def create_challenge(mobile_number): """ Creates and saves a SMS verification with autogenerated SMS challenge and client (UUID) challenge """ SmsVerification.assert_challenge_not_already_exists(mobile_number) sms_verification = SmsVerification( sms_challenge_hash = security.hash(security.SMS.generate_sms_challenge()), client_challenge = str(uuid.uuid4()), status=SMS_STATUSES.PENDING, mobile_number_hash = security.hash(mobile_number), sms_handle = security.SMS.generate_sms_handle()) sms_verification.save() return sms_verification
def create_mobile_number(mobile_number): """ Creates and saves the hash of the specified mobile number. """ assert not MobileNumber.objects.exists(mobile_number), "Mobile number %s already exists" % mobile_number m = MobileNumber(mobile_number_hash = security.hash(mobile_number)) m.save() return m
def verify_user(self, mobile_number, password, sms_challenge, client_challenge): verification = self.get(mobile_number) assert verification.status == SMS_STATUSES.SENT, "Provided challenge for mobile number %s in invalid state: %s" % (mobile_number, verification.status) assert verification.sms_challenge_hash == security.hash(sms_challenge), "Provided SMS challenge for mobile number %s doesn't match" % mobile_number assert verification.client_challenge == client_challenge, "Provided client challenge for mobile number %s doesn't match" % mobile_number verification.status = SMS_STATUSES.VERIFIED verification.save() Client.objects.verify(mobile_number, password)
def exists(self, mobile_number): return self.filter(mobile_number_hash = security.hash(mobile_number)).exists()
def assert_challenge_not_already_exists(mobile_number): verifications = SmsVerification.objects.filter(mobile_number_hash=security.hash(mobile_number)) assert verifications is None or len(verifications) == 0, "Challenge already exists for mobile number %s" % mobile_number
def get(self, mobile_number): verifications = self.filter(mobile_number_hash=security.hash(mobile_number)) assert verifications is not None and len(verifications) == 1, "No unique challenge found for mobile number: %s" % mobile_number return verifications[0]
def and_I_check_that_a_challenge_has_been_created_in_the_database(step): verification = clients.SmsVerification.objects.get(world.mobile_number) # Override challenge with custom challenge world.sms_challenge = security.SMS.generate_sms_challenge() verification.sms_challenge_hash = security.hash(world.sms_challenge) verification.save()