10
Views
2
Comments
OTP validation server side

I am using email otp verification, where I send an email along with an server-side generated(server action in the core services module) otp to a particular email address.
Now when the user enters the otp, how do I compare the sent otp and the user entered otp on server side?
Is there a way to temporarily store the otp when I send the mail(like redis, and then on expiry/entering the otp gets deleted), which i can compare the entered otp with?  I also want the otp to expire in two mins.

Or is there some other way to compare the otps? 

Rank: #299

Dear Amol,
Good Day

You can create like below as per your requirements:
1) From user Validation Screen call one Server Action 'ValidateOTP' with user OTP & email/username as input parameters
2) Server Action -> ValidateOTP which will have input OTP+email/username parameter from User screen.
3) In ServerAction ValidateOTP, check currentdatetime in action with your your saved datetime. Hope you are saving datetime somewhere in database along with OTP & email/username in database.
4) If OTP matches and its within 2 minutes, return IsSuccess = true from server action. Else false.

Rest of the logic will be based on your validation success true or false.

Hope this is what you were looking for.

Regards,
Palak Patel