• Stars
    star
    259
  • Rank 157,669 (Top 4 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created almost 6 years ago
  • Updated about 2 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A Django app to support phone number verification using security code / One-Time-Password (OTP) sent via SMS.

django-phone-verify

https://travis-ci.org/CuriousLearner/django-phone-verify.svg?branch=master https://coveralls.io/repos/github/CuriousLearner/django-phone-verify/badge.svg?branch=master License https://static.pepy.tech/personalized-badge/django-phone-verify?period=total&units=international_system&left_color=black&right_color=darkgreen&left_text=Downloads https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square

A Django app to support phone number verification using the security code sent via SMS.

Salient Features

  • Let's devs verify phone numbers via SMS.
  • Extensibility to provide tokens with varying lengths.
  • Comes with Twilio and Nexmo already integrated.
  • Set expiration time on tokens.
  • Provides an interface for writing custom SMS sending backend for easy extensibility.
  • Does not mess up with existing AUTH_USER_MODEL at all.
  • Can be used for several potential use-cases, and not just auth.
  • Provides ready endpoints for sending SMS and verification (See api_endpoints.rst).

Installation

pip install django-phone-verify

Configuration

  • Add app to INSTALLED_APPS
# In settings.py:

# Add app to `INSTALLED_APPS`
INSTALLED_APPS = [
    ...
    "phone_verify",
    ...
]
  • Add settings for Phone Verify as you desire:
# In settings.py
# Add settings for phone_verify to work
PHONE_VERIFICATION = {
    "BACKEND": "phone_verify.backends.twilio.TwilioBackend",
    "OPTIONS": {
        "SID": "fake",
        "SECRET": "fake",
        "FROM": "+14755292729",
        "SANDBOX_TOKEN": "123456",
    },
    "TOKEN_LENGTH": 6,
    "MESSAGE": "Welcome to {app}! Please use security code {security_code} to proceed.",
    "APP_NAME": "Phone Verify",
    "SECURITY_CODE_EXPIRATION_TIME": 3600,  # In seconds only
    "VERIFY_SECURITY_CODE_ONLY_ONCE": False,  # If False, then a security code can be used multiple times for verification
}

Usage

  • To explore more about how to use, integrate and leverage the existing functionality of Django Phone Verify, have a look at getting_started.rst

Note: Django Phone Verify also provides Nexmo as a backend service other than Twilio. To switch to Nexmo, replace BACKEND within your PHONE_VERIFICATION setting with phone_verify.backends.nexmo.NexmoBackend and define KEY within OPTIONS of PHONE_VERIFICATION setting, with your Nexmo API key, in place of already available SID.

Compatibility

  • Python 3.6+
  • Django 2.1+
  • Django REST Framework 3.9+

Contributing

No code is bug-free and I'm sure this app will have bugs. If you find any bugs, please create an issue on GitHub.

Licence

GPLv3

Release Notes

[Dev]

Added

  • Support for Python 3.11.
  • CI tests for Py{311}-Django{2x,3x,4x}.

[3.0.0]

Added

  • Support for Django 4.x.
  • Support for Django 3.2.

Changed

  • Method phone_verify.backends.nexmo.NexmoBackend.send_sms changes parameter name from numbers to number to be consistent with rest of the inherited classes.

[2.0.1]

Added

  • Support for Python 3.8 & Python 3.9.
  • CI tests for Py{36,37,38,39}-Django{20,21,22,30,31}.

Changed

  • Fixed issue generate_session_token to handle cases in Py38, Py39 when the session_token is already string instead of bytes.

[2.0.0]

NOTE: The previous version of this library provided the security_code in the JWT session_token. You would have to re-verify phone_numbers in this version to ensure they are authentically verified.

Added

  • Tests added to provide 100% coverage on the package.
  • Add nexmo.errors.ClientError as exception class in phone_verify.backends.nexmo.NexmoBackend & phone_verify.backends.nexmo.NexmoSandboxBackend.

Changed

  • Method signature changed for phone_verify.backends.BaseBackend.generate_session_token. It now accepts only phone_number instead of combination of phone_number and security_code.
  • Remove the security_code from JWT session_token to avoid leaking information.
  • Add nonce in session_token to generate unique tokens for each phone_number.
  • Fixes call to phone_verify.backends.nexmo.NexmoBackend.send_sms method.

[1.1.0]

Added

  • Support Nexmo as a backend service along with Twilio.
  • Add docs for writing a custom backend.

Changed

  • Update backends.base.BaseBackend.validate_security_code to use save() instead of update() to allow Django to emit its post_save() signal.

[1.0.0]

Added

  • Add coverage report through coveralls.
  • Support for One-Time Passwords (OTP) using VERIFY_SECURITY_CODE_ONLY_ONCE as True in the settings.
  • Script to support makemigrations for development.
  • BaseBackend status now have SECURITY_CODE_VERIFIED and SESSION_TOKEN_INVALID status to support new states.

Changed

  • Rename TWILIO_SANDBOX_TOKEN to SANDBOX_TOKEN.
  • Fix signature for send_bulk_sms method in TwilioBackend and TwilioSandboxBackend.
  • Response for /api/phone/register contains key session_token instead of session_code.
  • Request payload for /api/phone/verify now expects session_token key instead of session_code.
  • Response for /api/phone/verify now sends additional response of Security code is already verified in case VERIFY_SECURITY_CODE_ONLY_ONCE is set to True.
  • Rename otp to security_code in code and docs to be more consistent.
  • Rename BaseBackend status from VALID, INVALID, EXPIRED to SECURITY_CODE_VALID, SECURITY_CODE_INVALID, and SECURITY_CODE_EXPIRED respectively.
  • Rename session_code to session_token to be consistent in code and naming across the app.
  • Rename service send_otp_and_generate_session_code to send_security_code_and_generate_session_token.
  • Rename method BaseBackend.generate_token to BaseBackend.generate_security_code.
  • Rename method create_otp_and_session_token to create_security_code_and_session_token.
  • Rename method BaseBackend.validate_token to BaseBackend.validate_security_code with an additional parameter of session_token.

[0.2.0]

Added

  • pre-commit-config to maintain code quality using black and other useful tools.
  • Docs for integration and usage in getting_started.rst.
  • Tox for testing on py{37}-django{20,21,22}.
  • Travis CI for testing builds.

Changed

  • Convert *.md docs to reST Markup.
  • Fix issue with installing required package dependencies via install_requires.

[0.1.1]

Added

  • README and documentation of API endpoints.
  • setup.cfg to manage coverage.
  • phone_verify app including backends, requirements, tests.
  • Initial app setup.

More Repositories

1

GeeksForGeeksScrapper

Scrapes g4g and creates PDF
Python
142
star
2

Awesome-Learning

A repo to keep track of Awesome Learning from ideas, books, people and resources
48
star
3

jdf-latex

LaTex template for Joyner Document Format (JDF)
TeX
32
star
4

dotfiles

Customised ~/.* files with ♥ for my machine :)
Shell
21
star
5

nexus

Streamline & automate the boring parts
Python
11
star
6

git-intro

Learning version control with git
CSS
6
star
7

API-stub-generator

Mock propsed API endpoints with stub
Python
6
star
8

TrackMyLinks

App to Track all your Resources at a single place and makes management efficient.
HTML
5
star
9

TagLask

A light weight webapp made on Flask to index and search user files.
HTML
4
star
10

standup

Automating standups; one task at a time!
Python
3
star
11

CompetitiveProgramming

Solutions to Competitive Programming problems I've solved.
Python
3
star
12

CuriousLearner.github.io

A site about me. Who am I and what I do.
HTML
3
star
13

Weatherango

An App to visualize various weather parameters in any city for specific date range
Python
2
star
14

til

Collection of my daily learning
Python
2
star
15

blog

Random Junkyard for stuff I'm upto. FOSS, Life, Learning in one place :)
Python
2
star
16

Algorithms

Revising the algorithms
C++
1
star
17

goals

Some of the goals accomplished and some are still to be accomplished, but they're happening every day 🚀
1
star
18

tenzies

A simple game to get all 10 dice to have the same face.
JavaScript
1
star
19

inpycon2016-workshop-qr-codes

Getting name and QR codes for sticker printing for PyCon India 2016
HTML
1
star
20

asyncio-file-upload

Test repository for playing with asyncio
Shell
1
star
21

dj-file-async

Test repo for developing async file uploads
Python
1
star
22

Personal-Python-Scripts

A repo for Personal Python Scripts which I've written from time to time.
Python
1
star
23

python-projects

Python projects for learning Python
Python
1
star
24

AngelHackDelhi2016

Hackathon project for AngelHack Delhi 2016 | Trending Tweeps
JavaScript
1
star
25

Shopster

NFC/RFID/QR Code based shoppping
Java
1
star
26

python-docs-hi-in

Hindi Translations for the Python Documentation
Makefile
1
star
27

dj-init-travis-test

Python
1
star
28

presentations

Contains all presentations I've given from 2017 onwards
CSS
1
star