benmmurphy

<?php 
header("Location: /token_verify.php");
?>

benmmurphy

<p>Please enter the code sent to you to verify your phone number.</p>
<form method="POST" action="/token_verify.php">
  <input type="text" name="token">
  <input type="submit" value="Verify">
</form>

<?php
  if ($error == "invalid_token") {
?>
  <div class="error">Invalid Token</div>

benmmurphy

<?php
if (!isset($_SESSION["msisdn_verification"])) {
  return "resend_token";
}
?>

benmmurphy

<?php
$details = $_SESSION["msisdn_verification"];
if (round(microtime(true) * 1000) > $details["created_at"] + EXPIRATION_TIME) {
  return "resend_token";
}
?>

benmmurphy

<?php
if ($details["attempts"] >= MAX_VERIFY_ATTEMPTS) {
  return "max_attempts";
}
?>

benmmurphy

<?php
if (hash_equals($token, $details["token"])) {
  $_SESSION["verified_msisdn"] = $details["msisdn"];
  unset($_SESSION["msisdn_verification"]);
  return TRUE;
}
?>

benmmurphy

<?php
$details["attempts"] = $details["attempts"] + 1;
$_SESSION["msisdn_verification"] = $details;
if ($details["attempts"] >= MAX_VERIFY_ATTEMPTS) {
  return "max_attempts";
} else {
  return "invalid_token";
}
?>

benmmurphy

Host * !gateway !*.*
  HostName %h.internal.domain
  ProxyCommand ssh gateway exec nc %h %p

benmmurphy

<?php
$verify = new ZenSend\Verify(API_KEY);

$username = $_POST["username"];
$user = USERS[$username];

if ($user && $user["password"] == $_POST["password"]) {
  session_start();
  $_SESSION["username"] = $username;
  $options = new ZenSend\VerifyOptions();

benmmurphy

<?php
$client = new ZenSend\Client(API_KEY);
$options = new ZenSend\VerifyOptions();
$options->message = "{{token}} is your COMPANY verification code";
$options->originator = "YOURCOMPANY";
$verify->create_session($user["msisdn"], $options);
$session = $client->create_msisdn_verification($msisdn, $options);
?>