Otp Plugin
An OTP plugin for Strapi that enables phone number verification using Twilio for sending and validating OTPs
OTP Plugin for Strapi
A Strapi plugin that provides functionality for generating and validating OTPs (One-Time Passwords) for phone number verification. This plugin uses Twilio to send OTPs via SMS, making it easy to add OTP-based authentication to your Strapi application.
Features
- Generate OTP and send it to a phone number using Twilio.
- Validate OTP with expiration time and usage status.
- Customizable OTP expiration duration.
- Log and manage OTP requests through the Strapi admin panel.
Prerequisites
Before using this plugin, you must have a Twilio account. You'll need the following credentials from Twilio:
- TWILIO_ACCOUNT_SID
- TWILIO_AUTH_TOKEN
- TWILIO_PHONE_NUMBER Make sure to store these in your .env file for use.
Installation
Step 1: Install via NPM To install the plugin, run the following command in your project:
1npm install otp-plugin
Step 2: Enable the Plugin In your config/plugins.js file, enable the otp-plugin:
1module.exports = {
2 'otp-plugin': {
3 enabled: true,
4 resolve: './node_modules/otp-plugin',
5 },
6};
Step 3: Configure Environment Variables You need to configure the following environment variables in your .env file to enable Twilio for sending OTPs via SMS:
1TWILIO_ACCOUNT_SID=your_twilio_account_sid
2TWILIO_AUTH_TOKEN=your_twilio_auth_token
3TWILIO_PHONE_NUMBER=your_twilio_phone_number
Step 4: Configure HTTPS Agent (Optional) If your environment requires custom HTTPS settings (e.g., for self-signed certificates), configure the HTTPS agent in server/config/index.js:
1const https = require('https');
2
3const agent = new https.Agent({
4 rejectUnauthorized: false,
5});
6
7module.exports = {
8 http: {
9 agent,
10 },
11};
Usage
This plugin provides several API endpoints to generate, validate, and manage OTP logins. Below are the key endpoints:
Generate OTP
Generates an OTP and sends it to the specified phone number.
- Method: POST
- Path: /otp-logins/generate
- Body Parameters:
- phoneNumber (string): The phone number to which the OTP should be sent.
Example:
1curl -X POST http://localhost:1337/otp-logins/generate \
2-H "Content-Type: application/json" \
3-d '{"phoneNumber": "1234567890"}'
Validate OTP
Validates the OTP for the given phone number.
- Method: POST
- Path: /otp-logins/validate
- Body Parameters:
- phoneNumber (string): The phone number associated with the OTP.
- otpCode (string): The OTP code to be validated.
Example:
1curl -X POST http://localhost:1337/otp-logins/validate \
2-H "Content-Type: application/json" \
3-d '{"phoneNumber": "1234567890", "otpCode": "123456"}'
More Endpoints
Find OTP Logins
Retrieve a list of all OTP login records.
- Method: GET
- Path: /otp-logins
Find One OTP Login
Retrieve a specific OTP login record by ID.
- Method: GET
- Path: /otp-logins/:id
Create OTP Login
Manually create a new OTP login record.
- Method: POST
- Path: /otp-logins
Update OTP Login
Update an existing OTP login record by ID.
- Method: PUT
- Path: /otp-logins/:id
Delete OTP Login
Delete an OTP login record by ID.
- Method: DELETE
- Path: /otp-logins/:id
Strapi Admin Panel
The OTP plugin creates a content type called OtpLogin in your Strapi admin panel. You can view and manage OTP login records, including phone numbers, OTP codes, expiration times, and usage status.
Services
The plugin exposes services that can be called from other parts of your Strapi application:
Generate and Create OTP
Generates and sends an OTP to the given phone number and logs the request in the database.
1const otpService = strapi.plugin('otp-plugin').service('otp');
2await otpService.generateAndCreateOtp('1234567890');
Validate OTP
Validates the OTP for the given phone number.
1const isValid = await otpService.validateOtp('1234567890', '123456');
License
This plugin is licensed under the MIT License.
Install now
npm install strapi-otp-plugin
Create your own plugin
Check out the available plugin resources that will help you to develop your plugin or provider and get it listed on the marketplace.