feat: deprecate email, pre-verify users + documentation
This commit is contained in:
@@ -5,7 +5,9 @@
|
||||
- External calls (OTP, notifications, payment gateway) run synchronously in request/response paths, increasing latency risk.
|
||||
- Cross-app coupling (bookings ↔ notifications ↔ accounts/payments) will get harder to evolve without clearer service boundaries.
|
||||
- Phone-first auth is in place with `USERNAME_FIELD = "phone_number"`, but endpoint/admin/domain alignment is still incomplete and needs hardening.
|
||||
- Phone auth now pre-creates customers when `/api/auth/phone/request/` runs (keeping `is_phone_verified=False`) and `/api/auth/phone/verify/` hands out JWTs; `/api/auth/register/` stays available for optional profile data while `/api/auth/token/` returns `410 Gone` and `/api/auth/social/<provider>/` remains a `501 Not Implemented` placeholder to keep the phone OTP contract explicit.
|
||||
|
||||
## Near-Term Focus
|
||||
- finalize otp testing
|
||||
- work on authentication and complete it
|
||||
- align admin + serializers to favor phone-over-email display names so phone-only accounts stay readable everywhere
|
||||
|
||||
Reference in New Issue
Block a user