POC on OTP logic using node & redis.
- Clone/Fork the repo in your workspace
- Install the dependancies using
npm install
- Set up environment if applicable in root index.ts (global.env)
- Run your redis server and change configuration at src/config/redis.js if applicable
- Run command
npm start
to start the server locally - (Only applicable on running on docker) Use
npm run docker:build
&npm run docker:run
to build and run on docker
-
Send OTP Mobile curl --location --request POST 'http://localhost:3000/v1/api/otp/generate.json'
--header 'Content-Type: application/json'
--data-raw '{ "phoneNumber": 9090909090 }' -
Send OTP Email curl --location --request POST 'http://localhost:3000/v1/api/otp/generate.json'
--header 'Content-Type: application/json'
--data-raw '{ "email": "abc@gmail.com" }' -
Verify OTP Mobile curl --location --request POST 'http://localhost:3000/v1/api/otp/verify.json'
--header 'Content-Type: application/json'
--data-raw '{ "mode": "phoneNumber", "value": 9090909090, "otp": "390912" }' -
Verify OTP Email curl --location --request POST 'http://localhost:3000/v1/api/otp/verify.json'
--header 'Content-Type: application/json'
--data-raw '{ "mode": "email", "value": "abc@gmail.com", "otp": "390412" }'
Note: OTP will be printed on server console since sms & email integration is not part of this POC
Key name will be constant + (**either phoneNumber or email).
Value - Attempt (number)
TTL - 1 day
Global OTP key is to limit number of attempt (send/resend) in given TTL (TTL is of 1 day)
Global OTP key for email and phone is kept different in order to have more control over both entities.
Value - {otp (string) , attempt(number) } (string - JSON.stringify(givenObj))
TTL - 10 mins
OTP Keys are used by send and verify OTP API in order to limit the number of attempts in a given TTL. In a given TTL, if OTP is re-requested via Resend OTP, we will increment the attempt count and send the same OTP again. OTP needs to be verified in given TTL. Once OTP is verified we will remove the OTP keys of **(email or phone number) from redis.
Value - Attempt (number)
TTL - 5 mins
Global Verify OTP key is to limit number of attempt in verifying OTP in given TTL
Attempts, TTL are configurable for all keys.
OTP length - 6 (configurable)
Otp - string
phoneNumber - string
Email - string
expiresAt - Timestamp
isVerified - Boolean
createdAt / updatedAt - Timestamp