So i wanted to try and implement something like otp for the site i have made. The working is something like this :
When a user logs in the site and the password gets accepted, a random 6 digit code is generated in the backend and an email is sent to the user's email id containing the code. (using default outgoing email)
After the login page, a new page opens up asking for the generated code, once entered directs the user to the desk.
Can this be done?
how do i send an email from the backend? is there an api / whitelist function ?
how do i add a new html page and load it after login page (but before desk) ?
Any help will be highly appreciated
Thank you @rmehta . That solves half of my problem.
use python code for generating 6 digit alphanumeric code write it in a white listed method at back end (possibly in api .py of your app) random alphanumeric generator and send it using sendmail() function
Thanks! That link was helpful.
Thats what i was thinking of doing so far. But i am still wondering how to restrict the login page from redirecting to the desk . I want the page to redirect to a new page which awaits for otp . And then once otp is satisfied, it redirects to desk . Any idea how i can achieve this?
Hey @ravindra_l , i tried to write a function in api.py of my app like you said, but it shows the msg "Not permitted " when the call to api is made. I read somewhere the whitelisted functions cant be called unless the user is logged in. Is there anywhere else i can write the function ?
pass allow_guest=True as an argument to frappe.whitelist
read it in frappe rest api
please refer rpc section of this https://frappe.github.io/frappe/user/guides/integration/rest_api.html
thanks @ravindra_l , that worked!!
Any idea what can be done for redirection ? i was thinking of an alternate method of showing a prompt (frappe.prompt or js prompt ) which accepts and validates. But how do i cancel the login process if otp is wrong ? which function to call or exception to throw ?