SMS OTP Architecture - wordjelly/Auth GitHub Wiki

SmsOtp Concern

This concern is to be included in any model that also includes the Auth::Concerns::UserConcern This concern defines some after_save callbacks and some methods.

Methods

1.send_sms_otp

2.verify_sms_otp

3.check_otp_errors

When implementing these methods in the user object, they are supposed to call other methods || perform the action required directly themselves.

The engine provides the following architecture to handle the required functionality.

ActiveJob : OtpJob
Controller Concern: OtpConcern
Custom Module for Indian Sms Requirements: TwoFactorOtp

The recommend flow of events is, in the user model do the following:

Override the methods provided above ->

Inside the method call the delayed job(inside send_sms_otp and verify_sms_otp) ->

Inside the job call methods from the module.


## include the otp concern
include Auth::Concerns::SmsOtpConcern

## override the two methods provided by the concern

## call the background job
def send_sms_otp
    OtpJob.perform_later([self.class.name.to_s,self.id.to_s,"send_sms_otp"])
end

## call the background job
def verify_sms_otp(otp)
    OtpJob.perform_later([self.class.name.to_s,self.id.to_s,"verify_sms_otp",JSON.generate({:otp => otp})])
end

## this method has to be overriden depending on your implementation to search for any otp errors pertaining to this user
## In case you use two_factor_otp.rb, then directly do as follows
## it should return true/false
def check_otp_errors
    Auth::TwoFactorOtp.resource = self
    Auth::TwoFactorOtp.check_errors
end

Inside the background job, these individual requirements are handled by using methods from the TwoFactorOtp module.

The only place where the Auth::TwoFactorOtp module is directly included is in the OtpJob. Other than that, the only other call to its methods is in the check_errors method above.