend/src/team/guards/rest-team-member.guard.ts
+++ b/packages/hoppscotch-backend/src/team/guards/rest-team-member.guard.ts
@@ -0,0 +1,47 @@
+import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common';
+import { Reflector } from '@nestjs/core';
+import { TeamService } from '../../team/team.service';
+import { TeamMemberRole } from '../../team/team.model';
+import {
+  BUG_TEAM_NO_REQUIRE_TEAM_ROLE,
+  BUG_AUTH_NO_USER_CTX,
+  BUG_TEAM_NO_TEAM_ID,
+  TEAM_MEMBER_NOT_FOUND,
+  TEAM_NOT_REQUIRED_ROLE,
+} from 'src/errors';
+import { throwHTTPErr } from 'src/utils';
+
+@Injectable()
+export class RESTTeamMemberGuard implements CanActivate {
+  constructor(
+    private readonly reflector: Reflector,
+    private readonly teamService: TeamService,
+  ) {}
+
+  async canActivate(context: ExecutionContext): Promise<boolean> {
+    const requireRoles = this.reflector.get<TeamMemberRole[]>(
+      'requiresTeamRole',
+      context.getHandler(),
+    );
+    if (!requireRoles)
+      throwHTTPErr({ message: BUG_TEAM_NO_REQUIRE_TEAM_ROLE, statusCode: 400 });
+
+    const request = context.switchToHttp().getRequest();
+
+    const { user } = request;
+    if (user == undefined)
+      throwHTTPErr({ message: BUG_AUTH_NO_USER_CTX, statusCode: 400 });
+
+    const teamID = request.params.teamID;
+    if (!teamID)
+      throwHTTPErr({ message: BUG_TEAM_NO_TEAM_ID, statusCode: 400 });
+
+    const teamMember = await this.teamService.getTeamMember(teamID, user.uid);
+    if (!teamMember)
+      throwHTTPErr({ message: TEAM_MEMBER_NOT_FOUND, statusCode: 404 });
+
+    if (requireRoles.includes(teamMember.role)) return true;
+
+    throwHTTPErr({ message: TEAM_NOT_REQUIRED_ROLE, statusCode: 403 });
+  }
+}
--- a/packages/hoppscotch-backend/src/types/AccessToken.ts
+++ b/packages/hoppscotch-backend/src/types/AccessToken.ts
@@ -0,0 +1,7 @@
+export type AccessToken = {
+  id: string;
+  label: string;
+  createdOn: Date;
+  lastUsedOn: Date;
+  expiresOn: null | Date;
+};
--- a/packages/hoppscotch-backend/src/types/CollectionSearchNode.ts
+++ b/packages/hoppscotch-backend/src/types/CollectionSearchNode.ts
@@ -0,0 +1,17 @@
+// Response type of results from the search query
+export type CollectionSearchNode = {
+  /** Encodes the hierarchy of where the node is **/
+  path: CollectionSearchNode[];
+} & (
+  | {
+      type: 'request';
+      title: string;
+      method: string;
+      id: string;
+    }
+  | {
+      type: 'collection';
+      title: string;
+      id: string;
+    }
+);
--- a/packages/hoppscotch-backend/src/types/InfraConfig.ts
+++ b/packages/hoppscotch-backend/src/types/InfraConfig.ts
@@ -0,0 +1,26 @@
+export enum InfraConfigEnum {
+  MAILER_SMTP_URL = 'MAILER_SMTP_URL',
+  MAILER_ADDRESS_FROM = 'MAILER_ADDRESS_FROM',
+
+  GOOGLE_CLIENT_ID = 'GOOGLE_CLIENT_ID',
+  GOOGLE_CLIENT_SECRET = 'GOOGLE_CLIENT_SECRET',
+  GOOGLE_CALLBACK_URL = 'GOOGLE_CALLBACK_URL',
+  GOOGLE_SCOPE = 'GOOGLE_SCOPE',
+
+  GITHUB_CLIENT_ID = 'GITHUB_CLIENT_ID',
+  GITHUB_CLIENT_SECRET = 'GITHUB_CLIENT_SECRET',
+  GITHUB_CALLBACK_URL = 'GITHUB_CALLBACK_URL',
+  GITHUB_SCOPE = 'GITHUB_SCOPE',
+
+  MICROSOFT_CLIENT_ID = 'MICROSOFT_CLIENT_ID',
+  MICROSOFT_CLIENT_SECRET = 'MICROSOFT_CLIENT_SECRET',
+  MICROSOFT_CALLBACK_URL = 'MICROSOFT_CALLBACK_URL',
+  MICROSOFT_SCOPE = 'MICROSOFT_SCOPE',
+  MICROSOFT_TENANT = 'MICROSOFT_TENANT',
+
+  VITE_ALLOWED_AUTH_PROVIDERS = 'VITE_ALLOWED_AUTH_PROVIDERS',
+
+  ALLOW_ANALYTICS_COLLECTION = 'ALLOW_ANALYTICS_COLLECTION',
+  ANALYTICS_USER_ID = 'ANALYTICS_USER_ID',
+  IS_FIRST_TIME_INFRA_SETUP = 'IS_FIRST_TIME_INFRA_SETUP',
+}
--- a/packages/hoppscotch-backend/src/types/RESTError.ts
+++ b/packages/hoppscotch-backend/src/types/RESTError.ts
@@ -1,10 +1,10 @@
 import { HttpStatus } from '@nestjs/common';

 /**
- ** Custom interface to handle errors specific to Auth module
+ ** Custom interface to handle errors for REST modules such as Auth, Admin modules
 ** Since its REST we need to return the HTTP status code along with the error message
 */
-export type AuthError = {
-  message: string;
+export type RESTError = {
+  message: string | Record<string, string>;
  statusCode: HttpStatus;
 };
--- a/packages/hoppscotch-backend/src/types/input-types.args.ts
+++ b/packages/hoppscotch-backend/src/types/input-types.args.ts
@@ -17,3 +17,21 @@ export class PaginationArgs {
  })
  take: number;
 }
+
+@ArgsType()
+@InputType()
+export class OffsetPaginationArgs {
+  @Field({
+    nullable: true,
+    defaultValue: 0,
+    description: 'Number of items to skip',
+  })
+  skip: number;
+
+  @Field({
+    nullable: true,
+    defaultValue: 10,
+    description: 'Number of items to fetch',
+  })
+  take: number;
+}
--- a/packages/hoppscotch-backend/src/user-collection/user-collection.service.spec.ts
+++ b/packages/hoppscotch-backend/src/user-collection/user-collection.service.spec.ts
@@ -38,6 +38,7 @@ const user: AuthUser = {
  photoURL: 'https://en.wikipedia.org/wiki/Dwight_Schrute',
  isAdmin: false,
  refreshToken: 'hbfvdkhjbvkdvdfjvbnkhjb',
+  lastLoggedOn: currentTime,
  createdOn: currentTime,
  currentGQLSession: {},
  currentRESTSession: {},
--- a/packages/hoppscotch-backend/src/user-request/user-request.service.spec.ts
+++ b/packages/hoppscotch-backend/src/user-request/user-request.service.spec.ts
@@ -41,6 +41,7 @@ const user: AuthUser = {
  photoURL: 'https://example.com/photo.png',
  isAdmin: false,
  refreshToken: null,
+  lastLoggedOn: new Date(),
  createdOn: new Date(),
  currentGQLSession: null,
  currentRESTSession: null,
--- a/packages/hoppscotch-backend/src/user-settings/user-settings.service.spec.ts
+++ b/packages/hoppscotch-backend/src/user-settings/user-settings.service.spec.ts
@@ -27,6 +27,7 @@ const user: AuthUser = {
  refreshToken: 'hbfvdkhjbvkdvdfjvbnkhjb',
  currentGQLSession: {},
  currentRESTSession: {},
+  lastLoggedOn: currentTime,
  createdOn: currentTime,
 };

--- a/packages/hoppscotch-backend/src/user/user.model.ts
+++ b/packages/hoppscotch-backend/src/user/user.model.ts
@@ -30,6 +30,12 @@ export class User {
  })
  isAdmin: boolean;

+  @Field({
+    nullable: true,
+    description: 'Date when the user last logged in',
+  })
+  lastLoggedOn: Date;
+
  @Field({
    description: 'Date when the user account was created',
  })
@@ -56,3 +62,22 @@ export enum SessionType {
 registerEnumType(SessionType, {
  name: 'SessionType',
 });
+
+@ObjectType()
+export class UserDeletionResult {
+  @Field(() => ID, {
+    description: 'UID of the user',
+  })
+  userUID: string;
+
+  @Field(() => Boolean, {
+    description: 'Flag to determine if user deletion was successful or not',
+  })
+  isDeleted: Boolean;
+
+  @Field({
+    nullable: true,
+    description: 'Error message if user deletion was not successful',
+  })
+  errorMessage: String;
+}
--- a/packages/hoppscotch-backend/src/user/user.resolver.ts
+++ b/packages/hoppscotch-backend/src/user/user.resolver.ts
@@ -58,6 +58,29 @@ export class UserResolver {
    if (E.isLeft(updatedUser)) throwErr(updatedUser.left);
    return updatedUser.right;
  }
+
+  @Mutation(() => User, {
+    description: 'Update a users display name',
+  })
+  @UseGuards(GqlAuthGuard)
+  async updateDisplayName(
+    @GqlUser() user: AuthUser,
+    @Args({
+      name: 'updatedDisplayName',
+      description: 'New name of user',
+      type: () => String,
+    })
+    updatedDisplayName: string,
+  ) {
+    const updatedUser = await this.userService.updateUserDisplayName(
+      user.uid,
+      updatedDisplayName,
+    );
+
+    if (E.isLeft(updatedUser)) throwErr(updatedUser.left);
+    return updatedUser.right;
+  }
+
  @Mutation(() => Boolean, {
    description: 'Delete an user account',
  })
--- a/packages/hoppscotch-backend/src/user/user.service.spec.ts
+++ b/packages/hoppscotch-backend/src/user/user.service.spec.ts
@@ -1,4 +1,9 @@
-import { JSON_INVALID, USER_NOT_FOUND } from 'src/errors';
+import {
+  JSON_INVALID,
+  USERS_NOT_FOUND,
+  USER_NOT_FOUND,
+  USER_SHORT_DISPLAY_NAME,
+} from 'src/errors';
 import { mockDeep, mockReset } from 'jest-mock-extended';
 import { PrismaService } from 'src/prisma/prisma.service';
 import { AuthUser } from 'src/types/AuthUser';
@@ -37,6 +42,7 @@ const user: AuthUser = {
  currentRESTSession: {},
  currentGQLSession: {},
  refreshToken: 'hbfvdkhjbvkdvdfjvbnkhjb',
+  lastLoggedOn: currentTime,
  createdOn: currentTime,
 };

@@ -49,6 +55,7 @@ const adminUser: AuthUser = {
  currentRESTSession: {},
  currentGQLSession: {},
  refreshToken: 'hbfvdkhjbvkdvdfjvbnkhjb',
+  lastLoggedOn: currentTime,
  createdOn: currentTime,
 };

@@ -62,6 +69,7 @@ const users: AuthUser[] = [
    currentRESTSession: {},
    currentGQLSession: {},
    refreshToken: 'hbfvdkhjbvkdvdfjvbnkhjb',
+    lastLoggedOn: currentTime,
    createdOn: currentTime,
  },
  {
@@ -73,6 +81,7 @@ const users: AuthUser[] = [
    currentRESTSession: {},
    currentGQLSession: {},
    refreshToken: 'hbfvdkhjbvkdvdfjvbnkhjb',
+    lastLoggedOn: currentTime,
    createdOn: currentTime,
  },
  {
@@ -84,6 +93,7 @@ const users: AuthUser[] = [
    currentRESTSession: {},
    currentGQLSession: {},
    refreshToken: 'hbfvdkhjbvkdvdfjvbnkhjb',
+    lastLoggedOn: currentTime,
    createdOn: currentTime,
  },
 ];
@@ -98,6 +108,7 @@ const adminUsers: AuthUser[] = [
    currentRESTSession: {},
    currentGQLSession: {},
    refreshToken: 'hbfvdkhjbvkdvdfjvbnkhjb',
+    lastLoggedOn: currentTime,
    createdOn: currentTime,
  },
  {
@@ -109,6 +120,7 @@ const adminUsers: AuthUser[] = [
    currentRESTSession: {},
    currentGQLSession: {},
    refreshToken: 'hbfvdkhjbvkdvdfjvbnkhjb',
+    lastLoggedOn: currentTime,
    createdOn: currentTime,
  },
  {
@@ -120,6 +132,7 @@ const adminUsers: AuthUser[] = [
    currentRESTSession: {},
    currentGQLSession: {},
    refreshToken: 'hbfvdkhjbvkdvdfjvbnkhjb',
+    lastLoggedOn: currentTime,
    createdOn: currentTime,
  },
 ];
@@ -176,6 +189,26 @@ describe('UserService', () => {
    });
  });

+  describe('findUsersByIds', () => {
+    test('should successfully return users given valid user UIDs', async () => {
+      mockPrisma.user.findMany.mockResolvedValueOnce(users);
+
+      const result = await userService.findUsersByIds([
+        '123344',
+        '5555',
+        '6666',
+      ]);
+      expect(result).toEqual(users);
+    });
+
+    test('should return empty array of users given a invalid user UIDs', async () => {
+      mockPrisma.user.findMany.mockResolvedValueOnce([]);
+
+      const result = await userService.findUsersByIds(['sdcvbdbr']);
+      expect(result).toEqual([]);
+    });
+  });
+
  describe('createUserViaMagicLink', () => {
    test('should successfully create user and account for magic-link given valid inputs', async () => {
      mockPrisma.user.create.mockResolvedValueOnce(user);
@@ -414,6 +447,82 @@ describe('UserService', () => {
    });
  });

+  describe('updateUserDisplayName', () => {
+    test('should resolve right and update user display name', async () => {
+      const newDisplayName = 'New Name';
+      mockPrisma.user.update.mockResolvedValueOnce({
+        ...user,
+        displayName: newDisplayName,
+      });
+
+      const result = await userService.updateUserDisplayName(
+        user.uid,
+        newDisplayName,
+      );
+      expect(result).toEqualRight({
+        ...user,
+        displayName: newDisplayName,
+        currentGQLSession: JSON.stringify(user.currentGQLSession),
+        currentRESTSession: JSON.stringify(user.currentRESTSession),
+      });
+    });
+    test('should resolve right and publish user updated subscription', async () => {
+      const newDisplayName = 'New Name';
+      mockPrisma.user.update.mockResolvedValueOnce({
+        ...user,
+        displayName: newDisplayName,
+      });
+
+      await userService.updateUserDisplayName(user.uid, user.displayName);
+      expect(mockPubSub.publish).toHaveBeenCalledWith(
+        `user/${user.uid}/updated`,
+        {
+          ...user,
+          displayName: newDisplayName,
+          currentGQLSession: JSON.stringify(user.currentGQLSession),
+          currentRESTSession: JSON.stringify(user.currentRESTSession),
+        },
+      );
+    });
+    test('should resolve left and error when invalid user uid is passed', async () => {
+      mockPrisma.user.update.mockRejectedValueOnce('NotFoundError');
+
+      const result = await userService.updateUserDisplayName(
+        'invalidUserUid',
+        user.displayName,
+      );
+      expect(result).toEqualLeft(USER_NOT_FOUND);
+    });
+    test('should resolve left and error when short display name is passed', async () => {
+      const newDisplayName = '';
+      const result = await userService.updateUserDisplayName(
+        user.uid,
+        newDisplayName,
+      );
+      expect(result).toEqualLeft(USER_SHORT_DISPLAY_NAME);
+    });
+  });
+
+  describe('updateUserLastLoggedOn', () => {
+    test('should resolve right and update user last logged on', async () => {
+      const currentTime = new Date();
+      mockPrisma.user.update.mockResolvedValueOnce({
+        ...user,
+        lastLoggedOn: currentTime,
+      });
+
+      const result = await userService.updateUserLastLoggedOn(user.uid);
+      expect(result).toEqualRight(true);
+    });
+
+    test('should resolve left and error when invalid user uid is passed', async () => {
+      mockPrisma.user.update.mockRejectedValueOnce('NotFoundError');
+
+      const result = await userService.updateUserLastLoggedOn('invalidUserUid');
+      expect(result).toEqualLeft(USER_NOT_FOUND);
+    });
+  });
+
  describe('fetchAllUsers', () => {
    test('should resolve right and return 20 users when cursor is null', async () => {
      mockPrisma.user.findMany.mockResolvedValueOnce(users);
@@ -435,6 +544,36 @@ describe('UserService', () => {
    });
  });

+  describe('fetchAllUsersV2', () => {
+    test('should resolve right and return first 20 users when searchString is null', async () => {
+      mockPrisma.user.findMany.mockResolvedValueOnce(users);
+
+      const result = await userService.fetchAllUsersV2(null, {
+        take: 20,
+        skip: 0,
+      });
+      expect(result).toEqual(users);
+    });
+    test('should resolve right and return next 20 users when searchString is provided', async () => {
+      mockPrisma.user.findMany.mockResolvedValueOnce(users);
+
+      const result = await userService.fetchAllUsersV2('.com', {
+        take: 20,
+        skip: 0,
+      });
+      expect(result).toEqual(users);
+    });
+    test('should resolve left and return an empty array when users not found', async () => {
+      mockPrisma.user.findMany.mockResolvedValueOnce([]);
+
+      const result = await userService.fetchAllUsersV2('Unknown entry', {
+        take: 20,
+        skip: 0,
+      });
+      expect(result).toEqual([]);
+    });
+  });
+
  describe('fetchAdminUsers', () => {
    test('should return a list of admin users', async () => {
      mockPrisma.user.findMany.mockResolvedValueOnce(adminUsers);
@@ -556,4 +695,17 @@ describe('UserService', () => {
      expect(result).toEqual(10);
    });
  });
+
+  describe('removeUsersAsAdmin', () => {
+    test('should resolve right and return true for valid user UIDs', async () => {
+      mockPrisma.user.updateMany.mockResolvedValueOnce({ count: 1 });
+      const result = await userService.removeUsersAsAdmin(['123344']);
+      expect(result).toEqualRight(true);
+    });
+    test('should resolve right and return false for invalid user UIDs', async () => {
+      mockPrisma.user.updateMany.mockResolvedValueOnce({ count: 0 });
+      const result = await userService.removeUsersAsAdmin(['123344']);
+      expect(result).toEqualLeft(USERS_NOT_FOUND);
+    });
+  });
 });
--- a/packages/hoppscotch-backend/src/user/user.service.ts
+++ b/packages/hoppscotch-backend/src/user/user.service.ts
@@ -8,13 +8,18 @@ import * as T from 'fp-ts/Task';
 import * as A from 'fp-ts/Array';
 import { pipe, constVoid } from 'fp-ts/function';
 import { AuthUser } from 'src/types/AuthUser';
-import { USER_NOT_FOUND } from 'src/errors';
+import {
+  USERS_NOT_FOUND,
+  USER_NOT_FOUND,
+  USER_SHORT_DISPLAY_NAME,
+} from 'src/errors';
 import { SessionType, User } from './user.model';
 import { USER_UPDATE_FAILED } from 'src/errors';
 import { PubSubService } from 'src/pubsub/pubsub.service';
 import { stringToJson, taskEitherValidateArraySeq } from 'src/utils';
 import { UserDataHandler } from './user.data.handler';
 import { User as DbUser } from '@prisma/client';
+import { OffsetPaginationArgs } from 'src/types/input-types.args';

@Injectable()
 export class UserService {
@@ -88,6 +93,20 @@ export class UserService {
    }
  }

+  /**
+   * Find users with given IDs
+   * @param userUIDs User IDs
+   * @returns Array of found Users
+   */
+  async findUsersByIds(userUIDs: string[]): Promise<AuthUser[]> {
+    const users = await this.prisma.user.findMany({
+      where: {
+        uid: { in: userUIDs },
+      },
+    });
+    return users;
+  }
+
  /**
   * Update User with new generated hashed refresh token
   *
@@ -95,7 +114,7 @@ export class UserService {
   * @param userUid User uid
   * @returns Either of User with updated refreshToken
   */
-  async UpdateUserRefreshToken(refreshTokenHash: string, userUid: string) {
+  async updateUserRefreshToken(refreshTokenHash: string, userUid: string) {
    try {
      const user = await this.prisma.user.update({
        where: {
@@ -155,6 +174,7 @@ export class UserService {
        displayName: userDisplayName,
        email: profile.emails[0].value,
        photoURL: userPhotoURL,
+        lastLoggedOn: new Date(),
        providerAccounts: {
          create: {
            provider: profile.provider,
@@ -202,7 +222,7 @@ export class UserService {
  }

  /**
-   * Update User displayName and photoURL
+   * Update User displayName and photoURL when logged in via a SSO provider
   *
   * @param user User object
   * @param profile Data received from SSO provider on the users account
@@ -217,6 +237,7 @@ export class UserService {
        data: {
          displayName: !profile.displayName ? null : profile.displayName,
          photoURL: !profile.photos ? null : profile.photos[0].value,
+          lastLoggedOn: new Date(),
        },
      });
      return E.right(updatedUser);
@@ -269,6 +290,50 @@ export class UserService {
    }
  }

+  /**
+   * Update a user's displayName
+   * @param userUID User UID
+   * @param displayName User's displayName
+   * @returns a Either of User or error
+   */
+  async updateUserDisplayName(userUID: string, displayName: string) {
+    if (!displayName || displayName.length === 0) {
+      return E.left(USER_SHORT_DISPLAY_NAME);
+    }
+
+    try {
+      const dbUpdatedUser = await this.prisma.user.update({
+        where: { uid: userUID },
+        data: { displayName },
+      });
+
+      const updatedUser = this.convertDbUserToUser(dbUpdatedUser);
+
+      // Publish subscription for user updates
+      await this.pubsub.publish(`user/${updatedUser.uid}/updated`, updatedUser);
+
+      return E.right(updatedUser);
+    } catch (error) {
+      return E.left(USER_NOT_FOUND);
+    }
+  }
+
+  /**
+   * Update user's lastLoggedOn timestamp
+   * @param userUID User UID
+   */
+  async updateUserLastLoggedOn(userUid: string) {
+    try {
+      await this.prisma.user.update({
+        where: { uid: userUid },
+        data: { lastLoggedOn: new Date() },
+      });
+      return E.right(true);
+    } catch (e) {
+      return E.left(USER_NOT_FOUND);
+    }
+  }
+
  /**
   * Validate and parse currentRESTSession and currentGQLSession
   * @param sessionData string of the session
@@ -286,6 +351,7 @@ export class UserService {
   * @param cursorID string of userUID or null
   * @param take number of users to query
   * @returns an array of `User` object
+   * @deprecated use fetchAllUsersV2 instead
   */
  async fetchAllUsers(cursorID: string, take: number) {
    const fetchedUsers = await this.prisma.user.findMany({
@@ -296,6 +362,43 @@ export class UserService {
    return fetchedUsers;
  }

+  /**
+   * Fetch all the users in the `User` table based on cursor
+   * @param searchString search on user's displayName or email
+   * @param paginationOption pagination options
+   * @returns an array of `User` object
+   */
+  async fetchAllUsersV2(
+    searchString: string,
+    paginationOption: OffsetPaginationArgs,
+  ) {
+    const fetchedUsers = await this.prisma.user.findMany({
+      skip: paginationOption.skip,
+      take: paginationOption.take,
+      where: searchString
+        ? {
+            OR: [
+              {
+                displayName: {
+                  contains: searchString,
+                  mode: 'insensitive',
+                },
+              },
+              {
+                email: {
+                  contains: searchString,
+                  mode: 'insensitive',
+                },
+              },
+            ],
+          }
+        : undefined,
+      orderBy: [{ isAdmin: 'desc' }, { displayName: 'asc' }],
+    });
+
+    return fetchedUsers;
+  }
+
  /**
   * Fetch the number of users in db
   * @returns a count (Int) of user records in DB
@@ -326,6 +429,23 @@ export class UserService {
    }
  }

+  /**
+   * Change users to admins by toggling isAdmin param to true
+   * @param userUID user UIDs
+   * @returns a Either of true or error
+   */
+  async makeAdmins(userUIDs: string[]) {
+    try {
+      await this.prisma.user.updateMany({
+        where: { uid: { in: userUIDs } },
+        data: { isAdmin: true },
+      });
+      return E.right(true);
+    } catch (error) {
+      return E.left(USER_UPDATE_FAILED);
+    }
+  }
+
  /**
   * Fetch all the admin users
   * @returns an array of admin users
@@ -444,4 +564,22 @@ export class UserService {
      return E.left(USER_NOT_FOUND);
    }
  }
+
+  /**
+   * Change users from an admin by toggling isAdmin param to false
+   * @param userUIDs user UIDs
+   * @returns a Either of true or error
+   */
+  async removeUsersAsAdmin(userUIDs: string[]) {
+    const data = await this.prisma.user.updateMany({
+      where: { uid: { in: userUIDs } },
+      data: { isAdmin: false },
+    });
+
+    if (data.count === 0) {
+      return E.left(USERS_NOT_FOUND);
+    }
+
+    return E.right(true);
+  }
 }
--- a/packages/hoppscotch-backend/src/utils.ts
+++ b/packages/hoppscotch-backend/src/utils.ts
@@ -1,4 +1,4 @@
-import { ExecutionContext } from '@nestjs/common';
+import { ExecutionContext, HttpException } from '@nestjs/common';
 import { Reflector } from '@nestjs/core';
 import { GqlExecutionContext } from '@nestjs/graphql';
 import { pipe } from 'fp-ts/lib/function';
@@ -16,6 +16,7 @@ import {
  JSON_INVALID,
 } from './errors';
 import { AuthProvider } from './auth/helper';
+import { RESTError } from './types/RESTError';

 /**
 * A workaround to throw an exception in an expression.
@@ -27,6 +28,15 @@ export function throwErr(errMessage: string): never {
  throw new Error(errMessage);
 }

+/**
+ * This function allows throw to be used as an expression
+ * @param errMessage Message present in the error message
+ */
+export function throwHTTPErr(errorData: RESTError): never {
+  const { message, statusCode } = errorData;
+  throw new HttpException(message, statusCode);
+}
+
 /**
 * Prints the given value to log and returns the same value.
 * Used for debugging functional pipelines.
@@ -131,6 +141,58 @@ export const validateEmail = (email: string) => {
  ).test(email);
 };

+// Regular expressions for supported address object formats by nodemailer
+// check out for more info https://nodemailer.com/message/addresses
+const emailRegex1 = /^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/;
+const emailRegex2 =
+  /^[\w\s]* <([a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,})>$/;
+const emailRegex3 =
+  /^"[\w\s]+" <([a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,})>$/;
+
+/**
+ * Checks to see if the SMTP email is valid or not
+ * @param email
+ * @returns A Boolean depending on the format of the email
+ */
+export const validateSMTPEmail = (email: string) => {
+  // Check if the input matches any of the formats
+  return (
+    emailRegex1.test(email) ||
+    emailRegex2.test(email) ||
+    emailRegex3.test(email)
+  );
+};
+
+/**
+ * Checks to see if the URL is valid or not
+ * @param url The URL to validate
+ * @returns boolean
+ */
+export const validateSMTPUrl = (url: string) => {
+  // Possible valid formats
+  // smtp(s)://mail.example.com
+  // smtp(s)://user:pass@mail.example.com
+  // smtp(s)://mail.example.com:587
+  // smtp(s)://user:pass@mail.example.com:587
+
+  if (!url || url.length === 0) return false;
+
+  const regex =
+    /^(smtp|smtps):\/\/(?:([^:]+):([^@]+)@)?((?!\.)[^:]+)(?::(\d+))?$/;
+  if (regex.test(url)) return true;
+  return false;
+};
+
+/**
+ * Checks to see if the URL is valid or not
+ * @param url The URL to validate
+ * @returns boolean
+ */
+export const validateUrl = (url: string) => {
+  const urlRegex = /^(http|https):\/\/[^ "]+$/;
+  return urlRegex.test(url);
+};
+
 /**
 * String to JSON parser
 * @param {str} str The string to parse
@@ -161,21 +223,23 @@ export function isValidLength(title: string, length: number) {

 /**
 * This function is called by bootstrap() in main.ts
- *  It checks if the "VITE_ALLOWED_AUTH_PROVIDERS" environment variable is properly set or not.
+ * It checks if the "VITE_ALLOWED_AUTH_PROVIDERS" environment variable is properly set or not.
 * If not, it throws an error.
 */
-export function checkEnvironmentAuthProvider() {
-  if (!process.env.hasOwnProperty('VITE_ALLOWED_AUTH_PROVIDERS')) {
+export function checkEnvironmentAuthProvider(
+  VITE_ALLOWED_AUTH_PROVIDERS: string,
+) {
+  if (!VITE_ALLOWED_AUTH_PROVIDERS) {
    throw new Error(ENV_NOT_FOUND_KEY_AUTH_PROVIDERS);
  }

-  if (process.env.VITE_ALLOWED_AUTH_PROVIDERS === '') {
+  if (VITE_ALLOWED_AUTH_PROVIDERS === '') {
    throw new Error(ENV_EMPTY_AUTH_PROVIDERS);
  }

-  const givenAuthProviders = process.env.VITE_ALLOWED_AUTH_PROVIDERS.split(
-    ',',
-  ).map((provider) => provider.toLocaleUpperCase());
+  const givenAuthProviders = VITE_ALLOWED_AUTH_PROVIDERS.split(',').map(
+    (provider) => provider.toLocaleUpperCase(),
+  );
  const supportedAuthProviders = Object.values(AuthProvider).map(
    (provider: string) => provider.toLocaleUpperCase(),
  );
@@ -186,3 +250,39 @@ export function checkEnvironmentAuthProvider() {
    }
  }
 }
+
+/**
+ * Adds escape backslashes to the input so that it can be used inside
+ * SQL LIKE/ILIKE queries. Inspired by PHP's `mysql_real_escape_string`
+ * function.
+ *
+ * Eg. "100%" -> "100\\%"
+ *
+ * Source: https://stackoverflow.com/a/32648526
+ */
+export function escapeSqlLikeString(str: string) {
+  if (typeof str != 'string') return str;
+
+  return str.replace(/[\0\x08\x09\x1a\n\r"'\\\%]/g, function (char) {
+    switch (char) {
+      case '\0':
+        return '\\0';
+      case '\x08':
+        return '\\b';
+      case '\x09':
+        return '\\t';
+      case '\x1a':
+        return '\\z';
+      case '\n':
+        return '\\n';
+      case '\r':
+        return '\\r';
+      case '"':
+      case "'":
+      case '\\':
+      case '%':
+        return '\\' + char; // prepends a backslash to backslash, percent,
+      // and double/single quotes
+    }
+  });
+}
--- a/packages/hoppscotch-cli/README.md
+++ b/packages/hoppscotch-cli/README.md
@@ -52,11 +52,34 @@ hopp [options or commands] arguments
 		Taking the above example, `pw.env.get("ENV1")` will return `"value1"`

 ## Install
+- Before you install Hoppscotch CLI you need to make sure you have the dependencies it requires to run.
+  - **Windows & macOS**: You will need `node-gyp` installed. Find instructions here: https://github.com/nodejs/node-gyp
+  - **Debian/Ubuntu derivatives**:
+    ```sh
+    sudo apt-get install python g++ build-essential
+    ```
+  - **Alpine Linux**:
+    ```sh
+    sudo apk add python3 make g++
+    ```
+  - **Amazon Linux (AMI)**
+    ```sh
+    sudo yum install gcc72 gcc72-c++
+    ```
+  - **Arch Linux**
+    ```sh
+    sudo pacman -S make gcc python
+    ```
+  - **RHEL/Fedora derivatives**:
+    ```sh
+    sudo dnf install python3 make gcc gcc-c++ zlib-devel brotli-devel openssl-devel libuv-devel
+    ```

-Install [@hoppscotch/cli](https://www.npmjs.com/package/@hoppscotch/cli) from npm by running:
-```
-npm i -g @hoppscotch/cli
-```
+
+- Once the dependencies are installed, install [@hoppscotch/cli](https://www.npmjs.com/package/@hoppscotch/cli) from npm by running:
+  ```
+  npm i -g @hoppscotch/cli
+  ```

 ## **Developing:**

--- a/packages/hoppscotch-cli/bin/hopp
+++ b/packages/hoppscotch-cli/bin/hopp
@@ -1,3 +0,0 @@
-#!/usr/bin/env node
-// * The entry point of the CLI
-require("../dist").cli(process.argv);
--- a/packages/hoppscotch-cli/bin/hopp.js
+++ b/packages/hoppscotch-cli/bin/hopp.js
@@ -0,0 +1,31 @@
+#!/usr/bin/env node
+// * The entry point of the CLI
+// @ts-check
+
+import { cli } from "../dist/index.js";
+
+import { spawnSync } from "child_process";
+import { cloneDeep } from "lodash-es";
+
+const nodeVersion = parseInt(process.versions.node.split(".")[0]);
+
+// As per isolated-vm documentation, we need to supply `--no-node-snapshot` for node >= 20
+// src: https://github.com/laverdet/isolated-vm?tab=readme-ov-file#requirements
+if (nodeVersion >= 20 && !process.execArgv.includes("--no-node-snapshot")) {
+  const argCopy = cloneDeep(process.argv);
+
+  // Replace first argument with --no-node-snapshot
+  // We can get argv[0] from process.argv0
+  argCopy[0] = "--no-node-snapshot";
+
+  const result = spawnSync(
+    process.argv0,
+    argCopy,
+    { stdio: "inherit" }
+  );
+
+  // Exit with the same status code as the spawned process
+  process.exit(result.status ?? 0);
+} else {
+  cli(process.argv);
+}
--- a/packages/hoppscotch-cli/package.json
+++ b/packages/hoppscotch-cli/package.json
@@ -1,11 +1,12 @@
 {
  "name": "@hoppscotch/cli",
-  "version": "0.4.0",
+  "version": "0.8.0",
  "description": "A CLI to run Hoppscotch test scripts in CI environments.",
  "homepage": "https://hoppscotch.io",
+  "type": "module",
  "main": "dist/index.js",
  "bin": {
-    "hopp": "bin/hopp"
+    "hopp": "bin/hopp.js"
  },
  "publishConfig": {
    "access": "public"
@@ -39,27 +40,30 @@
  },
  "license": "MIT",
  "private": false,
+  "dependencies": {
+    "axios": "1.6.7",
+    "chalk": "5.3.0",
+    "commander": "11.1.0",
+    "isolated-vm": "4.7.2",
+    "lodash-es": "4.17.21",
+    "qs": "6.11.2",
+    "verzod": "0.2.2",
+    "zod": "3.22.4"
+  },
  "devDependencies": {
    "@hoppscotch/data": "workspace:^",
    "@hoppscotch/js-sandbox": "workspace:^",
-    "@relmify/jest-fp-ts": "^2.1.1",
-    "@swc/core": "^1.3.92",
-    "@types/jest": "^29.5.5",
-    "@types/lodash": "^4.14.199",
-    "@types/qs": "^6.9.8",
-    "axios": "^0.21.4",
-    "chalk": "^4.1.2",
-    "commander": "^11.0.0",
-    "esm": "^3.2.25",
-    "fp-ts": "^2.16.1",
-    "io-ts": "^2.2.20",
-    "jest": "^29.7.0",
-    "lodash": "^4.17.21",
-    "prettier": "^3.0.3",
-    "qs": "^6.11.2",
-    "ts-jest": "^29.1.1",
-    "tsup": "^7.2.0",
-    "typescript": "^5.2.2",
-    "zod": "^3.22.4"
+    "@relmify/jest-fp-ts": "2.1.1",
+    "@swc/core": "1.4.2",
+    "@types/jest": "29.5.12",
+    "@types/lodash-es": "4.17.12",
+    "@types/qs": "6.9.12",
+    "fp-ts": "2.16.2",
+    "jest": "29.7.0",
+    "prettier": "3.2.5",
+    "qs": "6.11.2",
+    "ts-jest": "29.1.2",
+    "tsup": "8.0.2",
+    "typescript": "5.3.3"
  }
 }
--- a/packages/hoppscotch-cli/src/tests/commands/test.spec.ts
+++ b/packages/hoppscotch-cli/src/tests/commands/test.spec.ts
@@ -1,140 +1,344 @@
 import { ExecException } from "child_process";
+
 import { HoppErrorCode } from "../../types/errors";
-import { execAsync, getErrorCode, getTestJsonFilePath } from "../utils";
+import { runCLI, getErrorCode, getTestJsonFilePath } from "../utils";

-describe("Test 'hopp test <file>' command:", () => {
-  test("No collection file path provided.", async () => {
-    const cmd = `node ./bin/hopp test`;
-    const { stderr } = await execAsync(cmd);
-    const out = getErrorCode(stderr);
+describe("Test `hopp test <file>` command:", () => {
+  describe("Argument parsing", () => {
+    test("Errors with the code `INVALID_ARGUMENT` for not supplying enough arguments", async () => {
+      const args = "test";
+      const { stderr } = await runCLI(args);

-    expect(out).toBe<HoppErrorCode>("INVALID_ARGUMENT");
-  });
+      const out = getErrorCode(stderr);
+      expect(out).toBe<HoppErrorCode>("INVALID_ARGUMENT");
+    });

-  test("Collection file not found.", async () => {
-    const cmd = `node ./bin/hopp test notfound.json`;
-    const { stderr } = await execAsync(cmd);
-    const out = getErrorCode(stderr);
+    test("Errors with the code `INVALID_ARGUMENT` for an invalid command", async () => {
+      const args = "invalid-arg";
+      const { stderr } = await runCLI(args);

-    expect(out).toBe<HoppErrorCode>("FILE_NOT_FOUND");
-  });
-
-  test("Collection file is invalid JSON.", async () => {
-    const cmd = `node ./bin/hopp test ${getTestJsonFilePath(
-      "malformed-collection.json"
-    )}`;
-    const { stderr } = await execAsync(cmd);
-    const out = getErrorCode(stderr);
-
-    expect(out).toBe<HoppErrorCode>("UNKNOWN_ERROR");
-  });
-
-  test("Malformed collection file.", async () => {
-    const cmd = `node ./bin/hopp test ${getTestJsonFilePath(
-      "malformed-collection2.json"
-    )}`;
-    const { stderr } = await execAsync(cmd);
-    const out = getErrorCode(stderr);
-
-    expect(out).toBe<HoppErrorCode>("MALFORMED_COLLECTION");
-  });
-
-  test("Invalid arguement.", async () => {
-    const cmd = `node ./bin/hopp invalid-arg`;
-    const { stderr } = await execAsync(cmd);
-    const out = getErrorCode(stderr);
-
-    expect(out).toBe<HoppErrorCode>("INVALID_ARGUMENT");
-  });
-
-  test("Collection file not JSON type.", async () => {
-    const cmd = `node ./bin/hopp test ${getTestJsonFilePath("notjson.txt")}`;
-    const { stderr } = await execAsync(cmd);
-    const out = getErrorCode(stderr);
-
-    expect(out).toBe<HoppErrorCode>("INVALID_FILE_TYPE");
-  });
-
-  test("Some errors occured (exit code 1).", async () => {
-    const cmd = `node ./bin/hopp test ${getTestJsonFilePath("fails.json")}`;
-    const { error } = await execAsync(cmd);
-
-    expect(error).not.toBeNull();
-    expect(error).toMatchObject(<ExecException>{
-      code: 1,
+      const out = getErrorCode(stderr);
+      expect(out).toBe<HoppErrorCode>("INVALID_ARGUMENT");
    });
  });

-  test("No errors occured (exit code 0).", async () => {
-    const cmd = `node ./bin/hopp test ${getTestJsonFilePath("passes.json")}`;
-    const { error } = await execAsync(cmd);
+  describe("Supplied collection export file validations", () => {
+    test("Errors with the code `FILE_NOT_FOUND` if the supplied collection export file doesn't exist", async () => {
+      const args = "test notfound.json";
+      const { stderr } = await runCLI(args);
+
+      const out = getErrorCode(stderr);
+      expect(out).toBe<HoppErrorCode>("FILE_NOT_FOUND");
+    });
+
+    test("Errors with the code UNKNOWN_ERROR if the supplied collection export file content isn't valid JSON", async () => {
+      const args = `test ${getTestJsonFilePath("malformed-coll.json", "collection")}`;
+      const { stderr } = await runCLI(args);
+
+      const out = getErrorCode(stderr);
+      expect(out).toBe<HoppErrorCode>("UNKNOWN_ERROR");
+    });
+
+    test("Errors with the code `MALFORMED_COLLECTION` if the supplied collection export file content is malformed", async () => {
+      const args = `test ${getTestJsonFilePath("malformed-coll-2.json", "collection")}`;
+      const { stderr } = await runCLI(args);
+
+      const out = getErrorCode(stderr);
+      expect(out).toBe<HoppErrorCode>("MALFORMED_COLLECTION");
+    });
+
+    test("Errors with the code `INVALID_FILE_TYPE` if the supplied collection export file doesn't end with the `.json` extension", async () => {
+      const args = `test ${getTestJsonFilePath("notjson-coll.txt", "collection")}`;
+      const { stderr } = await runCLI(args);
+
+      const out = getErrorCode(stderr);
+      expect(out).toBe<HoppErrorCode>("INVALID_FILE_TYPE");
+    });
+
+    test("Fails if the collection file includes scripts with incorrect API usage and failed assertions", async () => {
+      const args = `test ${getTestJsonFilePath("fails-coll.json", "collection")}`;
+      const { error } = await runCLI(args);
+
+      expect(error).not.toBeNull();
+      expect(error).toMatchObject(<ExecException>{
+        code: 1,
+      });
+    });
+  });
+
+  describe("Versioned entities", () => {
+    describe("Collections & Requests", () => {
+      const testFixtures = [
+        { fileName: "coll-v1-req-v0.json", collVersion: 1, reqVersion: 0 },
+        { fileName: "coll-v1-req-v1.json", collVersion: 1, reqVersion: 1 },
+        { fileName: "coll-v2-req-v2.json", collVersion: 2, reqVersion: 2 },
+        { fileName: "coll-v2-req-v3.json", collVersion: 2, reqVersion: 3 },
+      ];
+
+      testFixtures.forEach(({ collVersion, fileName, reqVersion }) => {
+        test(`Successfully processes a supplied collection export file where the collection is based on the "v${collVersion}" schema and the request following the "v${reqVersion}" schema`, async () => {
+          const args = `test ${getTestJsonFilePath(fileName, "collection")}`;
+          const { error } = await runCLI(args);
+
+          expect(error).toBeNull();
+        });
+      });
+    });
+
+    describe("Environments", () => {
+      const testFixtures = [
+        { fileName: "env-v0.json", version: 0 },
+        { fileName: "env-v1.json", version: 1 },
+      ];
+
+      testFixtures.forEach(({ fileName, version }) => {
+        test(`Successfully processes the supplied collection and environment export files where the environment is based on the "v${version}" schema`, async () => {
+          const ENV_PATH = getTestJsonFilePath(fileName, "environment");
+          const args = `test ${getTestJsonFilePath("sample-coll.json", "collection")} --env ${ENV_PATH}`;
+          const { error } = await runCLI(args);
+
+          expect(error).toBeNull();
+        });
+      });
+    });
+  });
+
+  test("Successfully processes a supplied collection export file of the expected format", async () => {
+    const args = `test ${getTestJsonFilePath("passes-coll.json", "collection")}`;
+    const { error } = await runCLI(args);
+
+    expect(error).toBeNull();
+  });
+
+  test("Successfully inherits headers and authorization set at the root collection", async () => {
+    const args = `test ${getTestJsonFilePath(
+      "collection-level-headers-auth-coll.json",
+      "collection"
+    )}`;
+    const { error } = await runCLI(args);
+
+    expect(error).toBeNull();
+  });
+
+  test("Persists environment variables set in the pre-request script for consumption in the test script", async () => {
+    const args = `test ${getTestJsonFilePath(
+      "pre-req-script-env-var-persistence-coll.json",
+      "collection"
+    )}`;
+    const { error } = await runCLI(args);

    expect(error).toBeNull();
  });
 });

-describe("Test 'hopp test <file> --env <file>' command:", () => {
-  const VALID_TEST_CMD = `node ./bin/hopp test ${getTestJsonFilePath(
-    "passes.json"
-  )}`;
+describe("Test `hopp test <file> --env <file>` command:", () => {
+  describe("Supplied environment export file validations", () => {
+    const VALID_TEST_ARGS = `test ${getTestJsonFilePath("passes-coll.json", "collection")}`;
+
+    test("Errors with the code `INVALID_ARGUMENT` if no file is supplied", async () => {
+      const args = `${VALID_TEST_ARGS} --env`;
+      const { stderr } = await runCLI(args);
+
+      const out = getErrorCode(stderr);
+      expect(out).toBe<HoppErrorCode>("INVALID_ARGUMENT");
+    });
+
+    test("Errors with the code `INVALID_FILE_TYPE` if the supplied environment export file doesn't end with the `.json` extension", async () => {
+      const args = `${VALID_TEST_ARGS} --env ${getTestJsonFilePath(
+        "notjson-coll.txt",
+        "collection"
+      )}`;
+      const { stderr } = await runCLI(args);
+
+      const out = getErrorCode(stderr);
+      expect(out).toBe<HoppErrorCode>("INVALID_FILE_TYPE");
+    });
+
+    test("Errors with the code `FILE_NOT_FOUND` if the supplied environment export file doesn't exist", async () => {
+      const args = `${VALID_TEST_ARGS} --env notfound.json`;
+      const { stderr } = await runCLI(args);
+
+      const out = getErrorCode(stderr);
+      expect(out).toBe<HoppErrorCode>("FILE_NOT_FOUND");
+    });
+
+    test("Errors with the code `MALFORMED_ENV_FILE` on supplying a malformed environment export file", async () => {
+      const ENV_PATH = getTestJsonFilePath(
+        "malformed-envs.json",
+        "environment"
+      );
+      const args = `${VALID_TEST_ARGS} --env ${ENV_PATH}`;
+      const { stderr } = await runCLI(args);
+
+      const out = getErrorCode(stderr);
+      expect(out).toBe<HoppErrorCode>("MALFORMED_ENV_FILE");
+    });
+
+    test("Errors with the code `BULK_ENV_FILE` on supplying an environment export file based on the bulk environment export format", async () => {
+      const ENV_PATH = getTestJsonFilePath("bulk-envs.json", "environment");
+      const args = `${VALID_TEST_ARGS} --env ${ENV_PATH}`;
+      const { stderr } = await runCLI(args);
+
+      const out = getErrorCode(stderr);
+      expect(out).toBe<HoppErrorCode>("BULK_ENV_FILE");
+    });
+  });
+
+  test("Successfully resolves values from the supplied environment export file", async () => {
+    const TESTS_PATH = getTestJsonFilePath(
+      "env-flag-tests-coll.json",
+      "collection"
+    );
+    const ENV_PATH = getTestJsonFilePath("env-flag-envs.json", "environment");
+    const args = `test ${TESTS_PATH} --env ${ENV_PATH}`;
+
+    const { error } = await runCLI(args);
+    expect(error).toBeNull();
+  });
+
+  test("Successfully resolves environment variables referenced in the request body", async () => {
+    const COLL_PATH = getTestJsonFilePath(
+      "req-body-env-vars-coll.json",
+      "collection"
+    );
+    const ENVS_PATH = getTestJsonFilePath(
+      "req-body-env-vars-envs.json",
+      "environment"
+    );
+    const args = `test ${COLL_PATH} --env ${ENVS_PATH}`;
+
+    const { error } = await runCLI(args);
+    expect(error).toBeNull();
+  });
+
+  test("Works with shorth `-e` flag", async () => {
+    const TESTS_PATH = getTestJsonFilePath(
+      "env-flag-tests-coll.json",
+      "collection"
+    );
+    const ENV_PATH = getTestJsonFilePath("env-flag-envs.json", "environment");
+    const args = `test ${TESTS_PATH} -e ${ENV_PATH}`;
+
+    const { error } = await runCLI(args);
+    expect(error).toBeNull();
+  });
+
+  describe("Secret environment variables", () => {
+    jest.setTimeout(100000);
+
+    // Reads secret environment values from system environment
+    test("Successfully picks the values for secret environment variables from `process.env` and persists the variables set from the pre-request script", async () => {
+      const env = {
+        ...process.env,
+        secretBearerToken: "test-token",
+        secretBasicAuthUsername: "test-user",
+        secretBasicAuthPassword: "test-pass",
+        secretQueryParamValue: "secret-query-param-value",
+        secretBodyValue: "secret-body-value",
+        secretHeaderValue: "secret-header-value",
+      };
+
+      const COLL_PATH = getTestJsonFilePath(
+        "secret-envs-coll.json",
+        "collection"
+      );
+      const ENVS_PATH = getTestJsonFilePath("secret-envs.json", "environment");
+      const args = `test ${COLL_PATH} --env ${ENVS_PATH}`;
+
+      const { error, stdout } = await runCLI(args, { env });
+
+      expect(stdout).toContain(
+        "https://httpbin.org/basic-auth/*********/*********"
+      );
+      expect(error).toBeNull();
+    });
+
+    // Prefers values specified in the environment export file over values set in the system environment
+    test("Successfully picks the values for secret environment variables set directly in the environment export file and persists the environment variables set from the pre-request script", async () => {
+      const COLL_PATH = getTestJsonFilePath(
+        "secret-envs-coll.json",
+        "collection"
+      );
+      const ENVS_PATH = getTestJsonFilePath(
+        "secret-supplied-values-envs.json",
+        "environment"
+      );
+      const args = `test ${COLL_PATH} --env ${ENVS_PATH}`;
+
+      const { error, stdout } = await runCLI(args);
+
+      expect(stdout).toContain(
+        "https://httpbin.org/basic-auth/*********/*********"
+      );
+      expect(error).toBeNull();
+    });
+
+    // Values set from the scripting context takes the highest precedence
+    test("Setting values for secret environment variables from the pre-request script overrides values set at the supplied environment export file", async () => {
+      const COLL_PATH = getTestJsonFilePath(
+        "secret-envs-persistence-coll.json",
+        "collection"
+      );
+      const ENVS_PATH = getTestJsonFilePath(
+        "secret-supplied-values-envs.json",
+        "environment"
+      );
+      const args = `test ${COLL_PATH} --env ${ENVS_PATH}`;
+
+      const { error, stdout } = await runCLI(args);
+
+      expect(stdout).toContain(
+        "https://httpbin.org/basic-auth/*********/*********"
+      );
+      expect(error).toBeNull();
+    });
+
+    test("Persists secret environment variable values set from the pre-request script for consumption in the request and post-request script context", async () => {
+      const COLL_PATH = getTestJsonFilePath(
+        "secret-envs-persistence-scripting-coll.json",
+        "collection"
+      );
+      const ENVS_PATH = getTestJsonFilePath(
+        "secret-envs-persistence-scripting-envs.json",
+        "environment"
+      );
+      const args = `test ${COLL_PATH} --env ${ENVS_PATH}`;
+
+      const { error } = await runCLI(args);
+      expect(error).toBeNull();
+    });
+  });
+});
+
+describe("Test `hopp test <file> --delay <delay_in_ms>` command:", () => {
+  const VALID_TEST_ARGS = `test ${getTestJsonFilePath("passes-coll.json", "collection")}`;
+
+  test("Errors with the code `INVALID_ARGUMENT` on not supplying a delay value", async () => {
+    const args = `${VALID_TEST_ARGS} --delay`;
+    const { stderr } = await runCLI(args);

-  test("No env file path provided.", async () => {
-    const cmd = `${VALID_TEST_CMD} --env`;
-    const { stderr } = await execAsync(cmd);
    const out = getErrorCode(stderr);
-
    expect(out).toBe<HoppErrorCode>("INVALID_ARGUMENT");
  });

-  test("ENV file not JSON type.", async () => {
-    const cmd = `${VALID_TEST_CMD} --env ${getTestJsonFilePath("notjson.txt")}`;
-    const { stderr } = await execAsync(cmd);
-    const out = getErrorCode(stderr);
+  test("Errors with the code `INVALID_ARGUMENT` on supplying an invalid delay value", async () => {
+    const args = `${VALID_TEST_ARGS} --delay 'NaN'`;
+    const { stderr } = await runCLI(args);

-    expect(out).toBe<HoppErrorCode>("INVALID_FILE_TYPE");
+    const out = getErrorCode(stderr);
+    expect(out).toBe<HoppErrorCode>("INVALID_ARGUMENT");
  });

-  test("ENV file not found.", async () => {
-    const cmd = `${VALID_TEST_CMD} --env notfound.json`;
-    const { stderr } = await execAsync(cmd);
-    const out = getErrorCode(stderr);
+  test("Successfully performs delayed request execution for a valid delay value", async () => {
+    const args = `${VALID_TEST_ARGS} --delay 1`;
+    const { error } = await runCLI(args);

-    expect(out).toBe<HoppErrorCode>("FILE_NOT_FOUND");
+    expect(error).toBeNull();
  });

-  test("No errors occured (exit code 0).", async () => {
-    const TESTS_PATH = getTestJsonFilePath("env-flag-tests.json");
-    const ENV_PATH = getTestJsonFilePath("env-flag-envs.json");
-    const cmd = `node ./bin/hopp test ${TESTS_PATH} --env ${ENV_PATH}`;
-    const { error, stdout } = await execAsync(cmd);
-
-    expect(error).toBeNull();
-  });
-});
-
-describe("Test 'hopp test <file> --delay <delay_in_ms>' command:", () => {
-  const VALID_TEST_CMD = `node ./bin/hopp test ${getTestJsonFilePath(
-    "passes.json"
-  )}`;
-
-  test("No value passed to delay flag.", async () => {
-    const cmd = `${VALID_TEST_CMD} --delay`;
-    const { stderr } = await execAsync(cmd);
-    const out = getErrorCode(stderr);
-
-    expect(out).toBe<HoppErrorCode>("INVALID_ARGUMENT");
-  });
-
-  test("Invalid value passed to delay flag.", async () => {
-    const cmd = `${VALID_TEST_CMD} --delay 'NaN'`;
-    const { stderr } = await execAsync(cmd);
-    const out = getErrorCode(stderr);
-    expect(out).toBe<HoppErrorCode>("INVALID_ARGUMENT");
-  });
-
-  test("Valid value passed to delay flag.", async () => {
-    const cmd = `${VALID_TEST_CMD} --delay 1`;
-    const { error } = await execAsync(cmd);
+  test("Works with the short `-d` flag", async () => {
+    const args = `${VALID_TEST_ARGS} -d 1`;
+    const { error } = await runCLI(args);

    expect(error).toBeNull();
  });
--- a/packages/hoppscotch-cli/src/tests/functions/checks/isRESTCollection.spec.ts
+++ b/packages/hoppscotch-cli/src/tests/functions/checks/isRESTCollection.spec.ts
@@ -1,84 +0,0 @@
-import { isRESTCollection } from "../../../utils/checks";
-
-describe("isRESTCollection", () => {
-  test("Undefined collection value.", () => {
-    expect(isRESTCollection(undefined)).toBeFalsy();
-  });
-
-  test("Invalid id value.", () => {
-    expect(
-      isRESTCollection({
-        v: 1,
-        name: "test",
-        id: 1,
-      })
-    ).toBeFalsy();
-  });
-
-  test("Invalid requests value.", () => {
-    expect(
-      isRESTCollection({
-        v: 1,
-        name: "test",
-        id: "1",
-        requests: null,
-      })
-    ).toBeFalsy();
-  });
-
-  test("Invalid folders value.", () => {
-    expect(
-      isRESTCollection({
-        v: 1,
-        name: "test",
-        id: "1",
-        requests: [],
-        folders: undefined,
-      })
-    ).toBeFalsy();
-  });
-
-  test("Invalid RESTCollection(s) in folders.", () => {
-    expect(
-      isRESTCollection({
-        v: 1,
-        name: "test",
-        id: "1",
-        requests: [],
-        folders: [
-          {
-            v: 1,
-            name: "test1",
-            id: "2",
-            requests: undefined,
-            folders: [],
-          },
-        ],
-      })
-    ).toBeFalsy();
-  });
-
-  test("Invalid HoppRESTRequest(s) in requests.", () => {
-    expect(
-      isRESTCollection({
-        v: 1,
-        name: "test",
-        id: "1",
-        requests: [{}],
-        folders: [],
-      })
-    ).toBeFalsy();
-  });
-
-  test("Valid RESTCollection.", () => {
-    expect(
-      isRESTCollection({
-        v: 1,
-        name: "test",
-        id: "1",
-        requests: [],
-        folders: [],
-      })
-    ).toBeTruthy();
-  });
-});
--- a/packages/hoppscotch-cli/src/tests/samples/collections/coll-v1-req-v0.json
+++ b/packages/hoppscotch-cli/src/tests/samples/collections/coll-v1-req-v0.json
@@ -0,0 +1,55 @@
+{
+  "v": 1,
+  "name": "coll-v1",
+  "folders": [
+    {
+      "v": 1,
+      "name": "coll-v1-child",
+      "folders": [],
+      "requests": [
+        {
+          "url": "https://echo.hoppscotch.io",
+          "path": "/get",
+          "headers": [
+            { "key": "Inactive-Header", "value": "Inactive Header", "active": false },
+            { "key": "Authorization", "value": "Bearer token123", "active": true }
+          ],
+          "params": [
+            { "key": "key", "value": "value", "active": true },
+            { "key": "inactive-key", "value": "inactive-param", "active": false }
+          ],
+          "name": "req-v0-II",
+          "method": "GET",
+          "preRequestScript": "",
+          "testScript": "pw.test(\"Asserts request params\", () => {\n  pw.expect(pw.response.body.args.key).toBe(\"value\")\n  pw.expect(pw.response.body.args[\"inactive-key\"]).toBe(undefined)\n})\n\npw.test(\"Asserts request headers\", () => {\n  pw.expect(pw.response.body.headers[\"authorization\"]).toBe(\"Bearer token123\")\n  pw.expect(pw.response.body.headers[\"inactive-header\"]).toBe(undefined)\n})",
+          "contentType": "application/json",
+          "body": "",
+          "auth": "Bearer Token",
+          "bearerToken": "token123"
+        }
+      ]
+    }
+  ],
+  "requests": [
+    {
+      "url": "https://echo.hoppscotch.io",
+      "path": "/get",
+      "headers": [
+        { "key": "Inactive-Header", "value": "Inactive Header", "active": false },
+        { "key": "Authorization", "value": "Bearer token123", "active": true }
+      ],
+      "params": [
+        { "key": "key", "value": "value", "active": true },
+        { "key": "inactive-key", "value": "inactive-param", "active": false }
+      ],
+      "name": "req-v0",
+      "method": "GET",
+      "preRequestScript": "",
+      "testScript": "pw.test(\"Asserts request params\", () => {\n  pw.expect(pw.response.body.args.key).toBe(\"value\")\n  pw.expect(pw.response.body.args[\"inactive-key\"]).toBe(undefined)\n})\n\npw.test(\"Asserts request headers\", () => {\n  pw.expect(pw.response.body.headers[\"authorization\"]).toBe(\"Bearer token123\")\n  pw.expect(pw.response.body.headers[\"inactive-header\"]).toBe(undefined)\n})",
+      "contentType": "application/json",
+      "body": "",
+      "auth": "Bearer Token",
+      "bearerToken": "token123"
+    }
+  ]
+}
--- a/packages/hoppscotch-cli/src/tests/samples/collections/coll-v1-req-v1.json
+++ b/packages/hoppscotch-cli/src/tests/samples/collections/coll-v1-req-v1.json
@@ -0,0 +1,97 @@
+{
+    "v": 1,
+    "name": "coll-v1",
+    "folders": [
+        {
+            "v": 1,
+            "name": "coll-v1-child",
+            "folders": [],
+            "requests": [
+                {
+                    "v": "1",
+                    "endpoint": "https://echo.hoppscotch.io",
+                    "headers": [
+                        {
+                            "key": "Inactive-Header",
+                            "value": "Inactive Header",
+                            "active": false
+                        },
+                        {
+                            "key": "Authorization",
+                            "value": "Bearer token123",
+                            "active": true
+                        }
+                    ],
+                    "params": [
+                        {
+                            "key": "key",
+                            "value": "value",
+                            "active": true
+                        },
+                        {
+                            "key": "inactive-key",
+                            "value": "inactive-param",
+                            "active": false
+                        }
+                    ],
+                    "name": "req-v1-II",
+                    "method": "GET",
+                    "preRequestScript": "",
+                    "testScript": "pw.test(\"Asserts request params\", () => {\n  pw.expect(pw.response.body.args.key).toBe(\"value\")\n  pw.expect(pw.response.body.args[\"inactive-key\"]).toBe(undefined)\n})\n\npw.test(\"Asserts request headers\", () => {\n  pw.expect(pw.response.body.headers[\"authorization\"]).toBe(\"Bearer token123\")\n  pw.expect(pw.response.body.headers[\"inactive-header\"]).toBe(undefined)\n})",
+                    "body": {
+                        "contentType": null,
+                        "body": null
+                    },
+                    "auth": {
+                        "authType": "bearer",
+                        "authActive": true,
+                        "token": "token123"
+                    }
+                }
+            ]
+        }
+    ],
+    "requests": [
+        {
+            "v": "1",
+            "endpoint": "https://echo.hoppscotch.io",
+            "headers": [
+                {
+                    "key": "Inactive-Header",
+                    "value": "Inactive Header",
+                    "active": false
+                },
+                {
+                    "key": "Authorization",
+                    "value": "Bearer token123",
+                    "active": true
+                }
+            ],
+            "params": [
+                {
+                    "key": "key",
+                    "value": "value",
+                    "active": true
+                },
+                {
+                    "key": "inactive-key",
+                    "value": "inactive-param",
+                    "active": false
+                }
+            ],
+            "name": "req-v1",
+            "method": "GET",
+            "preRequestScript": "",
+            "testScript": "pw.test(\"Asserts request params\", () => {\n  pw.expect(pw.response.body.args.key).toBe(\"value\")\n  pw.expect(pw.response.body.args[\"inactive-key\"]).toBe(undefined)\n})\n\npw.test(\"Asserts request headers\", () => {\n  pw.expect(pw.response.body.headers[\"authorization\"]).toBe(\"Bearer token123\")\n  pw.expect(pw.response.body.headers[\"inactive-header\"]).toBe(undefined)\n})",
+            "body": {
+                "contentType": null,
+                "body": null
+            },
+            "auth": {
+                "authType": "bearer",
+                "authActive": true,
+                "token": "token123"
+            }
+        }
+    ]
+}
--- a/packages/hoppscotch-cli/src/tests/samples/collections/coll-v2-req-v2.json
+++ b/packages/hoppscotch-cli/src/tests/samples/collections/coll-v2-req-v2.json
@@ -0,0 +1,109 @@
+{
+    "v": 2,
+    "name": "coll-v2",
+    "folders": [
+        {
+            "v": 2,
+            "name": "coll-v2-child",
+            "folders": [],
+            "requests": [
+                {
+                    "v": "2",
+                    "endpoint": "https://echo.hoppscotch.io",
+                    "headers": [
+                        {
+                            "key": "Inactive-Header",
+                            "value": "Inactive Header",
+                            "active": false
+                        },
+                        {
+                            "key": "Authorization",
+                            "value": "Bearer token123",
+                            "active": true
+                        }
+                    ],
+                    "params": [
+                        {
+                            "key": "key",
+                            "value": "value",
+                            "active": true
+                        },
+                        {
+                            "key": "inactive-key",
+                            "value": "inactive-param",
+                            "active": false
+                        }
+                    ],
+                    "name": "req-v2-II",
+                    "method": "GET",
+                    "preRequestScript": "",
+                    "testScript": "pw.test(\"Asserts request params\", () => {\n  pw.expect(pw.response.body.args.key).toBe(\"value\")\n  pw.expect(pw.response.body.args[\"inactive-key\"]).toBe(undefined)\n})\n\npw.test(\"Asserts request headers\", () => {\n  pw.expect(pw.response.body.headers[\"authorization\"]).toBe(\"Bearer token123\")\n  pw.expect(pw.response.body.headers[\"inactive-header\"]).toBe(undefined)\n})",
+                    "body": {
+                        "contentType": null,
+                        "body": null
+                    },
+                    "auth": {
+                        "authType": "bearer",
+                        "authActive": true,
+                        "token": "token123"
+                    },
+                    "requestVariables": []
+                }
+            ],
+            "auth": {
+                "authType": "inherit",
+                "authActive": true
+            },
+            "headers": []
+        }
+    ],
+    "requests": [
+        {
+            "v": "2",
+            "endpoint": "https://echo.hoppscotch.io",
+            "headers": [
+                {
+                    "key": "Inactive-Header",
+                    "value": "Inactive Header",
+                    "active": false
+                },
+                {
+                    "key": "Authorization",
+                    "value": "Bearer token123",
+                    "active": true
+                }
+            ],
+            "params": [
+                {
+                    "key": "key",
+                    "value": "value",
+                    "active": true
+                },
+                {
+                    "key": "inactive-key",
+                    "value": "inactive-param",
+                    "active": false
+                }
+            ],
+            "name": "req-v2",
+            "method": "GET",
+            "preRequestScript": "",
+            "testScript": "pw.test(\"Asserts request params\", () => {\n  pw.expect(pw.response.body.args.key).toBe(\"value\")\n  pw.expect(pw.response.body.args[\"inactive-key\"]).toBe(undefined)\n})\n\npw.test(\"Asserts request headers\", () => {\n  pw.expect(pw.response.body.headers[\"authorization\"]).toBe(\"Bearer token123\")\n  pw.expect(pw.response.body.headers[\"inactive-header\"]).toBe(undefined)\n})",
+            "body": {
+                "contentType": null,
+                "body": null
+            },
+            "auth": {
+                "authType": "bearer",
+                "authActive": true,
+                "token": "token123"
+            },
+            "requestVariables": []
+        }
+    ],
+    "auth": {
+        "authType": "inherit",
+        "authActive": true
+    },
+    "headers": []
+}
--- a/packages/hoppscotch-cli/src/tests/samples/collections/coll-v2-req-v3.json
+++ b/packages/hoppscotch-cli/src/tests/samples/collections/coll-v2-req-v3.json
@@ -0,0 +1,109 @@
+{
+    "v": 2,
+    "name": "coll-v2",
+    "folders": [
+        {
+            "v": 2,
+            "name": "coll-v2-child",
+            "folders": [],
+            "requests": [
+                {
+                    "v": "3",
+                    "endpoint": "https://echo.hoppscotch.io",
+                    "headers": [
+                        {
+                            "key": "Inactive-Header",
+                            "value": "Inactive Header",
+                            "active": false
+                        },
+                        {
+                            "key": "Authorization",
+                            "value": "Bearer token123",
+                            "active": true
+                        }
+                    ],
+                    "params": [
+                        {
+                            "key": "key",
+                            "value": "value",
+                            "active": true
+                        },
+                        {
+                            "key": "inactive-key",
+                            "value": "inactive-param",
+                            "active": false
+                        }
+                    ],
+                    "name": "req-v3-II",
+                    "method": "GET",
+                    "preRequestScript": "",
+                    "testScript": "pw.test(\"Asserts request params\", () => {\n  pw.expect(pw.response.body.args.key).toBe(\"value\")\n  pw.expect(pw.response.body.args[\"inactive-key\"]).toBe(undefined)\n})\n\npw.test(\"Asserts request headers\", () => {\n  pw.expect(pw.response.body.headers[\"authorization\"]).toBe(\"Bearer token123\")\n  pw.expect(pw.response.body.headers[\"inactive-header\"]).toBe(undefined)\n})",
+                    "body": {
+                        "contentType": null,
+                        "body": null
+                    },
+                    "auth": {
+                        "authType": "bearer",
+                        "authActive": true,
+                        "token": "token123"
+                    },
+                    "requestVariables": []
+                }
+            ],
+            "auth": {
+                "authType": "inherit",
+                "authActive": true
+            },
+            "headers": []
+        }
+    ],
+    "requests": [
+        {
+            "v": "3",
+            "endpoint": "https://echo.hoppscotch.io",
+            "headers": [
+                {
+                    "key": "Inactive-Header",
+                    "value": "Inactive Header",
+                    "active": false
+                },
+                {
+                    "key": "Authorization",
+                    "value": "Bearer token123",
+                    "active": true
+                }
+            ],
+            "params": [
+                {
+                    "key": "key",
+                    "value": "value",
+                    "active": true
+                },
+                {
+                    "key": "inactive-key",
+                    "value": "inactive-param",
+                    "active": false
+                }
+            ],
+            "name": "req-v3",
+            "method": "GET",
+            "preRequestScript": "",
+            "testScript": "pw.test(\"Asserts request params\", () => {\n  pw.expect(pw.response.body.args.key).toBe(\"value\")\n  pw.expect(pw.response.body.args[\"inactive-key\"]).toBe(undefined)\n})\n\npw.test(\"Asserts request headers\", () => {\n  pw.expect(pw.response.body.headers[\"authorization\"]).toBe(\"Bearer token123\")\n  pw.expect(pw.response.body.headers[\"inactive-header\"]).toBe(undefined)\n})",
+            "body": {
+                "contentType": null,
+                "body": null
+            },
+            "auth": {
+                "authType": "bearer",
+                "authActive": true,
+                "token": "token123"
+            },
+            "requestVariables": []
+        }
+    ],
+    "auth": {
+        "authType": "inherit",
+        "authActive": true
+    },
+    "headers": []
+}
--- a/packages/hoppscotch-cli/src/tests/samples/collections/collection-level-headers-auth-coll.json
+++ b/packages/hoppscotch-cli/src/tests/samples/collections/collection-level-headers-auth-coll.json
@@ -0,0 +1,227 @@
+[
+  {
+    "v": 2,
+    "name": "CollectionA",
+    "folders": [
+      {
+        "v": 2,
+        "name": "FolderA",
+        "folders": [
+          {
+            "v": 2,
+            "name": "FolderB",
+            "folders": [
+              {
+                "v": 2,
+                "name": "FolderC",
+                "folders": [],
+                "requests": [
+                  {
+                    "v": "3",
+                    "endpoint": "https://echo.hoppscotch.io",
+                    "name": "RequestD",
+                    "params": [],
+                    "headers": [
+                      {
+                        "active": true,
+                        "key": "X-Test-Header",
+                        "value": "Overriden at RequestD"
+                      }
+                    ],
+                    "method": "GET",
+                    "auth": {
+                      "authType": "basic",
+                      "authActive": true,
+                      "username": "username",
+                      "password": "password"
+                    },
+                    "preRequestScript": "",
+                    "testScript": "pw.test(\"Overrides auth and headers set at the parent folder\", ()=> {\n    pw.expect(pw.response.body.headers[\"x-test-header\"]).toBe(\"Overriden at RequestD\");\n  pw.expect(pw.response.body.headers[\"authorization\"]).toBe(\"Basic dXNlcm5hbWU6cGFzc3dvcmQ=\");\n});",
+                    "body": {
+                      "contentType": null,
+                      "body": null
+                    },
+                    "requestVariables": []
+                  }
+                ],
+                "auth": {
+                  "authType": "inherit",
+                  "authActive": true
+                },
+                "headers": []
+              }
+            ],
+            "requests": [
+              {
+                "v": "3",
+                "endpoint": "https://echo.hoppscotch.io",
+                "name": "RequestC",
+                "params": [],
+                "headers": [],
+                "method": "GET",
+                "auth": {
+                  "authType": "inherit",
+                  "authActive": true
+                },
+                "preRequestScript": "",
+                "testScript": "pw.test(\"Correctly inherits auth and headers from the parent folder\", ()=> {\n    pw.expect(pw.response.body.headers[\"x-test-header\"]).toBe(\"Overriden at FolderB\");\n  pw.expect(pw.response.body.headers[\"key\"]).toBe(\"test-key\");\n});",
+                "body": {
+                  "contentType": null,
+                  "body": null
+                },
+                "requestVariables": []
+              }
+            ],
+            "auth": {
+              "authType": "api-key",
+              "authActive": true,
+              "addTo": "HEADERS",
+              "key": "key",
+              "value": "test-key"
+            },
+            "headers": [
+              {
+                "active": true,
+                "key": "X-Test-Header",
+                "value": "Overriden at FolderB"
+              }
+            ]
+          }
+        ],
+        "requests": [
+          {
+            "v": "3",
+            "endpoint": "https://echo.hoppscotch.io",
+            "name": "RequestB",
+            "params": [],
+            "headers": [],
+            "method": "GET",
+            "auth": {
+              "authType": "inherit",
+              "authActive": true
+            },
+            "preRequestScript": "",
+            "testScript": "pw.test(\"Correctly inherits auth and headers from the parent folder\", ()=> {\n    pw.expect(pw.response.body.headers[\"x-test-header\"]).toBe(\"Set at root collection\");\n  pw.expect(pw.response.body.headers[\"authorization\"]).toBe(\"Bearer BearerToken\");\n});",
+            "body": {
+              "contentType": null,
+              "body": null
+            },
+            "requestVariables": [],
+            "id": "clpttpdq00003qp16kut6doqv"
+          }
+        ],
+        "auth": {
+          "authType": "inherit",
+          "authActive": true
+        },
+        "headers": []
+      }
+    ],
+    "requests": [
+      {
+        "v": "3",
+        "endpoint": "https://echo.hoppscotch.io",
+        "name": "RequestA",
+        "params": [],
+        "headers": [],
+        "method": "GET",
+        "auth": {
+          "authType": "inherit",
+          "authActive": true
+        },
+        "preRequestScript": "",
+        "testScript": "pw.test(\"Correctly inherits auth and headers from the root collection\", ()=> {\n    pw.expect(pw.response.body.headers[\"x-test-header\"]).toBe(\"Set at root collection\");\n  pw.expect(pw.response.body.headers[\"authorization\"]).toBe(\"Bearer BearerToken\");\n});",
+        "body": {
+          "contentType": null,
+          "body": null
+        },
+        "requestVariables": [],
+        "id": "clpttpdq00003qp16kut6doqv"
+      }
+    ],
+    "headers": [
+      {
+        "active": true,
+        "key": "X-Test-Header",
+        "value": "Set at root collection"
+      }
+    ],
+    "auth": {
+      "authType": "bearer",
+      "authActive": true,
+      "token": "BearerToken"
+    }
+  },
+  {
+    "v": 2,
+    "name": "CollectionB",
+    "folders": [
+      {
+        "v": 2,
+        "name": "FolderA",
+        "folders": [],
+        "requests": [
+          {
+            "v": "3",
+            "endpoint": "https://echo.hoppscotch.io",
+            "name": "RequestB",
+            "params": [],
+            "headers": [],
+            "method": "GET",
+            "auth": {
+              "authType": "inherit",
+              "authActive": true
+            },
+            "preRequestScript": "",
+            "testScript": "pw.test(\"Correctly inherits auth and headers from the parent folder\", ()=> {\n    pw.expect(pw.response.body.headers[\"x-test-header\"]).toBe(\"Set at root collection\");\n  pw.expect(pw.response.body.headers[\"authorization\"]).toBe(\"Bearer BearerToken\");\n});",
+            "body": {
+              "contentType": null,
+              "body": null
+            },
+            "requestVariables": [],
+            "id": "clpttpdq00003qp16kut6doqv"
+          }
+        ],
+        "auth": {
+          "authType": "inherit",
+          "authActive": true
+        },
+        "headers": []
+      }
+    ],
+    "requests": [
+      {
+        "v": "3",
+        "endpoint": "https://echo.hoppscotch.io",
+        "name": "RequestA",
+        "params": [],
+        "headers": [],
+        "method": "GET",
+        "auth": {
+          "authType": "inherit",
+          "authActive": true
+        },
+        "preRequestScript": "",
+        "testScript": "pw.test(\"Correctly inherits auth and headers from the root collection\", ()=> {\n    pw.expect(pw.response.body.headers[\"x-test-header\"]).toBe(\"Set at root collection\");\n  pw.expect(pw.response.body.headers[\"authorization\"]).toBe(\"Bearer BearerToken\");\n});",
+        "body": {
+          "contentType": null,
+          "body": null
+        },
+        "requestVariables": [],
+        "id": "clpttpdq00003qp16kut6doqv"
+      }
+    ],
+    "headers": [
+      {
+        "active": true,
+        "key": "X-Test-Header",
+        "value": "Set at root collection"
+      }
+    ],
+    "auth": {
+      "authType": "bearer",
+      "authActive": true,
+      "token": "BearerToken"
+    }
+  }
+]
--- a/packages/hoppscotch-cli/src/tests/samples/collections/env-flag-tests-coll.json
+++ b/packages/hoppscotch-cli/src/tests/samples/collections/env-flag-tests-coll.json
@@ -4,7 +4,7 @@
  "folders": [],
  "requests": [
    {
-      "v": "1",
+      "v": "3",
      "endpoint": "<<URL>>",
      "name": "test1",
      "params": [],
@@ -16,7 +16,8 @@
      "body": {
        "contentType": "application/json",
        "body": "{\n  \"<<BODY_KEY>>\":\"<<BODY_VALUE>>\"\n}"
-      }
+      },
+      "requestVariables": []
    }
  ]
 }
--- a/packages/hoppscotch-cli/src/tests/samples/collections/fails-coll.json
+++ b/packages/hoppscotch-cli/src/tests/samples/collections/fails-coll.json
@@ -5,7 +5,7 @@
    "folders": [],
    "requests": [
      {
-        "v": "1",
+        "v": "3",
        "endpoint": "https://echo.hoppscotch.io/<<HEADERS_TYPE1>>",
        "name": "",
        "params": [],
@@ -13,20 +13,18 @@
        "method": "GET",
        "auth": {
          "authType": "none",
-          "authActive": true,
-          "addTo": "Headers",
-          "key": "",
-          "value": ""
+          "authActive": true
        },
        "preRequestScript": "pw.env.set(\"HEADERS_TYPE1\", \"devblin_local1\");",
        "testScript": "// Check status code is 200\npwd.test(\"Status code is 200\", ()=> {\n    pw.expect(pw.response.status).toBe(200);\n});\n\n// Check JSON response property\npw.test(\"Check JSON response property\", ()=> {\n    pw.expect(pw.response.body.method).toBe(\"GET\");\n    pw.expect(pw.response.body.headers).toBeType(\"string\");\n});",
        "body": {
          "contentType": "application/json",
          "body": "{\n\"test\": \"<<HEADERS_TYPE1>>\"\n}"
-        }
+        },
+        "requestVariables": []
      },
      {
-        "v": "1",
+        "v": "3",
        "endpoint": "https://echo.hoppscotch.dio/<<HEADERS_TYPE2>>",
        "name": "success",
        "params": [],
@@ -34,17 +32,15 @@
        "method": "GET",
        "auth": {
          "authType": "none",
-          "authActive": true,
-          "addTo": "Headers",
-          "key": "",
-          "value": ""
+          "authActive": true
        },
        "preRequestScript": "pw.env.setd(\"HEADERS_TYPE2\", \"devblin_local2\");",
        "testScript": "// Check status code is 200\npw.test(\"Status code is 200\", ()=> {\n    pw.expect(pw.response.status).toBe(300);\n});\n\n// Check JSON response property\npw.test(\"Check JSON response property\", ()=> {\n    pw.expect(pw.response.body.method).toBe(\"GET\");\n    pw.expect(pw.response.body.headers).toBeType(\"object\");\n});",
        "body": {
          "contentType": "application/json",
          "body": "{\n\"test\": \"<<HEADERS_TYPE2>>\"\n}"
-        }
+        },
+        "requestVariables": []
      }
    ]
  }
--- a/Show More
+++ b/Show More