Add OTP verification

2020-04-19 21:30:41 +02:00 · 2020-04-19 21:30:41 +02:00 · 068cea8019
commit 068cea8019
parent 69792075cb
3 changed files with 39 additions and 7 deletions
--- a/src/app/routes.py
+++ b/src/app/routes.py
@ -1,5 +1,5 @@
-from flask import request, jsonify
-from database.crud import insert_data
+from flask import request, jsonify, make_response
+from database.crud import insert_data, verify_otp
 from external.twilio import send_otp
 from app import app

@ -9,4 +9,12 @@ def create_user():
    data = request.get_json()
    insert_data(schema="Users", data=data)
    send_otp(receiver=data["mobile"])
-    return jsonify("User created, pending OTP verification")
+    return make_response(jsonify("User created, pending OTP verification"))
+
+
+@app.route("/verifyotp", methods=["POST"])
+def validate_otp():
+    data = request.get_json()
+    if verify_otp(mobile=data["mobile"], otp=data["otp"]):
+        return make_response(jsonify("The OTP has been verified successfully"))
+    return make_response(jsonify("The OTP is not correct"))
--- a/src/database/crud.py
+++ b/src/database/crud.py
@ -2,6 +2,7 @@ from app import db
 from database.models import *
 from database.schema import *
 from marshmallow import ValidationError
+from datetime import datetime


 def insert_data(schema, data):
@ -10,13 +11,13 @@ def insert_data(schema, data):
    db.session.commit()


-def delete_data(id):
+def delete_data(data):
    db.session.delete(data)
    db.session.commit()


-def update_otp(user_id, otp):
-    db.session.query(table="Users").filter_by(id=user_id).update(dict(otp=otp))
+def save_otp(mobile, otp):
+    db.session.query(table="Users").filter_by(mobile=mobile).update(dict(otp=otp))
    db.session.commit()


@ -28,3 +29,24 @@ def validate_data(schema, data):
        return output
    except ValidationError as err:
        print(err.messages)
+
+
+def fetch_stored_otp(mobile):
+    user = db.session.query(table="Users").filter_by(mobile=mobile)
+    otp = user.otp
+    return otp
+
+
+def validate_otp(mobile):
+    timestamp = datetime.now()
+    db.session.query(table="Users").filter_by(mobile=mobile).update(
+        dict(otp_valid_time=timestamp)
+    )
+
+
+def verify_otp(mobile, otp):
+    stored_otp = fetch_stored_otp(mobile=mobile)
+    if stored_otp == otp:
+        validate_otp(mobile=mobile)
+        return True
+    return False
--- a/src/external/twilio.py
+++ b/src/external/twilio.py
@ -1,6 +1,7 @@
 from twilio.rest import Client
 from secrets import randbits
 from constants import account_id, token, sms_sender
+from database.crud import save_otp


 def connect_api():
@ -20,4 +21,5 @@ def send_otp(receiver):
    client = connect_api()
    code = generate_code()
    message = "Your OTP code is {0}".format(code)
-    sms = client.messages.create(to=receiver, from_=sms_sender, body=message)
+    client.messages.create(to=receiver, from_=sms_sender, body=message)
+    save_otp(receiver, code)