Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

One-Time User Authentication with SMS Using Django and Twilio

Tags:

django

sms

twilio

I am writing a back-end in Django for a mobile app I am creating. I need to authenticate a user the first time they open the mobile app through SMS to verify it is a real person. What needs to happen is the following: user enters phone number in app, server then sends SMS message to user with authentication code, user then enters authentication code in app and server verifies that the code they entered in the app is the same one they received through SMS.

I need to use Twilio with my Django project. I just need to know what would be the best way to go about this? The front-end side of this (the mobile app) is not what I am asking about, I am asking about the code on the back-end that should be implemented. I am struggling to find up to date documentation for django-twilio integration that could do this.

like image 703
jaredthecoder Avatar asked Nov 03 '14 16:11

jaredthecoder


People also ask

How does Django authentication work?

The Django authentication system handles both authentication and authorization. Briefly, authentication verifies a user is who they claim to be, and authorization determines what an authenticated user is allowed to do. Here the term authentication is used to refer to both tasks.


1 Answers

Twilio evangelist and maintainer of django-twilio here.

What you're looking to build is something very easy to do, I can outline the steps for you here:

  • Create a Django model that stores a user's number and a generated passcode
  • When a new user is created, take their number and SMS them the code using the Twilio REST API
  • When they enter the passcode you sent them, cross reference it with the one stored in the database.
  • If the number is right: verify them, if not, tell them it is wrong and offer to send them an SMS again.
like image 130
phalt Avatar answered Oct 02 '22 12:10

phalt