...
8. Sunbird will have phone based throttling. API throttling or OTP API Throttling-- OTP generation will have following setting :...
Table structure to store OTP:
| Key | data type | purpose |
|---|---|---|
| idtype+key | text (composite primary key) | |
| type | text | possible values are email or phone. Based on type we can identify key having value as email or phone |
| key | text (encrypted in DB) | source against which OTP is generated (key will have value as either email or phone) |
| OTP | text | generated OTP |
| createdOn | timestamp | at which time it was generated |
...
1. Use TTL and cassandra will automatically removed that records from table. (Accepted solution: OTP cleanup will happen based on ttl)
2. When ever user try next time , and then based on business logic if he is applicable for new OTP then remove old one
...
- Sending SMS or Email are Async call , if format is valid it will return success , but later it will try to send it that might got failure.
- As SMS gate way will have api to check delivery reports : https://docs.msg91.com/collection/msg91-api-integration/5/delivery-report/T19VM23R
- Msg91 provides webhooks to get delivery reports , so instead of we making call to get reports , we can use webhook: https://help.msg91.com/article/56-how-can-i-get-the-delivery-reports-on-my-url-through-api-what-is-the-reason-for-not-getting-report-on-my-url
- possibility to attach a scheduler to get the status based on messageId and update the status in DB
- In case of email how can we confirm delivery reports? ( In this release we are not using any delivery reports)
- What will happen if delivery reports indicates failure ? (cases like blocked or invalid numbers)
- What should be frequency to get OTP delivery reports? ( In this release we are not using any delivery reports)