Added Authentica OTP
This commit is contained in:
+2
-2
@@ -1,13 +1,13 @@
|
||||
# Backend Notes (MVP Readiness)
|
||||
|
||||
## High-Level Takeaways
|
||||
- Provider integrations are the main reliability gap: OTP providers are stubbed and Moyasar capture/refund are TODOs.
|
||||
- Authentica OTP integration is implemented; Moyasar capture/refund are TODOs.
|
||||
- External calls (OTP, notifications, payment gateway) run synchronously in request/response paths, increasing latency risk.
|
||||
- Cross-app coupling (bookings ↔ notifications ↔ accounts/payments) will get harder to evolve without clearer service boundaries.
|
||||
- Phone-first auth works, but `USERNAME_FIELD` is email; align identifier strategy to avoid future auth confusion.
|
||||
|
||||
## Near-Term Focus
|
||||
- Implement at least one real SMS/WhatsApp provider end-to-end via existing abstractions.
|
||||
- Hardening Authentica integration (timeouts, retries, async delivery) and aligning notification provider choices.
|
||||
- Decide and document payment lifecycle scope (capture/refund supported vs explicitly out of scope).
|
||||
- Add timeouts/logging for external calls or introduce minimal async jobs for OTP/notifications.
|
||||
- Keep booking, payment, and notification orchestration in service layers, not views.
|
||||
|
||||
Reference in New Issue
Block a user