Utopian Registration: Backend - SMS Verification

in #utopian-io7 years ago (edited)

image.png

This Contribution is part of the Utopian Registration-Project.

The goal for the Utopian Registration is, to allow People who are new to STEEM to create an Utopian ( STEEM ) - Account through Utopian itself (and not how it is currently handled, through STEEMIT).

And one of the steps for that is, for the user to confirm a phone-number via SMS.

In this Contribution-Post I'll take you through the changes I've made to the backend.

The Pull-Request

image.png

You can find the pull-request here: Pull Request

Introduction

I've already created a Contribution Post about the SMS-Verification changes that I've added to the frontend in this Post: https://utopian.io/utopian-io/@therealwolf/utopian-registration-frontend-sms-verification

But the important part is the logic behind the interface, which is exactly what I'm now going to talk about.

Why SMS-Verification?

The Registration Frontend allows Users to login via their favourite Social-Media (currently supported are Github, Facebook and later also LinkedIn). While some accounts have already a level of verification which is enough to allow the user to create an account, some accounts are simply too new or due to other reasons not enough to use as verification. That's where SMS-Verification comes into play.

However, another reason for SMS-Verification is also the ability to recover the password - in addition with the last digits of the recent password.

Technicals

The goal for the SMS-Verification was to use a provider that is both fast, secure and not that expensive - as for example twilio.

That's why I went with NEXMO.

The logic behind the Verification is to create a random combination of letters and numbers with a length of 4 and sending it with an SMS to the Number, which was entered by the User.

If the User has successfully entered the code, the Account will be verified by SMS and the User is then able to create the Account.

Security Measures

One of the security measures that I build in is the maximum amount of 3 SMS that can be send. If the User is trying to send a 4th message, he / she will be shown an error saying that the SMS-Limit has been reached and that he / she should contact the moderators on discord.

Additionally, NEXMO comes with an automatic SPAM- & Blacklist, which should help save @utopian-io from malicious numbers.

What is next?

The next step is to create the STEEM Account itself and then create and link this account to the Utopian-Database Object.



Posted on Utopian.io - Rewarding Open Source Contributors

Sort:  

i get the error "settings couldnt be saved error code 400" how to fix this please ?

What are you talking about? smartsteem? Please come to our discord: https://discord.gg/srHEUuk

verification is supercalifragilisticepialidocious for abandon spam..

Hey @therealwolf I am @utopian-io. I have just upvoted you!

Achievements

  • WOW WOW WOW People loved what you did here. GREAT JOB!
  • You are generating more rewards than average for this category. Super!;)
  • Seems like you contribute quite often. AMAZING!

Community-Driven Witness!

I am the first and only Steem Community-Driven Witness. Participate on Discord. Lets GROW TOGETHER!

mooncryption-utopian-witness-gif

Up-vote this comment to grow my power and help Open Source contributions like this one. Want to chat? Join me on Discord https://discord.gg/Pc8HG9x

good improvements, looking forward to the next update when you create the steem account and link it to utopian database

Thank you for the contribution. It has been approved.

You can contact us on Discord.
[utopian-moderator]

‌Your blog is really good!

Thanks for sharing it!

Thank you for this contribution, it is a very important feature and added security.