This Contribution is part of the Utopian Registration-Project.
The goal for the Utopian Registration is, to allow People who are new to STEEM to create an Utopian ( STEEM ) - Account through Utopian itself (and not how it is currently handled, through STEEMIT).
And one of the steps for that is, for the user to confirm a phone-number via SMS.
In this Contribution-Post I'll take you through the changes I've made to the backend.
The Pull-Request
You can find the pull-request here: Pull Request
Introduction
I've already created a Contribution Post about the SMS-Verification changes that I've added to the frontend in this Post: https://utopian.io/utopian-io/@therealwolf/utopian-registration-frontend-sms-verification
But the important part is the logic behind the interface, which is exactly what I'm now going to talk about.
Why SMS-Verification?
The Registration Frontend allows Users to login via their favourite Social-Media (currently supported are Github, Facebook and later also LinkedIn). While some accounts have already a level of verification which is enough to allow the user to create an account, some accounts are simply too new or due to other reasons not enough to use as verification. That's where SMS-Verification comes into play.
However, another reason for SMS-Verification is also the ability to recover the password - in addition with the last digits of the recent password.
Technicals
The goal for the SMS-Verification was to use a provider that is both fast, secure and not that expensive - as for example twilio.
That's why I went with NEXMO.
The logic behind the Verification is to create a random combination of letters and numbers with a length of 4 and sending it with an SMS to the Number, which was entered by the User.
If the User has successfully entered the code, the Account will be verified by SMS and the User is then able to create the Account.
Security Measures
One of the security measures that I build in is the maximum amount of 3 SMS that can be send. If the User is trying to send a 4th message, he / she will be shown an error saying that the SMS-Limit has been reached and that he / she should contact the moderators on discord.
Additionally, NEXMO comes with an automatic SPAM- & Blacklist, which should help save @utopian-io from malicious numbers.
What is next?
The next step is to create the STEEM Account itself and then create and link this account to the Utopian-Database Object.
Posted on Utopian.io - Rewarding Open Source Contributors
i get the error "settings couldnt be saved error code 400" how to fix this please ?
What are you talking about? smartsteem? Please come to our discord: https://discord.gg/srHEUuk
verification is supercalifragilisticepialidocious for abandon spam..
Hey @therealwolf I am @utopian-io. I have just upvoted you!
Achievements
Community-Driven Witness!
I am the first and only Steem Community-Driven Witness. Participate on Discord. Lets GROW TOGETHER!
Up-vote this comment to grow my power and help Open Source contributions like this one. Want to chat? Join me on Discord https://discord.gg/Pc8HG9x
good improvements, looking forward to the next update when you create the steem account and link it to utopian database
Thank you for the contribution. It has been approved.
You can contact us on Discord.
[utopian-moderator]
Your blog is really good!
Thanks for sharing it!
Thank you for this contribution, it is a very important feature and added security.