https://github.com/ricksonoliveira/passless-otp
Passless otp verification API with phone number
https://github.com/ricksonoliveira/passless-otp
api-rest elixir mcp phoenix
Last synced: 6 days ago
JSON representation
Passless otp verification API with phone number
- Host: GitHub
- URL: https://github.com/ricksonoliveira/passless-otp
- Owner: ricksonoliveira
- Created: 2025-05-29T22:05:24.000Z (about 1 year ago)
- Default Branch: main
- Last Pushed: 2025-05-29T22:09:10.000Z (about 1 year ago)
- Last Synced: 2025-10-24T04:39:50.035Z (8 months ago)
- Topics: api-rest, elixir, mcp, phoenix
- Language: Elixir
- Homepage:
- Size: 52.7 KB
- Stars: 1
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Passless
A secure, passwordless authentication service built with Elixir and Phoenix.
## ๐ Features
- Phone number based authentication
- One-Time Password (OTP) verification
- JWT token based session management
- RESTful API design
- Interactive API documentation with Swagger UI
## ๐ Setup
### Prerequisites
- Elixir 1.14+ and Erlang/OTP 25+
- PostgreSQL 13+
### Installation
1. Clone the repository:
```bash
git clone https://github.com/yourusername/passless.git
cd passless
```
2. Install dependencies:
```bash
mix deps.get
```
3. Set up the database:
```bash
mix ecto.setup
```
4. Start the Phoenix server:
```bash
mix phx.server
```
5. Visit `http://localhost:4000` in your browser to access the Swagger UI.
## ๐ API Documentation
Interactive API documentation is available at `http://localhost:4000/api/swagger`.
## ๐ API Endpoints
### Request OTP
```http
POST /api/v1/auth/request_otp?phone_number=+1234567890
```
**Response**
```json
{
"data": {
"message": "OTP sent successfully"
}
}
```
### Verify OTP
```http
POST /api/v1/auth/verify_otp?phone_number=+1234567890&code=123456
```
**Success Response**
```json
{
"data": {
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"user": {
"id": "1",
"phone_number": "+1234567890"
}
}
}
```
**Error Response**
```json
{
"errors": {
"detail": "Invalid or expired OTP code"
}
}
```
## ๐ Project Structure
```
lib/
โโโ passless/ # Core business logic
โ โโโ auth/ # Authentication context
โ โ โโโ otp.ex # OTP schema and logic
โ โ โโโ user.ex # User schema
โ โ โโโ auth.ex # Authentication logic
โ โโโ repo.ex # Database repository
โ
โโโ passless_web/ # Web interface
โ โโโ controllers/ # Request handlers
โ โ โโโ api/
โ โ โโโ v1/ # API version 1
โ โ โโโ auth_controller.ex
โ โโโ schemas/ # API schemas
โ โโโ router.ex # Routes definition
โ
โโโ passless_web.ex # Web interface definition
test/ # Test files
config/ # Configuration files
priv/ # Private files (migrations, static files)
```
## ๐ฆ Dependencies
- Phoenix - Web framework
- Ecto - Database wrapper
- Guardian - JWT authentication
- Phoenix Swagger - API documentation
- Cachex - Caching
## ๐งช Testing
### Running Tests
To run the entire test suite:
```bash
mix test
```
### Test Coverage
The test suite includes comprehensive tests for both API endpoints:
1. **OTP Request Endpoint** (`/api/v1/auth/request_otp`):
- Tests for successful OTP request with valid phone number
- Tests for error handling with invalid phone number format
- Tests for missing phone number parameter
2. **OTP Verification Endpoint** (`/api/v1/auth/verify_otp`):
- Tests for successful OTP verification
- Tests for error handling with invalid OTP code
- Tests for expired OTP codes
- Tests for non-existent user verification
All tests are implemented as integration tests, verifying the complete request/response cycle from the API endpoint through the authentication context to the database.
Cheers! ๐ท