Authentication OTP with AWS SNS
## Compatibility
This starter is compatible with versions >= 2.6.1 of `@medusajs/medusa`.
## Configuration
Add the plugin to your medusa-config.ts file:
```js
import { loadEnv, defineConfig } from '@medusajs/framework/utils'
loadEnv(process.env.NODE_ENV || 'development', process.cwd())
module.exports = defineConfig({
modules: [
{
resolve: '@medusajs/medusa/auth',
dependencies: [Modules.CACHE, ContainerRegistrationKeys.LOGGER],
options: {
providers: [
{
resolve: '@zimpligital/medusa-plugin-auth-otp/providers/auth-otp',
id: 'auth-otp',
dependencies: [Modules.CACHE, ContainerRegistrationKeys.LOGGER],
options: {},
},
],
},
},
],
plugins: [
{
resolve: '@zimpligital/medusa-plugin-auth-otp',
options: {
awsSNSAccessKeyId: process.env.AWS_SNS_ACCESS_KEY_ID,
awsSNSAccessKeySecret: process.env.AWS_SNS_SECRET_ACCESS_KEY,
awsSNSRegion: process.env.AWS_SNS_REGION,
jwtSecret: process.env.JWT_SECRET,
otpConfigs: {
subject: 'UTECH-OTP',
message:
'Your verification code is {otp} (ref. :{ref_code}) please verify within 90 secs',
expiry: 90,
webUrl: process.env.MEDUSA_FRONTEND_URL,
},
},
},
],
})
```
## ENV variables
Add the environment variables to your .env
AWS_SNS_ACCESS_KEY_ID=
AWS_SNS_SECRET_ACCESS_KEY=
AWS_SNS_REGION=
MEDUSA_FRONTEND_URL=
## Provided APIs
- Request OTP
path: `{backend_url}/auth/customer/auth-otp/request`
method: `POST`
body:
```js
{
"phone": "0999999999",
"country_code": "66"
}
```
Responses
Success
```js
{
"otp_request": {
"id": "otp_r_01JP9E4JEQ8VWYRYG43R2KDKRR",
"country_code": "66",
"phone": "0999999999",
"ref_code": "OEJC7J",
"expired_at": "2025-03-14T04:22:28.521Z",
"attempts": 0,
"status": "pending",
"created_at": "2025-03-14T04:20:58.455Z",
"updated_at": "2025-03-14T04:20:58.528Z",
"deleted_at": null
},
"token": "eyJhb..."
}
```
Failed 1: Too many requests
```js
{
"code": "TOO_MANY_REQUESTS",
"type": "invalid_data",
"message": "Too many requests, please try again after 90 seconds"
}
```
---
- Verify OTP
path: `{backend_url}/auth/customer/auth-otp/verify`
method: `POST`
body:
```js
{
"phone": "0999999999",
"otp": "703147",
"ref_code": "FT0VNS"
}
```
Responses
Success
```js
{
"success": true,
"message": "OTP verified successfully",
"token": "eyJhbG..."
}
```
Failed 1: Request not found
```js
{
"code": "NOT_FOUND",
"type": "not_found",
"message": "Pending OTP request not found for phone: 0932856661 and ref_code: FT0VNS"
}
```
Failed 2: OTP expired
```js
{
"code": "OTP_EXPIRED",
"type": "invalid_data",
"message": "OTP request expired"
}
```
Failed 3: OTP is invalid
```js
{
"code": "INVALID_OTP",
"type": "invalid_data",
"message": "OTP is invalid"
}
```
Failed 4: OTP Attempts Exceeded
```js
{
"code": "OTP_ATTEMPTS_EXCEEDED",
"type": "invalid_data",
"message": "OTP attemps exceeded"
}
```