This is a feature that needs to be in the core code. If you add it yourself, then you'll have a hard time upgrading to the future releases of Anahita. I'm going to add the phone number field(s) in the next release. For the time being, you can work on the other features of your projects until we get the next release out within the next couple of weeks.
Ok, so I just looked at the Twilio Authy Users API. I don't think we even need to store phone numbers in Anahita, but we need to store the authy_id in the Anahita person node for later use. So in theory you need to develop an Anahita user plugin and an authentication plugin. You can name both TwilioAuthy or TAuthy
In your user plugin:
1. when signing up a user for the first time in Authy user plugin method onAfterAddPerson you can register a new user with the Authy API and obtain an authy_id, then store it in the Anahita person object for later use $person->setValue('authy_id', 123)->save();
2. in order to send a one-time password request to Authy, you need to build an Anahita app called com_authy with an endpoint that loads person object by email or username and then obtains authy_id $person->getValue('authy_id'); and this triggers an SMS message or push-notification to be sent to the phone.
3. in the TAuthy authentication plugin, obtain the person object and authy_id value as well as the Authy token sent to the phone and make a call to Authy API to verify the user. If TRUE, then log in the user.
Basically it is the Twilio Authy that stores phone numbers, not Anahita. Which is more secure when you think about it.
These are example Anahita plugins for you to look into:
That was really informative. I have another query regarding how to write customized API endpoint as per requirement. Is there any standard protocol to write it on own could you walk us through this in detail.
Hi Rastin that was informative as well, i really appreciate your quick response extending your support to our queries. Regarding the suggestion of user plugin(Authy) i am little confused on how to build a user plugin, it would be very helpful if you walk us on that mobile number issue in detail step by step. Also as an alternative can we store that field (Please select a unique username) on signup page with number replacing the string though it is VARCHAR in DB, but i think that is being validated in other function/page to store as string in DB could you help us on this.
So you need to create a new user plugin and install it on Anahita. Then in the method onAfterAddPerson, you get a $person object from Anahita after she creates a new person object is vial signup or when an admin adds a new user, which also contains the email address.
Once you have the user id you can store it in the Anahita person object for later use. Just do $person->setValue('authy_id', 123)->save();
I haven't tried this, but in theory, this should work. First, start with building a basic my_authy package that contains your two plugins and a component. Try installing your package and get a hello world from it. Then make it work with Twillo API. You need to do some try and error and debugging. Look into the existing plugins to get an idea of how to implement your own. You can learn a lot of Anahita development by reading the code in the current packages and asking questions.
You can store phone number in the person object too $person->setValue('phone', $phone_number)->save(); but you don't need to. It's Authy that stores phone numbers and uses them for sending text messages.
Installing Anahita requires composer which is basically a PHP package manager. For Anahita packages you can use:
$php anahita package:install
in the command line. Make sure to become familiar with installing and configuring Anahita and how the packages install and uninstall. Then gradually build your own hello world packages. There is an example in the anahita-standard repository.
Hi Rastin, hope you are doing well...!!!
We successfully implemented mobile number authentication with OTP as discussed in our previous discussion. But now we have a query regarding forgot password using mobile number. Could you help us out on this.
We are going to re-work the signup and password reset workflows and make it simpler. It is under active development because we need it too for our projects. Would you be able to wait for that feature? It's going to be available in the 4.4.5 or 4.5.0 release, depending on how we decide to name it. Right now we're trying to have 4.4.4 out sooner because it contains REST API for the com_settings.
In the meantime, start a new topic and ask your question about password recovery. I might be able to help you.