Introduction:
Pin Based login is a mechanism to authenticate user, by sending one time valid pin to user’s phone. This implementation makes use of a mOTP API for sending one time pin, via Missed call and thus eliminates any cost involved with the SMS One Time Password ( OTP ) implementation.
The code is contributed by tny.im developer.
Live example is available on this URL: https://tny.im/otplogin.php
The source code is shared for developer’s reference, to Implement user authentication via Missed Calls ( by using mOTP API )
Details:
The source code is shared for developer’s reference, to Implement user authentication via Missed Calls ( by using mOTP API )
Step1: To send a one-time password to user’s phone:
$replye = file_get_contents("https://api.motp.in/v1/YOUR_API_KEY_HERE/" . "USER_PHONE_NUMBER_HERE");
$reply = json_decode(trim($replye), true);
if($reply["Status"] == "Success") {
// OTP sent, session ID is on $reply["Result"]
// you need the session ID to get the correct code
}
Step 2: To decode pin / password sent to user’s phone (for the session ID that is returned on the previous step, so you can compare with what the user entered on auth form ):
// get login otp that was sent to user
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL,"https://api.motp.in/v1/OTP/YOUR_API_KEY_HERE/" . $reply["Result"]);
curl_setopt($ch,CURLOPT_POST,1);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_POSTFIELDS,"private=YOUR_PRIVATE_KEY_HERE");
$replye = curl_exec($ch);
$reply = json_decode(trim($replye), true);
if($reply["Status"] == "Success") {
// correct code is on $reply["Result"]
// you can now compare it with what the user entered
// obviously, you must let the user enter the received code before comparing
}
You can push the code to the user and get a session ID first, then have the user input the code and only then retrieve the correct one from the API, or you can do like me and do it all in one run, storing the correct code in a session variable and only comparing it later when the user provides it
Another reference code can be downloaded at
https://code.google.com/p/missed-call-otp/wiki/SampleCode
Omkar Nisal
I am totally enjoying this mOTP experience! 🙂
Thank you for making it so awesome!
How do you guys monetize?
Rahul Am
Great to hear that….n thank you very much for such an encouraging feedback.
Well motp is in early beta stage and currently supports OTP delivery to 180+ countries…
Project details:
https://code.google.com/p/missed-call-otp/
Our monetization strategy lies in the support and customization service provided to SMBs.
We also have plans to create plugins marketplace on top of motp platform, for quicker integration with VPN n other third party programs.