This project implements a user authentication and registration system. This system allows users to:
- Enter their phone number.
- Authenticate using a password if already registered.
- Generate a 6-digit OTP for new users to verify and complete registration.
- Provide additional personal information (e.g., first name, last name, and email) after OTP verification.
- Rate Limiting: The system blocks users after 3 consecutive failed login attempts or incorrect OTP submissions. The blocking mechanism is based on both user attempts and IP address and lasts for 1 hour.
- Secure Handling: Secure token handling and password validation are incorporated for robust security.
The project includes a local_settings.py file (not included in the repository) with the following fields:
DEBUG = # Value should be True or False to set the debug mode
SECRET_KEY = # Django secret key used for cryptographic signing
DB_NAME = # Name of the database postgres
DB_PASSWORD = # Password for the database postgres
DB_HOST = # Database host (e.g., localhost or an IP address)
DB_USER = # Username for the database postgres
DB_PORT = # Port number for connecting to the database postgresMake sure to create this file locally and add the above configurations for running the project.
- Clone the repository.
- Navigate to the project directory.
- Install the required dependencies using:
pip install -r requirements.txt
- Create a
local_settings.pyfile as described above. - Run the Django migrations:
python manage.py migrate
- Start the development server:
python manage.py runserver
A Postman Collection is provided in the postman folder to facilitate API testing. Import it into Postman to test different endpoints.