mohd
46af911a06
What I implemented Phone-first auth endpoints with OTP → JWT issuance. views.py urls.py Phone normalization (KSA-focused, E.164 or Saudi mobile) and validation. phone.py serializers.py OTP protections: rate limit, resend cooldown, attempt counting. otp.py models.py Email is now optional to allow phone-only users. models.py 0002_phone_auth_fields.py Admin OTP visibility improved. admin.py Risks updated. risks.md
25 lines
990 B
Python
25 lines
990 B
Python
from django.urls import path
|
|
from rest_framework_simplejwt.views import TokenObtainPairView, TokenRefreshView
|
|
|
|
from apps.accounts.views import (
|
|
MeView,
|
|
OTPRequestView,
|
|
OTPVerifyView,
|
|
PhoneAuthRequestView,
|
|
PhoneAuthVerifyView,
|
|
RegisterView,
|
|
SocialLoginPlaceholderView,
|
|
)
|
|
|
|
urlpatterns = [
|
|
path("register/", RegisterView.as_view(), name="register"),
|
|
path("me/", MeView.as_view(), name="me"),
|
|
path("token/", TokenObtainPairView.as_view(), name="token_obtain_pair"),
|
|
path("token/refresh/", TokenRefreshView.as_view(), name="token_refresh"),
|
|
path("otp/request/", OTPRequestView.as_view(), name="otp_request"),
|
|
path("otp/verify/", OTPVerifyView.as_view(), name="otp_verify"),
|
|
path("phone/request/", PhoneAuthRequestView.as_view(), name="phone_auth_request"),
|
|
path("phone/verify/", PhoneAuthVerifyView.as_view(), name="phone_auth_verify"),
|
|
path("social/<str:provider>/", SocialLoginPlaceholderView.as_view(), name="social_login"),
|
|
]
|