def create_challenge(mobile_number):
"""
Creates and saves a SMS verification with autogenerated SMS challenge and client (UUID) challenge
"""
SmsVerification.assert_challenge_not_already_exists(mobile_number)
sms_verification = SmsVerification(
sms_challenge_hash = security.hash(security.SMS.generate_sms_challenge()),
client_challenge = str(uuid.uuid4()),
status=SMS_STATUSES.PENDING,
mobile_number_hash = security.hash(mobile_number),
sms_handle = security.SMS.generate_sms_handle())
sms_verification.save()
return sms_verification
def create_mobile_number(mobile_number):
"""
Creates and saves the hash of the specified mobile number.
"""
assert not MobileNumber.objects.exists(mobile_number), "Mobile number %s already exists" % mobile_number
m = MobileNumber(mobile_number_hash = security.hash(mobile_number))
m.save()
return m
def verify_user(self, mobile_number, password, sms_challenge, client_challenge):
verification = self.get(mobile_number)
assert verification.status == SMS_STATUSES.SENT, "Provided challenge for mobile number %s in invalid state: %s" % (mobile_number, verification.status)
assert verification.sms_challenge_hash == security.hash(sms_challenge), "Provided SMS challenge for mobile number %s doesn't match" % mobile_number
assert verification.client_challenge == client_challenge, "Provided client challenge for mobile number %s doesn't match" % mobile_number
verification.status = SMS_STATUSES.VERIFIED
verification.save()
Client.objects.verify(mobile_number, password)
def exists(self, mobile_number):
return self.filter(mobile_number_hash = security.hash(mobile_number)).exists()
def assert_challenge_not_already_exists(mobile_number):
verifications = SmsVerification.objects.filter(mobile_number_hash=security.hash(mobile_number))
assert verifications is None or len(verifications) == 0, "Challenge already exists for mobile number %s" % mobile_number
def get(self, mobile_number):
verifications = self.filter(mobile_number_hash=security.hash(mobile_number))
assert verifications is not None and len(verifications) == 1, "No unique challenge found for mobile number: %s" % mobile_number
return verifications[0]
def and_I_check_that_a_challenge_has_been_created_in_the_database(step):
verification = clients.SmsVerification.objects.get(world.mobile_number)
# Override challenge with custom challenge
world.sms_challenge = security.SMS.generate_sms_challenge()
verification.sms_challenge_hash = security.hash(world.sms_challenge)
verification.save()
