diff --git a/apps/api/src/auth/service/auth.service.ts b/apps/api/src/auth/service/auth.service.ts
index 12b54b2d..a391cf54 100644
--- a/apps/api/src/auth/service/auth.service.ts
+++ b/apps/api/src/auth/service/auth.service.ts
@@ -90,17 +90,17 @@ export class AuthService {
     }
 
     const isOtpValid =
-      (await this.prisma.otp.count({
+      (await this.prisma.otp.findUnique({
         where: {
-          code: otp,
-          user: {
-            email
+          userCode: {
+            code: otp,
+            userId: user.id
           },
           expiresAt: {
             gt: new Date()
           }
         }
-      })) > 0
+      })) !== null
 
     if (!isOtpValid) {
       this.logger.error(`Invalid login code for ${email}: ${otp}`)
diff --git a/apps/api/src/prisma/schema.prisma b/apps/api/src/prisma/schema.prisma
index 200a5db5..e39269da 100644
--- a/apps/api/src/prisma/schema.prisma
+++ b/apps/api/src/prisma/schema.prisma
@@ -90,6 +90,8 @@ model User {
   projects         Project[] // Stores the projects the user updated
   environments     Environment[] // Stores the environments the user updated
   secretVersion    SecretVersion[]
+
+  @@index([email], name: "email")
 }
 
 model Subscription {
@@ -212,6 +214,9 @@ model Otp {
   userId    String
   createdAt DateTime @default(now())
   expiresAt DateTime
+
+  @@unique([userId, code], name: "userCode")
+  @@index([expiresAt], name: "expiresAt")
 }
 
 model Workspace {
diff --git a/apps/api/src/workspace/misc/workspace.permission.ts b/apps/api/src/workspace/misc/workspace.permission.ts
index 45c61c5c..84307dd8 100644
--- a/apps/api/src/workspace/misc/workspace.permission.ts
+++ b/apps/api/src/workspace/misc/workspace.permission.ts
@@ -14,13 +14,8 @@ export class WorkspacePermission {
     if (user.isAdmin) Promise.resolve()
 
     // Else, check if the user is a workspace admin
-    const memberships = await this.resolveWorkspacesOfUser(user)
-    const membership = memberships.find(
-      (membership) => membership.workspaceId === workspaceId
-    )
-    if (!membership) {
-      throw new UnauthorizedException('User is not a member of the workspace')
-    }
+    const membership = await this.getMembership(workspaceId, user.id)
+
     if (membership.role !== WorkspaceRole.OWNER) {
       throw new UnauthorizedException('Atleast OWNER role is required')
     }
@@ -34,13 +29,9 @@ export class WorkspacePermission {
     if (user.isAdmin) Promise.resolve()
 
     // Else, check if the user is a workspace admin
-    const memberships = await this.resolveWorkspacesOfUser(user)
-    const membership = memberships.find(
-      (membership) => membership.workspaceId === workspaceId
-    )
-    if (!membership) {
-      throw new UnauthorizedException('User is not a member of the workspace')
-    }
+    // const memberships = await this.resolveWorkspacesOfUser(user)
+    const membership = await this.getMembership(workspaceId, user.id)
+
     if (
       membership.role !== WorkspaceRole.OWNER &&
       membership.role !== WorkspaceRole.MAINTAINER
@@ -57,29 +48,43 @@ export class WorkspacePermission {
     if (user.isAdmin) Promise.resolve()
 
     // Else, check if the user is a workspace admin
-    const memberships = await this.resolveWorkspacesOfUser(user)
-    const membership = memberships.find(
-      (membership) => membership.workspaceId === workspaceId
-    )
-    if (!membership) {
-      throw new UnauthorizedException('User is not a member of the workspace')
-    }
+    this.getMembership(workspaceId, user.id)
   }
 
-  private async resolveWorkspacesOfUser(
-    user: User
-  ): Promise<{ workspaceId: Workspace['id']; role: WorkspaceRole }[]> {
-    // const memberships = await this.repository.getWorkspaceMembershipsOfUser(
-    //   user.id
-    // )
-    const memberships = await this.prisma.workspaceMember.findMany({
+  private async getMembership(
+    workspaceId: Workspace['id'],
+    userId: User['id']
+  ) {
+    const membership = await this.prisma.workspaceMember.findUnique({
       where: {
-        userId: user.id
+        workspaceId_userId: {
+          workspaceId,
+          userId
+        }
       }
     })
-    return memberships.map((membership) => ({
-      workspaceId: membership.workspaceId,
-      role: membership.role
-    }))
+
+    if (!membership) {
+      throw new UnauthorizedException('User is not a member of the workspace')
+    }
+
+    return membership
   }
+
+  // private async resolveWorkspacesOfUser(
+  //   user: User
+  // ): Promise<{ workspaceId: Workspace['id']; role: WorkspaceRole }[]> {
+  //   // const memberships = await this.repository.getWorkspaceMembershipsOfUser(
+  //   //   user.id
+  //   // )
+  //   const memberships = await this.prisma.workspaceMember.findMany({
+  //     where: {
+  //       userId: user.id
+  //     }
+  //   })
+  //   return memberships.map((membership) => ({
+  //     workspaceId: membership.workspaceId,
+  //     role: membership.role
+  //   }))
+  // }
 }