feat: Validate login request to ensure either email or phone is provided

- Enhanced the `verifyLoginRequest` method in `AuthService` to check that at least one of the email or phone fields is populated in the `CompleteLoginRequest`.
- Added error handling to return an `InvalidArgument` status if both fields are empty, improving request validation and user feedback.

Signed-off-by: Christian Melgarejo <cmelgarejo@users.noreply.github.com>

Author: cmelgarejo

modules/auth/internal/service/service.go

@@ -165,12 +165,20 @@ func (s *AuthService) CompleteLogin(ctx context.Context, req *authv1.CompleteLog
 // This method handles business logic validation (magic code verification).
 // Note: The oneof requirement (email or phone) is handled by the validation interceptor.
 func (s *AuthService) verifyLoginRequest(ctx context.Context, req *authv1.CompleteLoginRequest) error {
+	email := req.GetEmail()
+	phone := req.GetPhone()
+
+	// Validate that at least one of email or phone is provided
+	if email == "" && phone == "" {
+		return status.Error(codes.InvalidArgument, "either email or phone must be provided")
+	}
+
 	// With oneof, exactly one field will be set (validated by protovalidate)
-	if req.GetEmail() != "" {
-		return s.verifyMagicCodeByEmail(ctx, req.GetEmail(), req.Code)
+	if email != "" {
+		return s.verifyMagicCodeByEmail(ctx, email, req.Code)
 	}
 
-	return s.verifyMagicCodeByPhone(ctx, req.GetPhone(), req.Code)
+	return s.verifyMagicCodeByPhone(ctx, phone, req.Code)
 }
 
 func (s *AuthService) verifyMagicCodeByEmail(ctx context.Context, email, code string) error {