mirror of
https://github.com/kevin-DL/m3o-go.git
synced 2026-01-14 19:54:42 +00:00
M3O SDK Concept
This commit is contained in:
Ben Toogood
99
examples/otp/handler/handler.go
Normal file
99
examples/otp/handler/handler.go
Normal file
@@ -0,0 +1,99 @@
|
||||
package handler
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
|
||||
otp "github.com/m3o/m3o-go/examples/otp/proto"
|
||||
"github.com/m3o/m3o-go/context"
|
||||
"github.com/m3o/m3o-go/errors"
|
||||
"github.com/m3o/m3o-go/sms"
|
||||
"github.com/m3o/m3o-go/store/keyvalue"
|
||||
)
|
||||
|
||||
const (
|
||||
otpChars = "1234567890"
|
||||
otpLength = 6
|
||||
otpTTL = time.Minute * 5
|
||||
)
|
||||
|
||||
var (
|
||||
errMissingPhoneNumber = errors.BadRequest("Missing PhoneNumber")
|
||||
errMissingCode = errors.BadRequest("Missing Code")
|
||||
errInvalidCode = errors.BadRequest("Invalid Code")
|
||||
)
|
||||
|
||||
// OTP satisfies the OTP handler interface. Note: this handler is an exampple and not intended for
|
||||
// production use - the handler does not enforce verification limits so it would be possible to brute
|
||||
// force the verification process. It is advised to use a retry limit of 3 in real-world applications.
|
||||
type OTP struct {
|
||||
SMS sms.Service
|
||||
Store keyvalue.Store
|
||||
}
|
||||
|
||||
// Send a one time password to the phone number provided
|
||||
func (o *OTP) Send(ctx context.Context, req *otp.SendRequest) (*otp.SendResponse, error) {
|
||||
// validate the request
|
||||
if len(req.PhoneNumber) == 0 {
|
||||
return nil, errMissingPhoneNumber
|
||||
}
|
||||
|
||||
// generate and send the OPT
|
||||
otp := generateOTP()
|
||||
msg := fmt.Sprintf("Your M3O verification code is %v", otp
|
||||
if err := o.SMS.Send(req.PhoneNumber, msg); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// write the code to the store
|
||||
err := o.Store.Write(req.PhoneNumber, otp, keyvalue.WriteOptions{
|
||||
Expiry: time.Now().Add(otpTTL),
|
||||
})
|
||||
if err != nil {
|
||||
return nil, errors.InternalServerError("Error writing OTP to the store")
|
||||
}
|
||||
|
||||
// return no error, indicating the verification code send successfully
|
||||
return &otp.SendResponse{}, nil
|
||||
}
|
||||
|
||||
// Validate a one time password
|
||||
func (o *OTP) Verify(ctx context.Context, req *otp.VerifyRequest) (*otp.VerifyResponse, error) {
|
||||
// validate the request
|
||||
if len(req.PhoneNumber) == 0 {
|
||||
return nil, errMissingPhoneNumber
|
||||
}
|
||||
if len(req.Code) == 0 {
|
||||
return nil, errMissingCode
|
||||
}
|
||||
|
||||
// lookup the phone number from the store
|
||||
rec, err := o.Store.Read(req.PhoneNumber)
|
||||
if err == keyvalue.ErrRecordNotFound {
|
||||
return nil, errMissingCode
|
||||
} else if err != nil {
|
||||
return nil, errors.InternalServerError("Error reading OTP from the store")
|
||||
}
|
||||
|
||||
// ensure the codes match
|
||||
if rec.Value != req.Code {
|
||||
return nil, errInvalidCode
|
||||
}
|
||||
|
||||
// return no error, indicating the verification was successful
|
||||
return &otp.VerifyResponse{}, nil
|
||||
}
|
||||
|
||||
func generateOTP() (string, error) {
|
||||
buffer := make([]byte, otpLength)
|
||||
_, err := rand.Read(buffer)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
otpCharsLength := len(otpChars)
|
||||
for i := 0; i < otpLength; i++ {
|
||||
buffer[i] = otpChars[int(buffer[i])%otpCharsLength]
|
||||
}
|
||||
|
||||
return string(buffer), nil
|
||||
}
|
||||
Reference in New Issue
Block a user