Skip to content

michaeljd/verify

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
lib
lib
 
 
spec
spec
 
 
.rspec
.rspec
 
 
.tool-versions
.tool-versions
 
 
Gemfile
Gemfile
 
 
Gemfile.lock
Gemfile.lock
 
 
README.md
README.md
 
 

Repository files navigation

Ownership Verification

Glossary

source: Email address, mobile phone number, etc. code: Verification code generated by verification service

Flow

  1. App requests confirmation of a particular source.
  2. Verification system generates code
  3. Verification system sends code in verification email/sms/etc.
  4. Verification encrypts and returns code + source
  5. App requests user input code that was sent to source
  6. User enters code into app input, form submitted with source, code, and JWE
  7. Verification system compares source and code submitted by form with source and code inside the JWE.

Actions

Request verification

  • Generate security code (simple string, i.e. 4 digit number)
  • Send email, sms, etc. containing code to source
  • Build JWE from a source (email, phone) with the code
  • Return JWE

Confirm verification

  • Check JWE source + code VS payload source + code
  • Return signed JWT with source (for external systems)

About

Verify that someone owns a thing

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages