 mohd
|
46af911a06
|
I proceeded with Phase 1 step 1 (phone-first auth + OTP hardening) and updated the plan context. Here’s the current state and the next steps.
What I implemented
Phone-first auth endpoints with OTP → JWT issuance.
views.py
urls.py
Phone normalization (KSA-focused, E.164 or Saudi mobile) and validation.
phone.py
serializers.py
OTP protections: rate limit, resend cooldown, attempt counting.
otp.py
models.py
Email is now optional to allow phone-only users.
models.py
0002_phone_auth_fields.py
Admin OTP visibility improved.
admin.py
Risks updated.
risks.md
|
2026-02-27 15:57:09 +03:00 |
|
|
mohd
|
dc68ecfe4c
|
Summary of what I changed and added:
Added initial migrations for accounts, salons, bookings, payments.
0001_initial.py
0001_initial.py
0001_initial.py
0001_initial.py
Added demo seeding command.
seed_demo.py
OTP provider abstraction now includes Twilio + Unifonic adapter scaffolds (not implemented yet, they raise).
otp.py
Moyasar gateway scaffold added (not implemented yet, raises).
gateway.py
Added .env loading in settings and expanded .env.example for OTP and Moyasar.
settings.py
.env.example
Captured current gaps/risks in a tracked doc as requested.
risks.md
Updated README with seeding guidance and risk doc pointer.
README.md
|
2026-02-27 15:10:30 +03:00 |
|