# SMS Auth
## Requirements
| Requirements | Solution |
| -------- | -------- |
| sensitive user data protection | * user numbers store at Authy with Authy Users API |
| country codes limit ( eg JP, TW) | * Twilio Geo Permission; Rails form object validation |
| 2FA form: input user number | custom form with Rails form object |
| 2FA form: input pin number | custom form with Rails form object |
| 2FA SMS token generation & delivery | * Authy OTP API |
| 2FA verification | * Authy Verify API |
`*` service provided by Twilio/Authy
## User Attribtues Adjustments
``` ruby
[
"id",
"uid",
"provider",
"email",
"name",
"nickname",
"user_token",
"created_at",
"updated_at",
"active",
"archived",
"sign_in_count",
"current_sign_in_at",
"last_sign_in_at",
"current_sign_in_ip",
"last_sign_in_ip",
"account_kit_id", #to be deprecated
"sms_auth",
"authy_id" #to be added
]
```
## Auth Flow
``` flow
st=>start: omniauth callback
e1=>end: chat page
1) login user
cond1=>condition: active user?
op1=>operation: user registration edit page
1) update nickname
op2=>operation: sms_auth_term page
op3=>operation: sms_auth page
1) user input number
op4=>inputoutput: Authy API
1) verify number
2) register user
3) response with auth_id
cond2=>condition: requset successful?
cond3=>condition: number valid?
e2=>end: sms_auth page
1) display error msg
op5=>inputoutput: Update user
1) update user's `authy_id`
cond4=>condition: authy_id duplicated?
op6=>inputoutput: Authy API
1) send sms with pin
cond5=>condition: request successful?
e3=>end: 500 page
1) Bugsnag notify
op7=>operation: verify page
1) user input pin
op8=>inputoutput: Authy API
1) verify pin
e4=>end: chat page
1) login user
cond6=>condition: request successful?
cond7=>condition: pin correct?
op9=>inputoutput: update user
1) sms_auth: true
2) active: true
st->cond1->
cond1(no)->op1->op2->op3->op4->cond2
cond1(yes)->e1
cond2(no)->e3
cond2(yes)->cond3
cond3(no)->e2
cond3(yes)->op5->cond4
cond4(yes)->e2
cond4(no)->op6->cond5
cond5(no)->e3
cond5(yes)->op7->op8->cond6
cond6(no)->e3
cond6(yes)->cond7
cond7(no)->op7
cond7(yes)->op9->e4
```
## Form Objects
| Models | Attributes |
| -------- | -------- |
| SmsRegistration | country_code, phone_number |
| SmsVerification | pin_number |
## Controllers
### SmsRegistrationController
| Actions | Main tasks |
| -------- | -------- |
| new | render `sms_registration#new` page with `SmsRegistration` instance |
| create | register authy user, deliver auth token |
### SmsVerificationController
| Actions | Main tasks |
| -------- | -------- |
| new | render `sms_verification#new` page with `SmsVerification` instance |
| create | verify auth token, activate user |
Sign in with Wallet
Connect another wallet