payfrit/payfrit-api
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
payfrit-api/api/auth/sendOTP.php
John Mizerek 5761ed3e88 Standardize UUID format: generateUUID() now returns unhyphenated 32-char hex 
- Remove vsprintf hyphenation from generateUUID() in helpers.php
- Remove redundant str_replace('-', '', ...) wrappers in callers
- Fix grants/create, tabs/open, orders/getOrCreateCart which were storing hyphenated UUIDs
- Cast prices to float in getForBuilder.php
- Uppercase auth response keys (TOKEN, USERID, FIRSTNAME)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-15 16:43:02 -07:00

61 lines
1.6 KiB
PHP
Raw Blame History

<?php
require_once __DIR__ . '/../helpers.php';
runAuth();
/*
Unified OTP: Send OTP to any phone number (login or signup)
POST: { "phone": "5551234567" }
Returns: { OK: true, UUID: "..." }
*/
$data = readJsonBody();
$phone = normalizePhone($data['phone'] ?? '');
if (strlen($phone) !== 10) {
apiAbort(['OK' => false, 'ERROR' => 'invalid_phone', 'MESSAGE' => 'Please enter a valid 10-digit phone number']);
}
$otp = random_int(100000, 999999);
$existing = queryOne(
"SELECT ID, UUID, FirstName, IsContactVerified, IsActive
FROM Users
WHERE ContactNumber = ?
LIMIT 1",
[$phone]
);
$userUUID = '';
if ($existing) {
$userUUID = $existing['UUID'] ?? '';
if (empty(trim($userUUID))) {
$userUUID = generateUUID();
}
queryTimed(
"UPDATE Users SET MobileVerifyCode = ?, UUID = ? WHERE ID = ?",
[$otp, $userUUID, $existing['ID']]
);
} else {
$userUUID = generateUUID();
queryTimed(
"INSERT INTO Users (ContactNumber, UUID, MobileVerifyCode, IsContactVerified, IsEmailVerified, IsActive, AddedOn, Password, PromoCode)
VALUES (?, ?, ?, 0, 0, 0, ?, '', ?)",
[$phone, $userUUID, $otp, gmdate('Y-m-d H:i:s'), (string) random_int(1000000, 9999999)]
);
}
// Send OTP via Twilio (skip on dev)
$dev = isDev();
$smsResult = sendSMS("+1{$phone}", "Your Payfrit code is: {$otp}");
$smsMessage = $smsResult['success'] ? 'Code sent' : ('SMS failed - ' . $smsResult['message']);
$resp = [
'OK' => true,
'UUID' => $userUUID,
'MESSAGE' => $smsMessage,
];
if ($dev) {
$resp['DEV_OTP'] = $otp;
}
jsonResponse($resp);
Reference in a new issue View git blame Copy permalink