Rastin et al
We want to implement Twilio-Anahita Phone Signup/Sign-ins via SMS code
Here is the User Story:
USER SIGNUP (Registration)
A first time user selects the Flag/Country his mobile phone number is registered in and enters his/her Mobile Phone [+Country Code Area Code Phone Number]
Twilio then sends the user a one-time passcode to his/her mobile phone via SMS. The user then enters the code on our website to complete their registration.
Immediately upon registration (first-time login) an Anahita User page is "auto-generated" showing :
[Avatar/Photo Placeholder]
[Country Flag] [+Country Code Area Code Phone Number]
and the rest of the Anahita User page fields
SUBSEQUENT SIGN-INS
After the initial session has expired, a returning user can access his/her account and use our website by repeating the same process: select country, enter the mobile number, receive a code via SMS, add code to the page, and is logged in- again- until the session expires. Anytime a session expires or is killed and the client is reloaded the
The same procedure needs to happen. Account data is persistent from initial signup to subsequent sign-ins for a seamless and easy UX. The idea is to create a community of Mobile Phone Users
Please advise how to proceed given the current state of Anahita code+pluginsThanks in advance note: A similar use case was described by Akgora Flip in his post dated May 12 2020 Want to add a mobile number for the signup and sign in processhttps://www.getanahita.com/topics/168154-want-to-add-mobile-number-for-signup-and-sign-in-processWould be interested in knowing if a Twilio-Anahita plugin was ever developed or in in the works by Akgora Flip and/or any other members #Twilio #Signup #Authentication #Onboarrding #Registration #Mobile #TwoFactorAuthentication #TwoFA #SMSPowered by Anahita
Rastin Mehr
1. Build your UI and UX workflow in a clientside technology as a mobile, browser, or desktop app. Do not rely on the existing HTML views in Anahita. As soon as the Anahita React app is ready, we will remove all the HTML views in Anahita and make it available as a RESTful API only service.
2. DO NOT store user phone numbers in Anahita. It's better if a big-budget company such as Twilio handles phone numbers because, one would hope, that they have better infrastructure and budget to protect users' data. What you do is to first register the user with Twilio by providing them with the user's email and phone number, and then obtain a Twilio user id, then store the Twilio user id in Anahita's person object as metadata like this:
$person->setValue("twilio_user_id", $twilio_user_id);
and obtain it:
$person->getValue("twilio_user_id");
3. Anahita plugins provide a series of hooks or events that you can use. You need to develop a Twilio User Plugin and Twilio Authentication Plugin. The first one is used for sign up and keeping the account information updated, and the authentication plugin is for authenticating the user against Twilio API.
Here are the list of hooks in an Anahita User plugin: https://github.com/anahitasocial/anahita/blob/master/src/plugins/user/anahita.php
And there is only one hook in the Anahita Authentication plugin, which is "onAuthenticate": https://github.com/anahitasocial/anahita/blob/master/src/plugins/authentication/anahita.php
Rastin Mehr
Twilio will send an SMS message with a code to the phone number:
In your Twilio Authentication plugin, in the onAuthenticate method, pass the code to the Twilio API and listen to the response. If the response was a success, create an Anahita session for the user and log them in. Basically, instead of checking user credentials (username, password), we are using Twilio's temporary code to authenticate the user.
Rastin Mehr
I hope this helped!
Ildemaro Martinez Jr
Rastin Mehr