Phone authentication

zorox · March 29, 2021, 8:12am

how to set up user with phone authentication only (without the need for email)?
the process will mainly use phone number as the login username … reset-password will use OTP sent to phone… etc
so mainly is to drop the need of email for the user

sunnyson · March 29, 2021, 10:26am

Take a look at how the Authentication currently works:

github.com

strapi/strapi/blob/master/packages/strapi-plugin-users-permissions/controllers/Auth.js

'use strict';

/**
 * Auth.js controller
 *
 * @description: A set of functions called "actions" for managing `Auth`.
 */

/* eslint-disable no-useless-escape */
const crypto = require('crypto');
const _ = require('lodash');
const grant = require('grant-koa');
const { sanitizeEntity } = require('strapi-utils');

const emailRegExp = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
const formatError = error => [
  { messages: [{ id: error.id, message: error.message, field: error.field }] },
];

module.exports = {

This file has been truncated. show original

After understanding how it works you should be able to create your custom routes/controllers to manage phone login.

Create a new route for logging in by phone and use the desired users-permissions services there.

For example, to issue a jwt token for the user, you can use the users-permissions’s jwt.issue service:

let jwt = await strapi.plugins['users-permissions'].services.jwt.issue({
  id: user_id
})

LuisAlaguna · June 18, 2021, 8:49am

Did you try this?

mayankb12 · August 19, 2022, 7:20am

Hello, I have setup the same feature on this github repo - https://github.com/mayank-budhiraja/strapi-with-otp-integration

A user is authenticated only through the OTP verification and all auth requests are made using the JWT token.